Sody App Privacy Policy

1. Introduction

Sody App Pte. Ltd. ("Sody," "we," "us," or "our") is committed to protecting the privacy of our users ("users," "you," or "your"). Sody operates a platform that connects consumers with beauty and wellness salons and professionals. This platform includes:

• Sody App: The mobile application for consumers to browse, book, and pay for salon services.
• Sody Partner: The mobile application for salons and professionals to manage their business, bookings, and customer interactions.
• Our website: sody.app and any related services.

These are collectively referred to as the ("Platform"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Platform.

This Privacy Policy complies with the Personal Data Protection Act 2012 of Singapore (PDPA) and other applicable data protection laws.

By accessing or using the Platform, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Platform.

2. Information We Collect

We collect the following types of information:

2.1 Information You Provide Directly:

• Account Information: When you create an account (either as a Consumer or a Salon), we collect your name, email address, and password. You may also choose to provide additional information, such as your phone number, profile picture, date of birth, and gender. Salons are required to provide additional information, including business name, UEN (or legal name), business address, and bank account details.
• Booking Information: When you make a booking, we collect information about the requested service, date, time, Salon, and any special requests or instructions.
• Salon Information (Sody Partner): Salons provide information about their services, pricing, availability, cancellation policies, and business details.
• User Content: We collect any content you submit to the Platform, including reviews, ratings, photos, videos, and communications through the in-app chat.
• Communications: When you contact us (e.g., via email, in-app chat, or customer support), we collect the content of your communications.
• Payment Information: While we use PayNow for payment processing and do *not* store full credit card details, we may collect and store limited transaction information, such as the date, time, amount, and the last four digits of your payment method identifier (if applicable). We also collect and store information related to your PayNow account as needed to facilitate transactions.
• Sensitive Information (Optional): If you choose to provide us with sensitive personal information, such as health conditions or allergies, when booking an appointment or communicating with a Salon, we will only use this information to facilitate the provision of the requested services and will handle it with extra care as required by applicable law. You are not required to provide us with sensitive information.

2.2 Information Collected Automatically:

• Usage Data: We collect information about how you use the Platform, including the features you use, pages you visit, Salons you view, searches you conduct, and booking activity.
• Device Information: We collect information about the device you use to access the Platform, including the device type, operating system, unique device identifiers (e.g., device ID, advertising ID), and mobile network information.
• Location Information: With your consent, we collect precise location information from your device using GPS, Wi-Fi, and other location technologies. You can enable or disable location services through your device settings. We use this information to provide location-based features, such as finding nearby Salons.
• Log Data: Our servers automatically record information ("log data") created by your use of the Platform. This may include your IP address, browser type, referring/exit pages, operating system, date/time stamps, and clickstream data.
• Cookies and Similar Technologies: We use cookies and similar technologies (e.g., web beacons, pixels) to collect information about your activity, browser, and device. Cookies are small text files stored on your device. We use them for authentication, remembering user preferences, personalizing content, and analyzing usage. You can control cookies through your browser settings, but disabling them may affect the functionality of the Platform.
• Calendar Data (Sody Partner - with consent): If a Salon chooses to use the calendar synchronization feature in Sody Partner, we will access their calendar data to facilitate booking management. This access is only with the Salon's explicit consent, and the data is used solely for this purpose.

2.3 Information from Third Parties:

• Social Media: If you choose to link your Sody account with a social media account (e.g., Facebook), we may receive information from that social media platform, such as your name, profile picture, and email address, in accordance with the social media platform's authorization procedures.
• Third-Party Partners: We may receive information about you from third-party partners, such as marketing partners or data analytics providers. This information is used to improve our services and personalize your experience.

