FloydBeta

Privacy Policy

Last Updated: December 31, 2025

This Privacy Policy explains how Floyd (“Floyd,” “we,” “us,” or “our”) collects, uses, and shares information when you use our website, API, dashboard, and documentation (collectively, the “Services”).

1. Scope & Roles

Floyd provides headless scheduling infrastructure. We process data in two main categories:

  1. Client Data: Information about you (the developer/business using Floyd), such as account and billing information.
  2. Scheduling Data: Information you submit to Floyd via the API to create or manage holds and bookings (which may include End User data).

Scheduling Data: In most cases, you (the Client) are the Data Controller, and Floyd is the Data Processor processing Scheduling Data on your behalf and in accordance with your instructions (via API calls and configurations).

2. Information We Collect

A. Client Data You Provide

We may collect:

  • Account information (name, email, company/workspace name, authentication credentials or tokens).
  • Billing information (subscription status, invoices, and payment history). Payments are processed by our payment provider (e.g., Stripe). We do not store full payment card numbers.
  • Workspace configuration (resource names, policies, settings).

B. Scheduling Data You Send via the API

Depending on how you use Floyd, Scheduling Data may include:

  • Booking/hold details (start/end time, time zone, duration, status).
  • Resource identifiers (staff/room/equipment IDs).
  • End User details if you send them (such as name, email, phone number).
  • Metadata you attach (custom fields / JSON).

Clients control what Scheduling Data is sent to Floyd.

Sensitive Data: Please do not submit sensitive personal data (e.g., health/medical information) unless we have explicitly agreed in writing.

C. Information Collected Automatically

We may collect:

  • API logs and diagnostics (endpoints called, timestamps, response codes, latency, and limited request/response data as needed for security and debugging).
  • Usage data in the dashboard (pages viewed, actions taken).
  • Device/log data (IP address, browser type, operating system).
  • Cookies and similar technologies for authentication and security.

3. How We Use Information

We use information to:

  1. Provide and operate the Services (processing searches, holds, bookings, and policies).
  2. Maintain security, prevent abuse, and enforce rate limits.
  3. Debug issues and improve reliability and performance.
  4. Provide customer support and communicate with you.
  5. Process billing and measure usage under your plan.
  6. Comply with legal obligations and enforce our Terms.

4. How We Share Information

We do not sell personal information.

We may share information with:

  1. Service providers that help us run the Services (hosting, databases, monitoring, analytics, email delivery, support tools).
  2. Payment processors for subscription billing (e.g., Stripe).
  3. Third-party integrations you choose to connect (when available), solely to perform requested functionality.
  4. Legal and safety: to comply with law or protect rights, safety, and security.
  5. Business transfers: if we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction.

5. Data Retention

  • Client account data: retained while your account is active and as needed for legitimate business or legal purposes.
  • Scheduling Data: retained to provide the Services and history, and until you delete it or close your account (subject to legal retention requirements).
  • Logs: retained for a limited period for security and debugging (retention may vary by plan) and then deleted or de-identified.

6. End User Requests and Rights

Because Floyd typically acts as a Data Processor, End Users should direct requests to the Client (the business they interacted with).

Clients can access, export, correct, or delete Scheduling Data using Floyd’s API and/or dashboard features (as available). If an End User contacts Floyd directly, we may (where appropriate) refer them to the Client or assist the Client in responding as required by law.

Depending on your location, you may have rights to access, correct, delete, or object to processing.

7. Cookies and Tracking

We use essential cookies for authentication and security. We may use analytics tools to understand usage and improve the Services. Where required by law, we will obtain consent for non-essential cookies.

8. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information. However, no system is 100% secure. You are responsible for keeping API keys and credentials confidential.

9. International Data Transfers

We may process and store information in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers.

10. Children’s Privacy

The Services are intended for businesses and are not directed to children. If you use Floyd to schedule services involving minors, you represent that you have obtained appropriate consents and are authorized to provide any required data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the “Last Updated” date and may provide additional notice for material changes.

12. Contact

For questions, please contact hey@floyd.run.

Floyd

Community

For

Legal

© 2026, Floyd LLC