Legal

Privacy Policy

We believe your data is yours. This policy explains exactly what we collect, why we collect it, and how we protect it.

📅 Effective: 1 January 2025 🔄 Last updated: 1 January 2025 🌐 Applicable in India

01 Who We Are

Zapiro ("we", "our", "us") is a WhatsApp-based appointment booking platform operated in India. Our platform is accessible at zapiro.in and enables customers to book appointments with service vendors via WhatsApp.

This Privacy Policy applies to all users of our platform — customers who book appointments, vendors who register their businesses, and visitors to our website.

Simple version: We are Zapiro, an Indian company that helps beauty and wellness businesses manage bookings via WhatsApp. This policy tells you what data we handle and how.

02 Information We Collect

From Customers

  • Name and mobile phone number (provided during booking)
  • WhatsApp messages sent to our booking bot
  • Booking details — service chosen, date, time, vendor
  • Payment transaction references (booking fee only)
  • Device type and browser (for technical compatibility)

From Vendors

  • Business name, owner name, and contact details
  • Business address, city, and location coordinates
  • Business category and service listings
  • WhatsApp Business Account details (Phase 2)
  • Bank account or UPI details for subscription billing
  • Business logo and profile photos (if uploaded)

Automatically Collected

  • IP address and approximate location
  • Pages visited and time spent on our platform
  • Referral source (how you found us)

03 How We Use Your Data

We use the information collected for the following purposes only:

  • To process and confirm appointment bookings
  • To send WhatsApp booking confirmation messages
  • To send automatic reminder messages 1 hour before appointments
  • To identify the correct vendor when a customer initiates booking
  • To process booking convenience fee payments via Razorpay
  • To manage vendor accounts, subscriptions, and dashboards
  • To send service updates, platform announcements, or support responses
  • To improve our platform features and fix technical issues
  • To comply with applicable Indian laws and regulations

We do not use your data for advertising, profiling, or sell it to any third party for commercial purposes.

04 WhatsApp & Messaging

Our platform uses the Meta WhatsApp Cloud API to deliver booking confirmations and reminders. By interacting with our WhatsApp bot, you agree that:

  • Your phone number is used to identify your booking session
  • Messages sent to and from the Zapiro WhatsApp number are logged for operational purposes
  • Your conversation data is stored securely in our database
  • Message logs are accessible to the relevant vendor and Zapiro admin for support purposes
  • We only send transactional messages — booking confirmations, reminders, and support replies

Note: We will never send promotional or marketing messages via WhatsApp without your explicit opt-in. You can opt out of reminders by contacting support@zapiro.in.

05 Payment Information

Zapiro collects only a small booking convenience fee (₹5–₹50) from customers. All payment processing is handled by Razorpay, a PCI-DSS compliant payment gateway.

  • We do not store your credit/debit card numbers or CVV
  • We do not store your UPI PIN or bank login credentials
  • We store only the transaction reference ID and payment status for booking records
  • Full service payment is made directly to the vendor — Zapiro does not hold or process this amount

For Razorpay's data practices, please refer to razorpay.com/privacy.

06 Sharing Your Data

We share your data only in the following limited circumstances:

  • With your vendor: When you book an appointment, the vendor receives your name, phone number, service, and appointment time
  • With Razorpay: For processing the booking fee payment
  • With Meta (WhatsApp): For delivering WhatsApp messages through their Cloud API
  • With Hostinger: Our hosting provider where data is stored securely
  • With legal authorities: If required by law, court order, or government regulation in India

We do not sell, rent, or trade your personal data with any third party for marketing or commercial purposes.

07 Data Storage & Security

Your data is stored on secure servers hosted in India via Hostinger. We implement the following security measures:

  • SSL/TLS encryption for all data transmission (HTTPS)
  • Secure token system for all booking URLs — each token expires in 30 minutes
  • Database access restricted to authorised Zapiro personnel only
  • Regular backups to prevent data loss
  • WhatsApp webhook secured with Meta verification tokens

While we take all reasonable precautions, no system is 100% secure. In the event of a data breach that affects your personal information, we will notify you within 72 hours as required by applicable Indian law.

08 Cookies

Our customer booking pages (accessed via WhatsApp in-app browser) use minimal cookies:

  • Session token: A temporary identifier to keep your booking session active (expires in 30 minutes)
  • Preference cookies: To remember your language or device settings

We do not use advertising cookies, tracking pixels, or third-party analytics cookies on customer booking pages. Our vendor dashboard may use session cookies for login authentication.

09 Your Rights

Under applicable Indian data protection law, you have the following rights:

  • Right to access: Request a copy of all personal data we hold about you
  • Right to correction: Ask us to correct inaccurate or incomplete data
  • Right to deletion: Request that we delete your personal data (subject to legal retention requirements)
  • Right to withdraw consent: Opt out of WhatsApp reminders or marketing communications at any time
  • Right to grievance redressal: File a complaint with our grievance officer

To exercise any of these rights, email us at support@zapiro.in with your request. We will respond within 30 days.

10 Children's Privacy

Zapiro is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with their personal information, please contact us immediately at support@zapiro.in and we will delete it promptly.

11 Changes to This Policy

We may update this Privacy Policy from time to time as our platform evolves or as required by law. When we make significant changes:

  • We will update the "Last updated" date at the top of this page
  • We will notify registered vendors via email or WhatsApp message
  • Continued use of the platform after changes constitutes acceptance

We encourage you to review this policy periodically.

12 Contact Us

For any privacy-related questions, requests, or complaints, please reach out to us:

Zapiro — Grievance Officer

📧 Email: support@zapiro.in

🌐 Website: zapiro.in

📍 India

We aim to respond to all privacy requests within 30 business days.