Last updated: May 22, 2026
Subizzy (“Subizzy,” “we,” “us,” or “our”) provides a proprietary software-as-a-service platform used by businesses to manage operations such as memberships, appointments, staff, locations, payments, and customer relationships. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our admin applications and related services (the “Service”).
Depending on how you interact with Subizzy, we may process your information as a controller or as a processor on behalf of a business customer. Business customers that use Subizzy to serve their own clients and staff are responsible for their privacy practices and for providing appropriate notices to their users. This policy primarily describes Subizzy’s practices when you sign in to or administer the Service.
We may collect the following categories of information:
We use personal information to:
We do not sell personal information. We do not use your data for unrelated third-party advertising.
Sign-in may be provided through Firebase Authentication and supported identity providers (such as Google or Apple). After authentication, the Service uses server-managed session mechanisms to protect authorized routes. Provider terms and privacy policies also apply to sign-in flows they operate.
Data is hosted on infrastructure operated by reputable cloud providers, including Google Cloud and Firebase services, in configured regions. We use administrative, technical, and organizational measures designed to protect information, including encryption in transit, access controls, and monitoring. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
We engage subprocessors to help deliver the Service, such as cloud hosting, authentication, payment processing (e.g., Stripe), email delivery, and error monitoring. Subprocessors are permitted to process data only to perform services on our behalf and subject to appropriate contractual safeguards.
We retain information for as long as needed to provide the Service, fulfill contractual obligations, resolve disputes, and comply with law. Retention periods may vary by data type and customer configuration. When a business customer terminates use of the Service, data may be deleted or archived according to the applicable agreement and backup cycles.
Depending on your location, you may have rights to access, correct, delete, or restrict certain processing of your personal information, or to object to processing and request portability. Business end users should typically contact their organization first, since that organization controls much of the data in the Service. Authorized administrators may manage account data within the product where features are available.
If you access the Service from outside the country where our infrastructure is hosted, your information may be transferred to and processed in other countries that may have different data protection laws. Where required, we implement appropriate safeguards for cross-border transfers.
The Service is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us so we can take appropriate action.
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. Continued use of the Service after changes take effect constitutes acknowledgment of the revised policy.
Privacy questions or requests may be sent to privacy@subizzy.com. For terms governing use of the Service, see our Terms of Service.
© 2026 Subizzy. All rights reserved.