Privacy
Policy.

BlendzByBen is a solo-chair barber shop operating in Simi Valley, CA. This policy covers the website at blendzbyben.com and the booking system behind it. Questions? Email blendz.by.ben@gmail.com.

When you book an appointment online we collect:

• Your first name and last name
• Your mobile phone number
• Your email address
• The service, date, and time you selected
• If you pay online, card payment is processed by Square — we never see or store your card details
• A timestamp, IP address, and browser user-agent at the moment you tick the SMS-consent checkbox (audit trail for carriers)

• To confirm your appointment and send reminders
• To text you booking confirmations, 24-hour and 2-hour reminders, and reschedule or cancellation notices
• To email you the same details and a manage link
• To recognise you on return visits so we can pre-fill your details and skip retyping
• To process payments through Square if you pay online

Booking the chair counts as opting in to SMS for that booking. You can opt out at any time by replying STOP to any of our texts. Reply HELP for help. Message and data rates may apply. Frequency is roughly one to three messages per booking (confirmation, 24-hour reminder, 2-hour reminder; plus a notice if you reschedule or cancel).

We don't send marketing SMS, promotions, or third-party messages. SMS goes only to numbers that explicitly tick the consent checkbox during booking.

No mobile information — your phone number or SMS opt-in data — will be shared with third parties or affiliates for marketing or promotional purposes. Your phone number is shared only with our SMS provider (Twilio) for the sole purpose of delivering the booking confirmations and reminders you opted into — a permitted support service. Text-messaging opt-in data and consent is never sold, rented, or shared with any third party for any other purpose.

We don't sell, rent, or trade your information. We share it only with the services we use to run the shop:

• Twilio — sends SMS confirmations and reminders
• Resend — sends booking confirmation emails
• Square — processes online card payments
• Supabase — stores booking records securely
• Vercel — hosts the website

Each of these providers has its own privacy and security practices. We share only the minimum needed for them to do their job — e.g. your phone and the message body go to Twilio, never your email.

Booking history, contact details, and SMS opt-in records are retained while you remain a customer so we can recognise you and maintain audit logs. If you'd like everything deleted, email us at blendz.by.ben@gmail.com and we'll remove your record within 30 days.

Under California Consumer Privacy Act (CCPA), you can ask us to show you what we hold, correct it, or delete it. Email blendz.by.ben@gmail.com from the address tied to your booking and we'll respond within 30 days. We don't sell personal information, so the “do not sell” right doesn't apply, but you can still opt out of SMS at any time by replying STOP.

The website uses only strictly-necessary cookies — session tokens for the owner login and a CSRF cookie for the booking form. We don't run advertising trackers or third-party analytics that follow you across sites.

Bookings live in a Supabase Postgres database with row-level security and encryption at rest. Card data never touches our servers — Square tokenises the card in your browser before it reaches us. SMS opt-in audit records are kept indefinitely for carrier-compliance reasons.

If we change how we handle your data we'll update this page and bump the “last updated” date at the top. For anything substantive, we'll also email or text active customers.