Privacy
Privacy Policy
HelloBonjour is built for appointment-based businesses that need to manage bookings, customer records, intake, communications, payments, AI-assisted front-desk workflows, and team operations in one bilingual workspace.
Last updated June 2026
Information we process
We process account information, business profile details, staff details, customer booking information, appointment history, intake responses, uploaded files, operational notes, membership and package activity, storefront orders, direct-billing details, payment status, AI conversation records, phone/SMS metadata, and support communications when you or your customers use HelloBonjour.
How we use information
We use information to provide the platform, run booking, dashboard, portal, intake, billing, storefront, review, waitlist, lifecycle, and AI workflows, send appointment communications, support payment and subscription operations, protect the service, troubleshoot issues, and improve product reliability.
Customer and appointment data
Businesses are responsible for the customer data they collect through HelloBonjour. We process that data on behalf of the business, limit access to what is needed to operate and support the service, and provide portal, export, correction, and retention workflows that businesses can use to support their own obligations.
AI, SMS, and voice workflows
When AI assistant, SMS, phone, website-indexing, or automation features are enabled, relevant business content, customer messages, availability, booking context, and conversation records may be processed to answer questions, support bookings, create waitlist requests, hand off to humans, and maintain service reliability. Regulated-data businesses should keep these workflows disabled until their legal, vendor, consent, and operating posture is approved.
Canadian privacy and health data
HelloBonjour is designed with Canadian privacy expectations in mind, including PIPEDA principles and provincial health privacy readiness where they apply. This is not a statement that PIPEDA, PHIPAA, Law 25, HIPAA, or SOC 2 compliance is complete. Businesses remain responsible for configuring their forms, notices, consent language, customer workflows, and jurisdiction-specific obligations.
Retention and requests
We keep information only as long as needed for the service, legal requirements, security, and legitimate business operations. Retention tooling and legal-hold workflows are available for account owners, but retention periods and request handling must be approved by the business. Customers should contact the business they booked with for appointment record, access, correction, deletion, or complaint requests. Account owners can contact us for platform privacy requests.
Contact
For privacy questions, contact privacy@hellobonjour.ca.