Privacy Policy

Effective Date: May 18, 2026 · Last Updated: May 18, 2026

SnipandGlow ("we," "us," or "our"), operated by Pixalara LLP, provides the website snipandglow.com and the SnipandGlow salon management platform including WhatsApp Business API integration. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.

1. Information We Collect

Personal Information (Salon Owners / Users)

  • Account details: Name, email address (via Google OAuth), and phone number (verified via WhatsApp OTP)
  • Business information: Salon name, address, staff details, services offered, and working hours
  • Billing data: Subscription plan, payment history, and invoice records

Customer Data (Your Salon's Clients)

  • Client names, phone numbers, appointment history, billing records, and feedback that you or your customers enter into the platform
  • WhatsApp conversation data including messages sent/received through the platform for appointment booking, reminders, and notifications

WhatsApp Messaging Data

  • Phone numbers of customers who interact with your salon via WhatsApp
  • Message delivery status (sent, delivered, read, failed)
  • Template messages sent (appointment confirmations, reminders, marketing broadcasts)
  • Customer replies and button interactions within WhatsApp conversations

Usage Data

  • Browser type, device information, IP address, pages visited, and interaction patterns
  • Feature usage analytics to improve our product

2. How We Use Your Data

  • Provide our service: Manage appointments, send WhatsApp reminders and confirmations, generate invoices, and run your salon operations
  • WhatsApp Business messaging: Send appointment confirmations, reminders, invoices, feedback requests, and marketing broadcasts on your behalf to your customers
  • Improve the product: Analyze usage patterns to build better features
  • Communicate: Send service updates, billing notifications, and support responses
  • Security: Detect and prevent fraud, abuse, or unauthorized access

3. WhatsApp Business API Compliance

SnipandGlow uses the Meta WhatsApp Business APIto enable salon owners to communicate with their customers. We comply with Meta's Business Messaging Policy and WhatsApp Business Policy:

  • Consent: Messages are only sent to customers who have initiated contact with the salon via WhatsApp, booked an appointment, or explicitly opted in to receive communications
  • Purpose limitation: WhatsApp messages are used solely for appointment management, service notifications, and salon-related communications
  • Opt-out: Customers can stop receiving messages at any time by replying "STOP" or by requesting removal from the salon's customer list
  • No spam: We do not send unsolicited messages. Marketing messages are only sent to existing customers with prior business relationship
  • Data minimization: We only collect and process the minimum data necessary to provide the messaging service
  • Template compliance: All business-initiated messages use Meta-approved templates

4. Data Storage and Security

Your data is stored on Supabase infrastructure with enterprise-grade security. We use industry-standard encryption (TLS 1.3 in transit, AES-256 at rest) and follow security best practices including row-level security policies, regular backups, access controls, and secure token storage.

  • WhatsApp access tokens are stored encrypted and never exposed in client-side code
  • Customer phone numbers are stored in E.164 format with tenant-level isolation
  • Message logs are retained for service delivery and dispute resolution purposes

5. Third-Party Services

We share data with the following third-party services only as necessary to operate our platform:

  • Google OAuth: For secure authentication — we receive your name and email from Google
  • Meta / WhatsApp Business API: To send and receive WhatsApp messages on behalf of salon owners to their customers. Meta processes message delivery and may retain message metadata per their own privacy policy
  • Vercel: For hosting and serving the web application
  • Razorpay: For processing subscription payments securely

We do not sell, rent, or trade your personal information or your customers' data to any third party for marketing purposes.

6. Data Retention

  • Account data: Retained for as long as your account is active. After cancellation, retained for 90 days then permanently deleted
  • WhatsApp message logs: Retained for 90 days for service delivery verification, then automatically purged
  • Customer session data: WhatsApp conversation sessions expire after 24 hours of inactivity
  • Appointment data: Retained as long as your account is active for business continuity

You may request earlier deletion of any data at any time.

7. Your Rights

You have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request permanent deletion of your account and all associated data
  • Export: Download your data in a machine-readable format (JSON/CSV)
  • Withdraw consent: Opt out of non-essential communications at any time
  • Object to processing: Object to the processing of your data for specific purposes

To exercise any of these rights, email us at snipandglow.support@pixalara.com.

8. Your Customers' Rights

Customers of salons using SnipandGlow have the right to:

  • Stop receiving WhatsApp messages by replying "STOP" or contacting the salon
  • Request deletion of their data from the salon's database
  • Know how their phone number and appointment data is being used

Salon owners are responsible for ensuring they have appropriate consent from their customers before using WhatsApp messaging features.

9. Cookies

We use essential cookies to maintain your login session and preferences. We do not use third-party advertising or tracking cookies. Analytics data is collected server-side without invasive browser tracking.

10. Children's Privacy

SnipandGlow is a business tool designed for salon owners and professionals. Our service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a minor has provided us with personal data, please contact us and we will promptly delete it.

11. International Data Transfers

Your data is primarily stored and processed in India. When using WhatsApp Business API, message data may be processed by Meta's infrastructure in accordance with Meta's data processing terms. We ensure appropriate safeguards are in place for any data transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: