1. Introduction
Service Trove LLC ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the ServiceTrove platform.
Please read this Privacy Policy carefully. By using our services, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, password, phone number, business name, and address
- Business Information: Services offered, pricing, availability, team member details
- Payment Information: Billing details processed through Stripe (we do not store full card numbers)
- Content: Photos, descriptions, and other content you upload to your business profile
- Communications: Messages, support requests, and feedback you send us
- Voice Data: When you use voice-enabled features (voice commands, voice assistant), your voice input is captured and processed to provide the requested functionality. Voice data may be transmitted to third-party speech recognition services for processing. We do not permanently store raw voice recordings unless explicitly stated. Note: The AI assistant page may automatically activate your microphone for a brief listening period (approximately 5 seconds, or up to 30 seconds when launched via Siri or Google Assistant) to detect voice commands. Ambient audio captured during this period is processed locally by the browser's speech recognition engine and is not stored
- Push Notification Data: If you enable browser push notifications, we collect push subscription tokens and browser/device identifiers necessary to deliver notifications. You can revoke push notification permissions at any time through your browser settings
- Guest Booking Data: If you book a service without creating an account (guest booking), we collect your name, email address, and phone number for booking fulfillment. This data is accessible to the business owner and is retained per our general data retention policy
- Team Member & Provider Data: If you are invited to join a business as a team member or provider, we collect your name, email, role, schedule, and (if applicable) Stripe Connect information for payment processing. This data is shared with the business owner who invited you
- Waitlist Data: If you join a waitlist, we collect your name, contact information, and service preferences. This data is accessible to the business owner and is retained until the request is fulfilled or manually removed
2.2 Information Collected Automatically
- Usage Data: Pages visited, features used, actions taken within the platform
- Device Information: IP address, browser type, operating system, device identifiers
- Cookies: Session cookies and persistent cookies for authentication and analytics
- Log Data: Access times, error logs, and referral URLs
- Analytics & Event Tracking: We track platform usage events (page views, feature interactions, booking flows, and other user actions) to improve our services, generate aggregate analytics, and monitor platform health. This tracking may occur for both authenticated and unauthenticated users
- Email Registration Validation: We check email addresses at registration against known disposable/temporary email providers to prevent abuse. We do not store rejected email addresses
2.3 Information from Third Parties
- Google Sign-In: If you sign in with Google, we receive your name, email, and profile picture
- Payment Processors: Transaction confirmations and payment status from Stripe
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Process transactions and send related information
- Send you technical notices, updates, security alerts, and support messages
- Respond to your comments, questions, and requests
- Monitor and analyze trends, usage, and activities
- Detect, investigate, and prevent fraudulent transactions and abuse
- Personalize and improve your experience
- Send marketing communications (with your consent)
3.1 How We Use Your Uploaded Content
Content you upload to the platform (photos, logos, business descriptions, service listings, and other materials) is used in accordance with the license granted in our Terms of Service (Section 10.1). Specifically:
- Service Delivery: Your content is displayed on your business PWA, booking pages, and anywhere necessary to operate the platform features you use
- Platform Promotion: We may feature your business or content in marketing materials, case studies, or social media to promote ServiceTrove, unless you opt out by contacting us
- Analytics & Improvement: We may use aggregated, anonymized, or de-identified data derived from your content to analyze platform usage, generate insights, and improve our services
- AI Features: Aggregated, de-identified data may be used to train and improve our AI-powered business assistance features. Your individual content is not shared with other users
- Legal Compliance: Your content may be preserved, accessed, or disclosed to comply with legal obligations or law enforcement requests
- Image & Media Storage: Uploaded images and media files are stored on Amazon Web Services (AWS) S3 and delivered via CloudFront CDN, which may cache content globally. When you delete images, they are removed from S3, though CDN caches may persist briefly. Images displayed on your public booking page are accessible via URL to anyone with the link
You can request deletion of your uploaded content at any time. See Section 7 (Your Rights and Choices) for details.
4. Information Sharing
We may share your information in the following circumstances:
4.1 Service Providers
We share information with third-party vendors who perform services on our behalf:
- Amazon Web Services (AWS): Cloud hosting and data storage
- Stripe: Payment processing. Stripe operates as an independent third-party system — your payment card numbers, bank account details, and Stripe account credentials are managed entirely by Stripe and are not stored on our servers. We receive only transaction confirmations and payment status
- Google: Authentication services and AI features
- AI Service Providers: Third-party AI providers (e.g., Google, OpenAI, Anthropic) that power our AI assistant features. When you use AI features, your prompts and relevant business context may be sent to these providers for processing. These providers have their own privacy policies and data handling practices
- Email Service Providers: Transactional and notification emails
4.2 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4.3 Legal Requirements & Law Enforcement
We may access, preserve, and disclose your information if we believe in good faith that doing so is necessary to:
- Comply with applicable law, regulation, legal process, or governmental request (including subpoenas, court orders, and law enforcement requests)
- Protect the safety of any person, including minors
- Prevent or investigate suspected fraud, illegal activity, abuse, or violations of our Terms of Service
- Protect the rights, property, or safety of Service Trove LLC, our users, or the public
- Cooperate with law enforcement investigations, including providing account data, activity logs, IP addresses, and other relevant information
We will cooperate fully with law enforcement authorities investigating illegal activity conducted through our platform. This includes, but is not limited to, disclosing account information, activity records, IP addresses, device information, and communication metadata in response to valid legal process.
