Legal
Privacy Policy
Last updated: 31 May 2026
Section 1
Who we are & what this covers
"Anyspot," "we," "us," and "our" refer to the independent team that operates the Anyspot booking service, based in Ontario, Canada. Anyspot is in early access while we test and improve the service. You can reach us any time at support@mail.anyspot.io.
This Privacy Policy explains how we handle personal information across the Anyspot website (anyspot.io), the Anyspot application (app.anyspot.io), and the public booking pages that providers create and share with their clients.
Questions about privacy can always be sent to support@mail.anyspot.io.
Section 2
Two kinds of users, two roles we play
Anyspot serves two groups of people, and our responsibility is different for each:
- Providers — independent service businesses (e.g. stylists, trainers, cleaners) who create an account and build a booking page. For a Provider's own account information, Anyspot decides how that data is used, so we act as the party responsible for it (a "controller").
- Clients — the end-customers who book appointments through a Provider's public booking page, usually without creating an account. The personal information of Clients belongs to, and is controlled by, the Provider they book with. Anyspot only stores and processes that information on the Provider's behalf and on their instructions (we act as a "processor").
In practical terms: if you are a Client and want to access or delete your information, the Provider you booked with is the first point of contact, and we will help them respond. See Section 10.
Section 3
Information we collect
From Providers (account holders):
- Name and email address
- A password, which we store only as a securely hashed value (we never store or see your actual password)
- Business and booking-page details you choose to add (business name, bio, contact details, services, pricing, availability, branding)
From Clients (people booking appointments):
- Name, email address, and (optionally) phone number
- The service address where a mobile appointment will take place
- Appointment details — the services requested, date and time, and any notes
Collected automatically:
- Your IP address and an approximate location derived from it, used to suggest the right currency and to bias address search to your region
- A single session cookie (see Section 5)
We do not collect payment card details. Anyspot does not process payments — Providers arrange payment with their Clients directly, outside of Anyspot.
Section 4
How we use information
We use personal information only to operate the booking service, specifically to:
- Create and manage Provider accounts and booking pages
- Take, confirm, reschedule, and cancel appointments
- Send transactional emails — booking confirmations, reschedule and cancellation notices, email verification, and password resets
- Look up addresses, time zones, and travel distances so scheduling and travel fees work correctly
- Detect the appropriate currency for a Provider at signup
- Keep the service secure and prevent abuse
What we do not do: we do not send marketing or promotional emails, we do not run analytics or advertising trackers, and we do not sell, rent, or trade personal information to anyone. Our emails are strictly transactional.
Section 6
Service providers we rely on
We use a small number of trusted third-party services ("sub-processors") to run Anyspot. Each is bound to handle data only as needed to provide its service to us. We work with the following categories of providers:
| Category of provider | What it does for us |
|---|---|
| Email delivery provider | Delivers transactional emails (confirmations, password resets, notifications) |
| Mapping & geocoding services | Address lookup, geocoding, time zones, and travel-distance calculation |
| Cloud image hosting | Hosts images you upload — logos, banners, and service photos (see Section 8) |
| IP-geolocation provider | Approximate location from IP address (currency detection and regional search) |
| Hosted database provider | Stores the information described above |
We can tell you the specific providers we currently use on request — just email support@mail.anyspot.io.
Section 7
Where your information is processed
Some of the services listed above store or process data on servers located outside Canada. In particular, our hosted database and several of these providers are located in the United States. While information is held in another country, it may be accessible to the courts, law enforcement, and national-security authorities of that country under that country's laws.
We choose reputable providers and rely on their contractual and security commitments to keep your information protected to a standard comparable to its protection in Canada. We remain accountable for personal information handled on our behalf.
Section 8
Images on booking pages are public
Images that a Provider uploads — logos, banners, and service photos — are stored at publicly accessible web addresses so they can appear on public booking pages and in confirmation emails. Anyone who has the link can view these images, and search engines or other services may cache or index them.
Providers should not upload images that contain sensitive personal information, or that include other people, without the right to do so. Treat uploaded imagery as public.
Section 9
How long we keep information
We keep personal information only as long as needed for the purposes described in this policy:
- Provider account data — kept while the account is active, and for a reasonable period after closure to meet legal and operational needs.
- Client and appointment data — kept on behalf of the Provider for as long as they need it; the Provider may archive or remove a Client, and we honour deletion on request (see Section 10).
- Short-lived data — verification codes and appointment-management links expire automatically after short periods.
If you ask us to delete your information, we will do so unless we are required to retain it by law.
Section 10
Your rights — access, correction, deletion
You may ask to see the personal information we hold about you, to correct it, or to have it deleted.
- Providers — contact us directly at support@mail.anyspot.io.
- Clients — because your information is controlled by the Provider you booked with, please contact that Provider first. If you are unable to reach them, contact us and we will help facilitate your request.
We aim to respond to requests within 30 days. There is no charge for a reasonable request.
Section 11
How we protect information
We take reasonable measures to protect personal information, including:
- Encryption in transit (HTTPS) across the website, application, and booking pages
- Passwords stored only as securely hashed values
- HTTP-only session cookies
- Reputable, security-conscious hosting and service providers
No online service can promise perfect security, and we do not claim formal certifications we do not hold. We continue to improve our safeguards as Anyspot grows.
Section 12
If something goes wrong (data breaches)
If a breach of security safeguards creates a real risk of significant harm to anyone, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as soon as feasible, and keep a record of the incident as required by Canadian law.
Where the breach involves Client data that we hold on a Provider's behalf, we will also notify the relevant Provider promptly so they can meet their own obligations to their Clients.
Section 13
Children
Anyspot is not directed to children and is intended for use by adults. We do not knowingly collect personal information from children. Providers must not use Anyspot to collect a child's personal information without the lawful authority to do so.
Section 14
Users outside Canada & Quebec residents
Anyspot is operated from Canada. If you use Anyspot from outside Canada, you understand that your information is processed in Canada and in the other countries described in Section 7. Residents of the European Union or United Kingdom may have additional rights under their local laws and can assert them by contacting us.
Quebec residents: if you are in Quebec, you have additional rights under Quebec's privacy law, including the rights described above and the ability to direct questions to our privacy contact at support@mail.anyspot.io.
Section 15
Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top reflects the latest version. If we make a material change, we will post the updated policy here and, where appropriate, notify Providers by email.
Section 16
Contact us
For any privacy question or request, contact our privacy contact at support@mail.anyspot.io.
Anyspot is an independent booking service operated from Ontario, Canada.
See also our Terms of Service, including how we handle Providers' client data.