Effective Date: 21-08-2025
Company: BarrberBuddy, Sole Proprietorship registered under MSME, India || Owner: Nilanshu Sharma
Head Office : iStart Nest, Gumanpura, kota, Rajasthan, india
Jurisdiction: Kota, Rajasthan, India
1.1 BarrberBuddy (“Company”, “we”, “us”, “our”) provides a paid software-as-a-service platform with freemium/promotional access for limited periods, enabling salons, barbers and end customers to manage and book services via our Android/iOS mobile apps (and future web interface).
1.2 This Privacy Policy explains how we collect, use, disclose, store and protect Personal Data and Usage Data when: (a) you use the BarrberBuddy mobile app; (b) you are a salon partner using our B2B features and dashboards; (c) you visit any future BarrberBuddy website or in-app web views; or (d) you interact with us by email, phone or support channels.
1.3 This single policy is designed to satisfy Google Play / Apple App Store listing requirements and in-app disclosures, provided it is accurate and accessible from the store listing and inside the app. (Termly, Apple Developer)
2.1 Customer: An individual booking or using salon services through the App.
2.2 Salon Partner: A business subscribing to BarrberBuddy (including salon admins and staff).
2.3 Personal Data: Any information relating to an identified or identifiable individual (e.g., name, contact, appointment details, precise location, identifiers).
2.4 Usage Data/Device Data: Technical data collected automatically (IP address, device model, OS, app version, time stamps, crash logs, performance metrics).
2.5 Data Fiduciary / Data Principal: Terms used by India’s Digital Personal Data Protection Act, 2023 (DPDP Act) - roughly comparable to “controller/data subject.” We act as Data Fiduciary for most end-user Personal Data; salons may also act as independent fiduciaries for their offline processing. The DPDP Act recognizes Data Principal rights including access, correction, erasure and grievance redressal. (MeitY, Latham & Watkins)
2.6 Processors/Service Providers: Vendors processing data on our behalf (e.g., Firebase analytics/crash reporting, cloud hosting, notification services, optional payment gateways).
Note: This structure, definitions and layout are modeled on a SaaS privacy template and adapted for BarrberBuddy’s app-first context.
3.1 Data you provide
Account & Profile (Customer & Salon Partner): name, phone, email; salon branding (name, logo, colors), staff/baber profiles; services & pricing; preferences and feedback.
Appointments & Transactions: booked services, time/date, assigned barber, status, notes, offers, coupons, in-app communications.
Support/Comms: messages, email/phone interactions, call-logs metadata where legally permitted.
3.2 Data we collect automatically
Device/Usage: IP address, device model/OS, app version, unique identifiers, pages/screens viewed, time spent, referral links, crash/performance logs.
Cookies & Similar Tech (for future web): Session/functional cookies, analytics and performance cookies; cookie details will be provided in our Cookie Notice on launch of web. (Modeled on standard SaaS practice.)
3.3 Location Data (including background)
We collect precise location when you grant permission, including when the app runs in the background, to: (a) show nearby salons; (b) calculate distance/ETA; (c) support location-based notifications and scheduling; and (d) improve reliability/anti-fraud. Android/iOS provide controls to allow once, while using, or always. Disabling location may limit features. (Google Play has specific background-location compliance expectations and justification requirements; iOS presents system prompts and App Privacy disclosures.) (Google Help, Apple, Apple Developer)
3.4 Payment Data (future/when enabled)
We use PCI-compliant payment gateways (e.g., UPI partners or card processors). We do not store card/UPI credentials on BarrberBuddy servers; gateways process payments directly and share limited payment status with us.
3.5 Children/Minors
The App is not directed to children. In India, a “child” is under 18; processing children’s data generally requires verifiable parental consent and prohibits tracking/targeted advertising to children. We do not knowingly process data of users under 18 without guardian consent and will disable targeted marketing and tracking features for such users. (MeitY, Tech Policy Press)
4.1 To perform our contract with you (provide core features; manage accounts, appointments, notifications; provide salon dashboards).
4.2 With consent (e.g., background location, marketing communications, AI training where required, marketplace data sharing once launched).
4.3 Legitimate uses under Indian law: fraud/security, debugging, analytics necessary for service improvement, compliance with legal obligations, and grievance redressal. (Carnegie Endowment)
Operate, maintain and improve the App, back-office dashboards and future web features.
Provide analytics and reports to Salon Partners concerning their customers and operations.
Display salon-specific branding and personalized experiences.
AI/ML improvement: We may use de-identified or aggregated data to train and evaluate models (e.g., hairstyle simulator, recommendations), and to enhance fraud detection, scheduling efficiency, and reliability.
Communications: confirmations, reminders, service notices, policy updates, and optional marketing (with opt-out).
Compliance & security: detect, prevent, and respond to abuse, fraud, or security incidents; handle grievances and legal requests.
This “Use” section mirrors and expands common SaaS practices, adapted from a standard template.
We may share data with:
(a) Salon Partners you interact with (e.g., your booking details with the chosen salon);
(b) Service Providers (cloud, analytics, crash reporting, messaging, payment gateways);
(c) Corporate transactions (merger, asset sale);
(d) Legal: to comply with law/court orders and to protect rights, security, and integrity.
We do not sell Personal Data.