3. How We Use Your Information

We use your information for the following purposes:

• Providing and Managing the Platform: To operate, maintain, and improve the Platform, including providing customer support, processing bookings, facilitating payments, and developing new features.
• Personalization: To personalize your experience on the Platform, such as recommending Salons, services, or content based on your preferences and past activity.
• Communication: To communicate with you about your account, bookings, updates to the Platform, and other service-related matters. We may also send you marketing communications (with your consent where required by law), which you can opt out of at any time.
• Analytics and Research: To analyze usage trends, understand how users interact with the Platform, and conduct research to improve our services.
• Security and Fraud Prevention: To protect the security and integrity of the Platform, detect and prevent fraud, and enforce our Terms of Service.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and government requests.
• Facilitating Salon Operations (Sody Partner): For Salons, we use information to manage bookings, communicate with customers, process payments, and provide other features of the Sody Partner app.

4. How We Share Your Information

We may share your information in the following circumstances:

• With Salons (for Consumers): When you make a booking, we share necessary information with the Salon to facilitate the service, including your name, contact information, booking details, and any special requests.
• With Consumers (for Salons): We share Salon information with Consumers, including business name, address, services offered, pricing, availability, and reviews.
• With Service Providers: We share information with third-party service providers who assist us in operating the Platform, such as payment processors (PayNow), cloud storage providers, data analytics providers, and marketing service providers. These service providers are contractually obligated to protect your information and only use it for the purposes we specify.
• With Legal Authorities: We may disclose your information to legal authorities if required by law, legal process, or government request, or if we believe it is necessary to protect the rights, property, or safety of Sody, our users, or others.
• Business Transfers: If Sody is involved in a merger, acquisition, sale of assets, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
• With Your Consent: We may share your information with other third parties with your explicit consent.
• Aggregated or De-identified Data: We may share aggregated or de-identified data that cannot reasonably be used to identify you with third parties for research, analytics, or other purposes.

5. Legal Basis for Processing (Where Applicable)

This section is OPTIONAL and only needed if you have users from GDPR-affected area

Where applicable under the General Data Protection Regulation (GDPR) or other relevant data protection laws, we rely on the following legal bases for processing your personal information:

• Performance of a Contract: We process your information to fulfill our contractual obligations to you, such as providing the Platform and facilitating bookings.
• Consent: We may process your information based on your consent, such as for marketing communications or collecting precise location data. You can withdraw your consent at any time.
• Legitimate Interests: We may process your information based on our legitimate interests, such as improving the Platform, preventing fraud, and conducting analytics, provided that these interests are not overridden by your data protection rights.
• Legal Obligation: We may process your information to comply with legal obligations.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including providing the Platform, complying with legal obligations, resolving disputes, and enforcing our agreements. The specific retention period may vary depending on the type of information and the purpose of processing. When your information is no longer needed, we will securely delete or anonymize it.

7. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, access controls, data minimization, and regular security assessments. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

8. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from someone under 18, we will take steps to delete it as soon as possible. If you are a parent or guardian and believe that your child under 18 has provided us with personal information, please contact us.

9. Your Rights and Choices

You have certain rights regarding your personal information, subject to applicable law. These rights may include:

• Access: You have the right to request access to the personal information we hold about you.
• Correction: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
• Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., we may need to retain information to comply with legal obligations).
• Withdrawal of Consent: Where we process your information based on consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
• Data Portability: In some cases, you may have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format.
• Objection: You may have the right to object to the processing of your personal information in certain circumstances.
• Restriction: You may have the right to request that we restrict the processing of your personal information in certain circumstances.

To exercise these rights, please contact us using the contact information provided below. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

10. International Data Transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. When we transfer your information to other countries, we will take appropriate measures to protect your personal information in accordance with this Privacy Policy and applicable law, including the PDPA. This may include implementing standard contractual clauses or relying on other approved transfer mechanisms.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on the Platform and update the "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after the posting of changes constitutes your acceptance of such changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Sody App Pte. Ltd.
68 Circular Road #02-01
Singapore 049422

Email: [email protected]

You may also contact our Data Protection Officer at [email protected]