Privacy Policy

• Account data: email, password hash (bcrypt, 12 rounds), display name, role flags, the IP address you sign in from, and the IANA timezone of your device.
• Booking preferences:service types, neighbourhood / postal-code radius, preferred time windows. A note like “I need an RMT” is treated as personal health information.
• Payment data: handled by Stripe Canada. We store only the Stripe customer + payment-intent IDs; we never see your card number.
• Practitioner data: legal name, registration number, clinic affiliations, photo, bio.
• Operational logs: verification probes, booking lifecycle, anti-abuse signals.

• Database: Neon Postgres, Canadian region (ca-central-1, Montréal).
• Compute: Vercel. During pre-launch dev some processing transits US infrastructure (US compute region); we are migrating to yyz1 (Toronto) before public launch.
• File storage: Vercel Blob (currently US). Profile photos are the only files stored. We will reassess Canadian alternatives before launch.
• Email: Resend (transactional only).
• Push notifications:the operating system's vendor (Apple / Google / Mozilla) per the Web Push standard.

To match you with last-minute openings, run booking and payment, send confirmation and cancellation emails / push notifications, prevent fraud and abuse, and meet our regulatory obligations. We do not sell personal information, do not share it with advertisers, and do not run third-party ad pixels.

Practitioner identity is not revealed to a client until the client commits to a booking. The Today/Tomorrow feed shows clinic name + practitioner initials only. This is a product guarantee, not a marketing claim.

You can access, correct, export, or delete your account data at any time by emailing privacy@bookwithgrace.ca. We will respond within 30 days. You may withdraw consent for non-essential processing (e.g. push notifications) without losing the ability to make bookings.

• Account profile: until you delete the account.
• Booking + payment records: 7 years (CRA + tax law).
• Verification logs: 24 months for audit, then anonymised.
• Push subscription endpoints: until you unsubscribe.

Grace is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a minor has signed up, email privacy@bookwithgrace.ca and we will remove the account.

Privacy Officer: privacy@bookwithgrace.ca. If you are not satisfied with our response, you may complain to the Office of the Privacy Commissioner of Canada (priv.gc.ca) or the Office of the Information and Privacy Commissioner for British Columbia (oipc.bc.ca) / Ontario (ipc.on.ca).