Privacy Policy

Last updated: July 3, 2026

1. Introduction

PayDash.ca (“PayDash”, “we”, “us”) is committed to protecting the privacy of our users and their clients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. This policy is compliant with the Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada’s Anti-Spam Legislation (CASL).

2. Information We Collect

Account Information

When you create a PayDash account, we collect your name, email address, password (hashed), business name, phone number, province, and industry type.

Client Data

When you add clients to your account, you provide their names, email addresses, phone numbers, and any custom fields relevant to your industry. This data is stored securely and scoped to your organization.

Payment Information

Payment processing is handled by Stripe. PayDash does not store credit card numbers or bank account details directly. Stripe is PCI DSS Level 1 certified.

Usage Data

We automatically collect information about how you interact with the platform, including pages visited, features used, and session duration.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain the PayDash platform
  • To process payments via Stripe
  • To send booking confirmations, invoice notifications, and appointment reminders via email and SMS
  • To calculate and apply Canadian taxes (GST/HST/PST/QST)
  • To improve our platform and develop new features
  • To comply with legal obligations

4. SMS Communications (CASL Compliance)

SMS messages are only sent to clients who have provided express consent. Clients may opt out at any time by replying STOP. We maintain records of all consent grants and revocations in compliance with CASL requirements. SMS consent expires after 2 years if not renewed.

5. Data Sharing

We do not sell your personal information. We share data only with trusted subprocessors:

  • Stripe — for payment processing
  • Telnyx — for SMS delivery
  • Resend — for email delivery
  • Google — for Calendar sync (only if you connect your Google account)

6. Google API Data Disclosure

PayDash’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

What we access

When you connect your Google Calendar, PayDash requests the calendar.events.owned scope, which only allows us to manage calendar events created by PayDash. We cannot read, modify, or delete your personal calendar events.

How we use Google data

We use Google Calendar access solely to create, update, and delete appointment events when bookings are made, rescheduled, or cancelled in PayDash. We do not use Google data for advertising, analytics, or any purpose unrelated to providing the calendar sync feature.

Data storage & transfer

We store Google OAuth tokens (encrypted) to maintain the calendar connection. We do not store, cache, or retain any data from your Google Calendar. Google tokens are deleted immediately when you disconnect your Google Calendar from PayDash.

Revoking access

You may disconnect Google Calendar at any time from Settings → Integrations. You can also revoke access directly from your Google Account Permissions.

7. Data Security

We implement industry-standard security measures including encryption at rest and in transit, hashed passwords (bcrypt), JWT session tokens, and strict multi-tenant data isolation ensuring organizations cannot access each other’s data.

8. Data Retention

Your data is retained for as long as your account is active. Upon cancellation, your data enters a read-only grace period before permanent deletion. You may request data export or deletion at any time by contacting us.

9. Your Rights

Under PIPEDA, you have the right to access your personal information, request correction of inaccurate data, withdraw consent for data processing, or request deletion of your data.

10. Contact

For privacy inquiries, contact us at: [email protected]