Privacy Policy

Information We Collect

Account Information. When you register, we collect your name, email address, company name, and role. If you sign up via Google OAuth, we receive your name and email address only -- we do not request access to your contacts, calendar, drive, or any other Google data.

Business Data. Data you enter into WAAI in the course of managing your business, including customer records, work orders, invoices, equipment details, inventory, and technician information. This data belongs to you and is stored on your behalf.

Usage Analytics. We collect anonymized usage data such as pages visited, features used, session duration, and browser type. This helps us understand how WAAI is used and where to focus improvements.

Google OAuth

WAAI offers Google as a sign-in option. When you authenticate with Google, we receive only your name and email address. We do not request any additional Google scopes or permissions. We do not access your Google Drive, Gmail, Calendar, or any other Google service. Your Google password is never shared with us -- authentication is handled entirely by Google.

Payment Processing

Payments are processed through Stripe. When you provide payment information, it is sent directly to Stripe and is never transmitted to or stored on WAAI servers. We do not have access to your full credit card number. Stripe may store your payment details in accordance with their own privacy policy and PCI-DSS compliance standards. For more information, see Stripe\u2019s Privacy Policy.

QuickBooks Integration

If you connect your QuickBooks account, WAAI syncs relevant business data (such as invoices and customer records) between WAAI and your connected QuickBooks account. Data shared with QuickBooks is governed by Intuit\u2019s privacy policy. You can disconnect QuickBooks at any time, which stops future data syncing. Previously synced data remains in your QuickBooks account per Intuit\u2019s data retention practices.

Database and Authentication

WAAI uses Supabase for database hosting and user authentication. Your data is stored in a PostgreSQL database with row-level security that isolates each business tenant\u2019s data. Data is encrypted in transit (TLS) and at rest. Supabase\u2019s infrastructure is hosted on AWS. For more information, see Supabase\u2019s Privacy Policy.

Cookies and Local Storage

WAAI uses browser local storage to maintain your session. Specifically, we store:

• JWT authentication tokens -- to keep you signed in across page loads
• Active tenant ID -- to remember which business environment you were last using
• UI preferences -- such as sidebar state or theme settings

We do not use third-party tracking cookies. We do not serve advertisements. No data from local storage is shared with external parties.

Text Messaging (SMS)

Opt-in mechanism. You may opt in to receive SMS messages from a business that uses WAAI by checking the SMS consent box on your customer profile, which the business updates on your behalf or you confirm directly. We never enroll you in SMS without an affirmative opt-in action.

Message types and frequency. Once opted in, you may receive transactional SMS such as appointment reminders, on-the-way notifications, and a one-time confirmation message after opt-in. Frequency varies by your service schedule.

Carrier disclosure. Message and data rates may apply. Reply STOP to any message to opt out. Reply HELP for help.

Tenant user (staff) SMS. Staff members of a business that uses WAAI may also receive operational SMS as part of their use of the platform, such as new-booking notifications and emergency-appointment alerts. By providing a mobile number when joining a business in WAAI, staff consent to receive these operational messages. Staff may opt out at any time by replying STOP to any message.

No third-party sharing. We do not share or sell SMS opt-in data, mobile numbers, or message content with third parties for marketing purposes. Mobile information is used solely to deliver the SMS messages you have consented to receive. Twilio is used as the SMS delivery vendor and processes messages on our behalf under their data processing terms.

How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the WAAI platform
• Authenticate your identity and manage your account
• Process payments and manage billing
• Send transactional emails (invoices, account notifications)
• Improve the platform based on aggregated usage patterns
• Respond to support requests

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Data Retention and Deletion

Your business data is retained for as long as your account is active. If you cancel your subscription, we retain your data for 30 days to allow for reactivation or export. After 30 days, your data is permanently deleted and cannot be recovered.

You may request deletion of your account and all associated data at any time by contacting us at support@the-waai.com. We will process deletion requests within 30 days, subject to any legal obligations to retain certain records.

Data Security

We implement industry-standard security measures including encrypted connections (TLS), encrypted data at rest, row-level database security, and restricted access controls. While we take reasonable precautions to protect your data, no method of electronic transmission or storage is 100% secure.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice in the application at least 30 days before the changes take effect. Your continued use of WAAI after any changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

WAAI
Email: support@the-waai.com
Website: the-waai.com