← Back to home

Privacy Policy

Last updated: 7 July 2026

This policy explains how Klipin ("Klipin", "we", "us") collects, uses, stores and protects personal data — and the choices and rights you have. It covers everything we run: the klipin.app website, the partner portal at app.klipin.app, public booking pages at book.klipin.app, the Klipin mobile app (iOS and Android, com.klipin.app) and the emails we send.

1. The short version

2. Who we are

Klipin is booking and management software for barbershops and salons, operated from the United Arab Emirates and offered UAE-first. For personal data covered by this policy, the contact for all privacy matters is privacy@klipin.app.

This document is the privacy policy for the Klipin website (klipin.app), web application (app.klipin.app), customer booking pages (book.klipin.app), the Klipin mobile app for iOS and Android, and our transactional emails.

3. Our two roles: controller and processor

Klipin wears two hats, and your rights route differently depending on which one applies:

By design, each business's client list is isolated: a customer known to one business is never visible to any other business on Klipin.

4. The data we collect

If you run or work at a business on Klipin

If you book an appointment at a business that uses Klipin

If you use the Klipin mobile app

If you just visit our websites

If you contact us

5. How we use data — purposes and legal bases

We only use personal data for what you'd expect from a booking product. For GDPR, each purpose has a legal basis; for the UAE Personal Data Protection Law (PDPL), each rests on consent or a statutory exception, as mapped below.

PurposeGDPR basisUAE PDPL basis
Creating and operating partner/staff accounts; signing you inContract (Art 6(1)(b))Contract necessity (Art 4)
Taking, managing and honouring bookings; invoicing and checkoutContract — performed for the business as its processorContract necessity (Art 4)
Sending booking confirmation and cancellation emailsContractContract necessity (Art 4)
Push notifications for new bookings (staff app)Consent — the OS permission prompt; opt out any time in-app or in device settingsConsent (Art 6)
Security, abuse prevention, audit loggingLegitimate interests — keeping the platform and tenants' data safeStatutory exception (Art 4)
Answering support requests and privacy/rights inquiriesContract / legitimate interestsContract necessity (Art 4)
Complying with law (e.g. tax record-keeping for invoices)Legal obligation (Art 6(1)(c))Legal obligation (Art 4)

We do no marketing emails, no profiling and no automated decision-making that produces legal or similarly significant effects. If we ever introduce marketing communications, we will ask for your consent first, record it, and make opting out one tap.

6. Who we share data with

We never sell personal data and share it with no one except the service providers that run Klipin's infrastructure (acting on our instructions, under contract) and the business you book with. Our providers:

ProviderWhat they doWhere
Supabase (on AWS)Database, authentication and application backend — where Klipin's data lives; also sends account emails (sign-in codes, invites, password resets)AWS ap-south-1 (Mumbai, India)
NetlifyServes our websites (standard web-server request logs)Global CDN (US company)
ResendDelivers booking confirmation and cancellation emailsUnited States
ExpoDelivers push notifications to the staff mobile appUnited States
Apple / GoogleOperating-system push delivery (APNs / FCM) and app distributionGlobal
rsms.meServes the Inter font used by the web portal and booking pages (receives your IP address and browser user-agent when the font loads)EU

7. Where data is stored and international transfers

Klipin's application data is stored with Supabase on AWS in Mumbai, India (ap-south-1). Email and push delivery transit our providers in the United States. That means personal data of UAE users is stored outside the UAE, and personal data of any EU/EEA users is stored outside the EU.

8. How long we keep data

9. Your rights

Wherever you are, you can ask us for: access to your data (a copy), correction, deletion, restriction of processing, portability (a machine-readable copy), and to object to processing or stop it. Where processing rests on consent (like push notifications) you can withdraw consent at any time — withdrawing doesn't affect what was lawfully done before.

Klipin makes no solely-automated decisions about you and does not profile you.

10. Deleting your account or data

Deletion is available to everyone, whether or not you can log in:

Every deletion we carry out on request is a real deletion of personal data, not a deactivation — where we must keep a record (law, fraud prevention), we say so above and keep the minimum.

11. Cookies & local storage

klipin.app sets no cookies and runs no analytics. None of our surfaces use advertising or tracking cookies, so there's no cookie banner — there's nothing to consent to. The small amount of browser/device storage we do use is strictly necessary to make the product work:

WhereWhatWhy
klipin.appTheme preference (dark/light)Remembers your choice; never leaves your browser
app.klipin.appSign-in session token; a local working copy of your business's dataKeeps you signed in and the portal fast; cleared on sign-out
book.klipin.appA local copy of the salon's public booking info (services, staff, opening hours, busy times)Makes the booking page fast; contains no personal data about you or other clients
Mobile appSign-in session; selected business; theme and notification preferencesKeeps you signed in and remembers your settings

If we ever add analytics, we will update this policy and ask for consent first where required.

12. Security

How we protect data, in plain terms:

No system is perfectly secure, but if a breach ever put your rights at risk we would notify the relevant authority (the UAE Data Office, or the competent EU supervisory authority within 72 hours for GDPR-scope data) and affected users as required.

13. Children

Klipin is a business tool directed at adults; accounts are for people 18 and over, and we do not knowingly collect children's data ourselves. Clients may share a dependant's details (like a child's name) with their salon when booking for them — that information belongs to the salon's client book, under the salon's control as described above. If you believe a child's data has been given to us in error, email privacy@klipin.app and we will delete it.

14. Changes to this policy

When we change this policy materially we'll update the date at the top and give notice — email for account holders, a notice on our sites for everyone else — before the changes take effect. Earlier versions are available on request.

15. Contact us

For anything in this policy — questions, requests, complaints: privacy@klipin.app. We reply within 30 days, usually much faster.