Privacy policy

Diazluna Corp ("Diazluna") respects your privacy. This policy explains what data we collect, how we use it, and what controls you have over it.

Data we collect

• Practice data: name, address, hours, photos, and public content that you provide or that we extract from public sources (Google, your existing site) to build your website.
• Account data: email, name, WhatsApp number, payment method (processed by Stripe — Diazluna does not store card data).
• Usage data: pages visited, calls and messages routed through our systems. We use Microsoft Clarity for aggregated session analytics.

How we use it

• Build, publish, and maintain your site.
• Operate the AI receptionist and the channels you connect.
• Process payments and send invoices.
• Improve the product in aggregate.

Calendar (Google and Microsoft)

If you connect your Google or Microsoft Outlook calendar, María accesses only your availability (free/busy) and creates the appointments she books on your behalf. We do not read the contents of your existing events, we do not store your calendar, and we do not use this data for any other purpose. The token that enables booking is stored encrypted (AES-256), and you can revoke it at any time from your dashboard ("Disconnect"), which removes our access.

Diazluna's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.

Text messages (SMS)

If, during a call with our virtual receptionist, you request and verbally authorize text-message confirmations, we collect your mobile phone number solely to send you appointment confirmations and reminders. Message frequency is transactional (typically one message per appointment). Message and data rates may apply.

We do not sell or share your mobile phone number, or your SMS opt-in/consent information, with third parties or affiliates for marketing or promotional purposes. This information is used only to deliver the messages you requested.

You can opt out at any time by replying STOP to any message; for help, reply HELP. See our SMS Terms for details.

Who we share with

We share data only with vendors that run parts of the service on our behalf (Stripe for payments, Cloudflare for hosting, Anthropic for AI generation, Google for practice lookup, Microsoft Clarity for session analytics). We do not sell your data.

Your rights

You can request access, correction or deletion of your personal data by emailing [email protected]. If you close your account, we delete your personal data within thirty (30) days, except what we are required by law to retain.

Security

We apply encryption in transit (TLS 1.2+) and at rest. Sensitive data is stored in managed secrets, not in code. We audit periodically.