Privacy Policy

ServiceIntake (“we,” “us,” “our”) is a software platform that lets service businesses collect, manage, and respond to customer service requests. This Privacy Policy describes how we handle personal information across our website (serviceintakeapp.com), customer-facing intake pages (“/b/[slug]”), and the admin dashboard.

For data we process on behalf of a business that uses our platform (e.g., a customer’s name and phone number submitted through that business’s intake form), the business is the controller and we act as a processor.

Information you give us directly

• Account info — name, email, password (hashed), phone, role.
• Business info — business name, slug, branding (logo, color), service hours, billing details.
• Customer service requests — names, emails, phone numbers, addresses, descriptions of service issues, photos/files attached, scheduling preferences.
• Communications — support reports, messages between admins and customers.

Information we collect automatically

• Session cookies — small files used to keep you signed in (essential, no consent required).
• Server logs — IP address, user agent, timestamps for security and debugging.

• To provide the service — render dashboards, send confirmations, schedule appointments.
• To send transactional email — appointment reminders, status updates, password resets.
• To detect abuse and prevent fraud — Cloudflare Turnstile validates intake submissions.
• To bill subscriptions through Clerk Billing.
• To respond to support requests and improve the product.

We do not sell your personal information. We do not use it for advertising. We do not share it with third parties except with the subprocessors listed below or as required by law.

We rely on these vendors to operate the service. Each processes only the data they need:

• Vercel — hosting, edge compute (USA)
• Neon — PostgreSQL database (us-east-1)
• Resend — transactional email delivery
• Clerk — authentication and subscription billing
• Cloudflare — bot protection (Turnstile) on public forms

See our subprocessors page for current details.

We set a small number of essential cookies (user_session, user_role,user_business) so you stay signed in and see the right dashboard. These are HTTP-only, same-site, and expire when you sign out. We do not use analytics or advertising cookies. If we ever add them, we will request consent first.

We keep account and ticket data for as long as your business is active. When a business cancels, we retain data for 90 days for billing reconciliation, then delete or anonymize. Server logs are kept for 30 days.

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of any processing you previously consented to

Contact info@serviceintakeapp.com to exercise any of these. We respond within 30 days.

We use HTTPS everywhere, store passwords hashed with bcrypt, isolate each business’s data with row-level checks, and limit superadmin access. No system is perfectly secure; if you suspect a breach affecting your account, contact us immediately.

ServiceIntake is intended for businesses and their customers. We do not knowingly collect data from children under 13. If you believe we have, contact us and we will delete it.

We’ll update the date at the top whenever this policy changes. For material changes, we’ll email account admins.

Questions? info@serviceintakeapp.com