Third-party SDKs in use (examples, not exhaustive): Google Play Services, Firebase Analytics, Firebase Crashlytics (each with its own privacy policy and retention). (Apple Developer)
7.1 We retain Personal Data only as long as needed for the purposes set out in this Policy or as required by law (e.g., tax, accounting, disputes). The SPDI Rules also require purpose-linked retention and deletion thereafter. (CIS India)
7.2 Customers may request deletion (Section 12). For Salon Partners, operational/customer records may be retained for legitimate legal and business purposes, even after subscription ends (e.g., to maintain audit logs, resolve disputes, comply with law).
We may process/store data on servers located outside India (e.g., global cloud regions). Under the DPDP framework, cross-border transfers may proceed except to countries restricted by government notification; we will align with any “negative list” restrictions once notified. We implement safeguards appropriate to the transfer and service. (Securiti)
9.1 We implement reasonable security practices and procedures to protect data from unauthorized access, alteration, disclosure or destruction (access controls, encryption in transit/at rest where applicable, network segmentation, backups, vulnerability management). The IT Act/SPDI Rules require adoption of such “reasonable security practices” and publication of a Grievance Officer for redressal. (India Code)
9.2 No guarantees: No system is 100% secure; residual risk remains despite safeguards.
In case of a data breach that is likely to cause significant harm, we will investigate, mitigate, and notify affected users and/or authorities as required by applicable law and forthcoming DPDP Rules on breach notification. (Lexology)
11.1 Permissions: You can revoke Location, Notifications, Background processing in device settings (features may degrade). Google Play has specific background-location rules and review — our listing will explain why we request it. (Google Help)
11.2 Marketing: You can opt out via in-app settings or unsubscribe links.
11.3 Cookies (web): Manage via browser settings and our Cookie banner (when web launches).
Subject to applicable law, you may:
Access/Information: Know what data we process and obtain a copy.
Correction/Update: Rectify inaccurate data.
Erasure: Request deletion when no longer necessary or where consent is withdrawn (unless retention is legally required).
Grievance Redressal: Use the mechanisms in Section 13.
Nominate: Appoint another person to exercise your rights in case of death or incapacity (DPDP right to Nominate). (MeitY, Latham & Watkins)
13.1 Grievance Officer (India) — as required by the IT Act/SPDI Rules, we appoint and publish contact details. We aim to resolve grievances within one month of receipt. (DataGuidance)
Name: Nilanshu Sharma
Email: Nilanshu@BarrberBuddy.in, copy to BarrberBuddy@gmail.com
Address: iStart Nest, Gumanpura, Kota, Rajasthan, India
13.2 Data Protection Queries: For access/erasure/correction requests, email BarrberBuddy@gmail.com with subject “Privacy Request”.
14.1 Google Play disclosures: Our store listing will clearly explain why background location is needed and restrict access to the minimum necessary, consistent with Play policy. (Google Help)
14.2 Apple App Store disclosures: We will accurately complete App Privacy labels (data types collected; purposes such as analytics; tracking status) and present ATT prompts if we ever track across apps/sites. (Apple Developer, Apple Support)
15.1 Salon environments: Each salon’s app experience is branded and siloed; Customer booking data for that salon is visible to the salon. We may also provide aggregated insights and benchmarks.
15.2 Marketplace (future): If/when a cross-salon marketplace is launched, some Customer data and salon metadata will be used to enable browsing and booking across salons. We will update this Policy and the in-app notice before enabling marketplace sharing; you can opt out where legally required.
15.3 No performance guarantees: We do not promise increased revenue, footfall, or ratings through use of BarrberBuddy.
16.1 We may use de-identified and/or aggregated data to train and evaluate ML models (e.g., hairstyle simulation; scheduling optimization). Where we rely on consent, we will surface a clear in-app toggle; where we rely on legitimate uses, we will apply strict safeguards and allow opt-out where feasible.
16.2 We do not use raw media or sensitive identifiers for public release without consent.
When payments are enabled, processing is performed by third-party gateways. We receive only limited information (payment status, masked identifiers) and do not store full card/UPI credentials on BarrberBuddy servers.
18.1 Personal Data belongs to the individual (Customer/Staff) under Indian law; we are custodians/fiduciaries of that data. We may generate and own Platform Data and Derived Analytics (aggregated statistics, performance metrics, models), which do not identify individuals.
18.2 Salon Access: On request and subject to law, we may supply a salon with its customer and transaction data recorded through BarrberBuddy during the subscription term. We may retain archival copies and logs for legitimate purposes (security, accounting, dispute resolution).
We do not knowingly allow registration by users under 18 in India without guardian consent. We avoid behavioral tracking or targeted advertising to children and will disable such features for identified minor accounts. (Tech Policy Press)
Links to third-party sites/services have their own privacy terms. We are not responsible for their content or practices.
We may update this Policy to reflect legal, technical or business changes. We will post updates in-app and on the store listing, and update the Effective Date above. Continued use after changes means you accept the revised Policy.
For privacy concerns, requests, or complaints, contact us at:
BarrberBuddy
Registered Sole Proprietorship under MSME
iStart Nest, Gumanpura, Kota, Rajasthan, India
Email: Nilanshu@BarrberBuddy.in, copy to BarrberBuddy@gmail.com