4.4 With Your Consent
We may share information for other purposes with your explicit consent.
4.5 Support and Administrative Access
Authorized ServiceTrove personnel may access your account and its configuration data to provide support, troubleshoot problems, or help you set up your account (for example, configuring your domain or DNS). This access is limited to those purposes, is recorded in audit logs, and is subject to the same security and confidentiality obligations that apply to the rest of the platform. We do not use this access to make payments or change your billing on your behalf.
5. Data Security
We implement appropriate technical and organizational security measures to protect your information:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure password hashing using industry-standard algorithms
- Access controls, role-based permissions, and authentication requirements
- Network security monitoring and intrusion detection
- Regular security assessments and vulnerability testing
- Secure infrastructure hosted on Amazon Web Services (AWS) with industry-standard protections
While we implement commercially reasonable security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. You acknowledge and accept the inherent risks of providing information online, and you are responsible for maintaining the security of your account credentials (see our Terms of Service, Section 7.5).
5.1 Backups & Data Redundancy
We perform automated backups to ensure data integrity and platform reliability. Backup copies of your data may be retained beyond your account deletion period as part of our disaster recovery processes. All backups are encrypted and subject to the same access controls as primary data. Backup data is not used for any purpose other than disaster recovery and platform restoration.
5.2 Data Breach Notification
In the event of a data breach that compromises your personal information, we will:
- Investigate the breach promptly and take steps to contain and remediate the incident
- Notify affected users by email and/or through the platform without unreasonable delay, and in compliance with applicable breach notification laws
- Notify relevant regulatory authorities and law enforcement as required by applicable law
- Provide information about the nature of the breach, the types of data affected, and steps you can take to protect yourself
Limitation of Liability for Security Incidents: While we take commercially reasonable measures to protect your data, we are not liable for unauthorized access, hacking, data loss, or other breaches that occur despite our security measures. To the maximum extent permitted by law, we disclaim liability for any damages arising from security incidents caused by third-party attacks, vulnerabilities in third-party software, or events beyond our reasonable control. Our total liability for any data breach claim shall not exceed the amount set forth in our Terms of Service.
5.3 Your Security Obligations
You are responsible for taking reasonable precautions to protect your own account and data, including using strong, unique passwords, not sharing your credentials, and promptly reporting any suspicious activity to security@servicetrove.com. We are not responsible for data loss or unauthorized access resulting from your failure to maintain adequate account security.
6. Data Retention
We retain your information for as long as your account is active or as needed to provide services. We may retain certain information as required by law or for legitimate business purposes.
When you delete your account, we will delete or anonymize your information within 90 days, unless retention is required for legal compliance.
Safety & Legal Retention: Notwithstanding the above, we may retain account data, activity logs, IP addresses, device information, and transaction records beyond normal retention periods when:
- Required by law, regulation, or valid legal process
- An account was suspended or terminated for Terms violations, illegal activity, or safety concerns
- Data is relevant to an ongoing or anticipated law enforcement investigation
- Necessary to protect the safety of our users or the public, including minors
- Required to enforce our Terms of Service or resolve disputes
7. Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data
- Portability: Request your data in a portable format
- Objection: Object to certain processing of your data
- Withdrawal of Consent: Withdraw consent where processing is based on consent
To exercise these rights, contact us at privacy@servicetrove.com.
7.1 Data Export
Business owners may export client data, booking records, and financial data in CSV or Excel format through the dashboard. Export download URLs expire after 1 hour for security purposes. Business owners are solely responsible for securing any exported data and for complying with applicable data protection laws regarding data they export from the platform.
7.2 Automated Decision-Making
ServiceTrove uses automated systems for certain platform functions, including trial expiration and account restriction, appointment reminders, booking confirmations, and no-show detection. These automated processes do not make decisions with significant legal effects. If you believe an automated action was applied to your account in error, you may contact support@servicetrove.com for human review.
8. Cookies and Tracking
We use cookies and similar technologies to:
- Keep you signed in
- Remember your preferences
- Understand how you use our platform
- Improve our services
You can control cookies through your browser settings. Disabling cookies may affect platform functionality.
9. Children's Privacy
The ServiceTrove platform is intended solely for users who are at least 18 years of age. We do not knowingly collect, solicit, or maintain personal information from anyone under the age of 18.
In compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable child protection laws, we do not knowingly collect personal information from children under 13. We also do not knowingly collect personal information from minors between the ages of 13 and 17 without verified parental or guardian consent, which we do not currently provide a mechanism for.
If we discover or are notified that we have inadvertently collected personal information from a person under 18, we will take immediate steps to:
- Suspend and terminate the associated account
- Delete all personal information associated with the minor
- Notify the parent or guardian if contact information is available
- Report the matter to relevant authorities if exploitation or abuse is suspected
If you are a parent or guardian and believe your child has provided personal information to us, please contact us immediately at privacy@servicetrove.com. We will promptly investigate and remove such information.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers.
11. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising privacy rights
We do not sell personal information.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the platform. Your continued use after changes become effective constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Service Trove LLC
Email: privacy@servicetrove.com