Privacy Policy

Effective Date: August 17, 2025

Welcome to booking-bot.ai (the "Site"), operated by Booking Bot LLC ("Booking Bot," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard information about visitors to the Site. It also describes your choices and rights.

Scope. This Policy covers information collected from people who browse or interact with the Site. If your company becomes a Booking Bot customer, processing of data in our products and services is governed by a separate Customer Agreement and, where applicable, a Data Processing Addendum (DPA).

1) Information We Collect

We collect information in three ways:

A. Information you provide to us

  • Contact & Demo Forms. Name, business email, phone, company name, job title, and the content of your message.
  • Newsletter / Marketing Sign‑ups. Email address and preferences.
  • Account Pre‑Registration. If you choose to create an interest or waitlist account, we may collect basic account details.

B. Information collected automatically

When you visit the Site, we and our service providers automatically collect certain information using cookies, pixels, and similar technologies:

  • Device/Usage Data. IP address, browser type/version, device identifiers, operating system, pages viewed, links clicked, referring/exit pages, and timestamps.
  • Analytics Data. Aggregated statistics about traffic sources, page performance, and user journeys on the Site.

C. Information from third parties

  • Business Contact Enrichment (B2B). If you give us a business email or company domain, we may enrich it with publicly available firmographic data (e.g., industry, company size) to tailor follow‑up communications.

We do not intentionally collect sensitive personal information via the Site (e.g., government IDs, precise geolocation, health or biometric data).

2) Cookies & Similar Technologies

We use cookies, pixels, and local storage to operate and improve the Site.

Types of cookies we may use:

  • Strictly Necessary (required for core Site functionality).
  • Functional (remember choices, improve experience).
  • Analytics/Performance (understand Site usage to improve content and design).
  • Advertising/Retargeting (optional; include only if enabled).

Your choices: You can manage cookies via your browser settings and, where available, our Cookie Settings tool. Disabling certain cookies may affect Site functionality. If we use advertising cookies, we will present a consent banner and provide opt‑out controls.

We currently do not respond to Do Not Track (DNT) signals. Where required by law, we will treat supported browser‑level Global Privacy Control (GPC) signals as an opt‑out of sale/sharing.

3) How We Use Information

We use the information described above to:

  • Operate, maintain, and secure the Site;
  • Respond to inquiries and provide requested information (e.g., demos);
  • Send administrative messages and—where permitted—marketing communications;
  • Analyze Site performance and improve content, usability, and our outreach;
  • Detect, prevent, and investigate security incidents and misuse; and
  • Comply with legal obligations and enforce our Terms.

Legal bases for processing (EEA/UK only): consent (e.g., for non‑essential cookies/marketing), performance of a contract or taking steps at your request (e.g., responding to a demo request), compliance with legal obligations, and our legitimate interests (e.g., Site security, product improvement) where those interests are not overridden by your rights and interests.

4) How We Disclose Information

We may disclose information as follows:

  • Service Providers/Vendors. Hosting, security, analytics, CRM/marketing, email delivery, form capture, and customer support vendors who process data on our behalf under contractual restrictions.
  • Professional Advisors. Lawyers, auditors, insurers.
  • Legal/Compliance. To comply with law, regulation, legal process, or government requests; to protect rights, safety, and property; to detect and prevent fraud or security issues.
  • Business Transfers. In connection with a merger, acquisition, financing, or sale of assets; your information may be transferred as part of that transaction.

We do not sell personal information. We also do not "share" personal information for cross‑context behavioral advertising within the meaning of U.S. state privacy laws. If that changes, we will update this Policy and provide required notices and opt‑out mechanisms.

5) Your Choices

  • Marketing Opt‑Out. You may opt out of marketing emails by using the unsubscribe link in those emails or by contacting us. We may still send transactional or administrative messages.
  • Cookie Controls. Use your browser settings and our Cookie Settings link (if available) to manage non‑essential cookies.
  • Analytics. Some analytics providers offer their own opt‑outs. See our cookie banner or vendor notices for details.

6) Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, including to meet legal, accounting, or reporting requirements.

  • Contact/Demo Submissions: retained for up to 24 months after last interaction, unless you ask us to delete sooner (subject to legal holds).
  • Marketing Lists: until you unsubscribe or your address bounces/appears inactive, plus a short suppression period.
  • Analytics/Logs: typically 13–26 months depending on provider settings and security needs. Actual retention periods may vary based on business needs and legal requirements.

7) Security

We employ reasonable administrative, technical, and organizational measures appropriate to the nature of the information we process. However, no method of transmission over the Internet or method of electronic storage is 100% secure.

8) Children's Privacy

The Site is not directed to children under 13 (or the age of digital consent where you live), and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us so we can delete it.

9) International Data Transfers

We are a U.S. company. If you are outside the United States, your information may be processed in the U.S. and other countries that may not provide the same level of data protection as your jurisdiction. When we transfer personal information from the EEA/UK/Switzerland to the U.S., we use approved safeguards such as the EU/UK Standard Contractual Clauses or other lawful transfer mechanisms.

10) Your Privacy Rights

Your rights depend on where you live. Regardless of location, you can contact us to access, correct, or delete information you previously provided via the Site, subject to certain exceptions.

A. U.S. State Privacy Laws (e.g., CA, CO, CT, VA, UT, OR, TX, IA, DE, MT, TN, etc.)

Residents of certain states may have rights to: (i) know/access, (ii) correct, (iii) delete, (iv) data portability, and (v) opt out of targeted advertising, sale, and certain profiling. Because we do not sell or share personal information and do not engage in targeted advertising on the Site, the associated opt‑outs may not be applicable. You can exercise other rights by using the methods in Section 12.

California (CPRA) – Notice at Collection. We collect: identifiers (e.g., name, email, IP), internet/usage data, and professional/firmographic info you choose to provide. Purposes: provide and secure the Site, respond to inquiries, analytics/quality improvement, and marketing with consent. Retention: see Section 6. Sensitive PI: not collected. Sale/Sharing: none. Sources: you, your devices, and public/enterprise sources for enrichment. Recipients: service providers and the categories described in Section 4. You may also have the right to limit use of sensitive PI (not applicable here).

Colorado (CPA). Colorado residents can request access, correction, deletion, and data portability, and can appeal our decision if we deny a request by replying to our response with "Appeal."

B. EEA/UK/Swiss Residents

If you are in the EEA/UK/Switzerland, you may have rights to request access, rectification, erasure, restriction, objection, and portability, and to withdraw consent at any time without affecting the lawfulness of processing before withdrawal. You also have the right to lodge a complaint with your local supervisory authority.

Controller: Booking Bot LLC is the controller for Site-related processing.

Legal bases: See Section 3 above.

11) Third‑Party Links & Services

The Site may link to third‑party websites, plug‑ins, and services. We are not responsible for their privacy practices. We encourage you to read their policies.

12) How to Exercise Your Rights or Contact Us

To make a privacy request or contact us:

  • Email: privacy@booking-bot.ai (or support@booking-bot.ai)
  • Postal: Booking Bot LLC, 8005 E Prairie Meadow Drive, Denver, CO 80238
  • Webform (if available): https://booking-bot.ai/privacy-request

We will verify your identity before fulfilling certain requests and will respond within the timeframes required by applicable law. Authorized agents may submit requests where permitted with proof of authority.

13) Changes to This Policy

We may update this Policy from time to time. The "Effective Date" above indicates when it was last revised. Material changes will be posted on the Site, and where required, we will seek your consent.

14) Additional Information for Businesses Considering Our Services

If you become a Booking Bot customer, additional privacy and security disclosures—including data processing terms, subprocessor lists, and data protection measures—are provided in the customer onboarding flow and contract documents.

Questions? Contact us at privacy@booking-bot.ai. This Policy is provided for transparency and does not create contractual or legal rights beyond those required by law.