Privacy Policy

Effective 5 January 2026.

Glammr (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose and store your information when you use our website, mobile application, and related services (together, the “Services”).
This policy applies to both:
- Consumers using Glammr to discover and book services, and
- Businesses using Glammr to list, manage and sell services.
We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. What information we collect

We collect information that is reasonably necessary to operate Glammr and provide our Services.
a) Information you provide directly
This may include:
For consumers:
-
Name, email address, phone number
- Account login details
- Booking history and preferences
- Payment details (processed securely by our payment providers)
- Referral activity (who invited you or who you invite)
- Reviews, ratings, and feedback
- Profile photos or other images you upload

For businesses:
-
Business name, ABN (if applicable), address and contact details
- Owner or manager contact details
- Bank account details for payouts
- Listings, pricing, availability, and performance data
- Logos, branding images, and other uploaded content

For businesses who connect Google Calendar or another supported calendar service:
- calendar availability information;
- calendar event details required to manage bookings, such as event title, date, time, duration, status, location, and description;
- calendar identifiers and calendar metadata required to connect the correct calendar;
- information required to create, update, cancel, or synchronise booking-related calendar events; and
- authorisation tokens or credentials that allow Glammr to maintain the calendar connection you have approved.

b) Information we collect automatically
When you use Glammr, we may collect:
- Device information (IP address, browser type, operating system)
- Usage data (pages viewed, features used, session times)
- Location data (approximate, based on IP or device settings)
- Cookies and similar technologies
- We use tools such as Google Analytics, Meta (Facebook) Pixel, and similar services to understand how people use Glammr and to improve our marketing and performance.

2. How we use your information

We use your information to:
- Create and manage your account
- Facilitate bookings, payments, and payouts
- Operate referral and invite features
- Communicate with you about your account or bookings
- Send service, transactional, and administrative messages
- Send marketing and waitlist communications (with opt-out available)
- Improve, test, and optimise Glammr
- Maintain platform safety, prevent fraud, and enforce our Terms
- Comply with legal obligations

3. Marketing communications

If you join the Glammr waitlist, create an account, or otherwise provide your contact details, we may send you:
- Product updates
- Launch announcements
- Promotions and offers
You can opt out of marketing communications at any time using the unsubscribe link or by contacting us.
We will still send essential service and transactional messages (for example, booking confirmations or important account notices).

4. Referrals and invites

If you invite a friend or business to Glammr, we may collect and use their contact details to send the invitation and track referral rewards.We only use referral information for this purpose and do not add referred contacts to marketing lists unless they choose to join.

5. Images and uploaded content

If you upload images (such as profile photos, logos, or content for listings), you:
- Confirm you have the right to upload and use the image, and
- Grant Glammr a licence to use, display, and reproduce the image solely for operating and promoting the Services.
We do not sell or license your images to third parties for unrelated purposes.

6. Disclosure of personal information, including Google user data

We may disclose your information to:
- Service providers who help us operate Glammr, including hosting, payments, analytics, messaging, customer support, security, and calendar synchronisation providers
- Payment processors and financial institutions, to process payments and payouts
- Marketing and analytics partners, but only in relation to non-Google user data and only where permitted by law, such as to understand app performance, improve marketing effectiveness, and measure general usage trends
- Law enforcement, regulators, courts, or government authorities if required by law
- A buyer, successor, or potential investor if Glammr is sold, merged, restructured, or involved in a business transaction

Where you connect Google Calendar to Glammr, we may share Google Calendar data only where necessary to provide, maintain, secure, or improve the Glammr booking and calendar integration features you have chosen to use. This may include sharing limited Google Calendar data with trusted service providers who help us operate Glammr, host our systems, maintain calendar synchronisation, process support requests, monitor security, or troubleshoot technical issues.

These service providers are required to protect Google user data and may only use it to provide services to Glammr. We do not sell Google user data. We do not share Google Calendar data with marketing or analytics partners for advertising, retargeting, personalised advertising, interest-based advertising, data brokerage, creditworthiness assessment, lending, or unrelated marketing purposes.

Where Glammr displays availability to consumers or other users, we may show whether a booking time is available or unavailable. We do not display private Google Calendar event details, such as event descriptions, personal notes, attendee details, or unrelated calendar content, unless this is necessary to provide the booking feature you have chosen to use.

We do not sell Google user data, and we do not use or share Google Calendar data or other Google user data for advertising, retargeting, personalised advertising, interest-based advertising, data brokerage, creditworthiness assessment, lending, unrelated marketing, AI model training, machine learning model training, or the development or improvement of unrelated artificial intelligence systems.

Any sharing, transfer, or disclosure of Google user data is limited to the purposes described in the “Google Calendar integration and Google user data” section of this Privacy Policy.

Some service providers may be located outside Australia. We take reasonable steps to ensure overseas recipients protect your information in line with Australian privacy standards.

We do not sell your personal information.

7. Storage and security

We take reasonable steps to protect your information from misuse, interference, loss, and unauthorised access, modification, or disclosure.
This includes technical, administrative, and organisational safeguards, but no system is completely secure.

8. Access and correction

You can request access to, or correction of, your personal information by contacting us. We will respond within a reasonable time and in accordance with the Privacy Act.Glammr reserves the right to monitor usage of the platform to ensure fairness, prevent abuse, and maintain quality standards.

You may also disconnect Google Calendar from Glammr at any time through Glammr, where this feature is available, or by revoking Glammr’s access through your Google Account permissions.

9. Cookies and tracking technologies

We use cookies and similar technologies to:Remember your preferencesAnalyse traffic and usageDeliver relevant marketingYou can control cookies through your browser settings, but some features may not function properly if cookies are disabled.

Google Calendar integration and Google user data

If you choose to connect your Google Calendar to Glammr, we will request your permission through Google’s OAuth consent process before accessing Google Calendar data. You can choose not to connect Google Calendar, and you can revoke Glammr’s access at any time through your Google Account permissions or through any disconnect feature made available in Glammr.

Google user data we collect
Depending on the permissions you approve, Glammr may access, process, and store the following Google user data:
- Google Calendar availability information;
- calendar event information required for booking and availability management, such as event title, date, start time, end time, duration, status, location, description, and calendar identifier;
- calendar list information and calendar metadata required to identify the calendar you choose to connect;
- information required to create, update, cancel, or synchronise calendar events connected with Glammr bookings;
- information required to prevent double bookings and display available or unavailable booking times; and
- OAuth tokens or similar authorisation credentials that allow Glammr to maintain the Google Calendar connection you have approved.

How we use Google user data
Glammr uses Google user data only to provide, maintain, secure, troubleshoot, or improve the user-facing booking and calendar integration features you choose to use. This includes:
- checking salon, staff, business, or service provider availability;
- preventing double bookings;creating, updating, or cancelling calendar events connected with Glammr bookings;
- synchronising booking availability between Glammr and Google Calendar or supported booking systems;
- displaying available or unavailable booking times in Glammr;
- maintaining and troubleshooting the Google Calendar connection;
- protecting the security and integrity of Glammr; andc
- omplying with applicable legal obligations.

We do not use Google Calendar data or other Google user data for advertising, retargeting, personalised advertising, interest-based advertising, unrelated marketing, data brokerage, creditworthiness assessment, lending, AI model training, machine learning model training, or the development or improvement of unrelated artificial intelligence systems.

Glammr’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Sharing, transfer, or disclosure of Google user data
We may share Google user data only where necessary to provide, maintain, secure, troubleshoot, or improve the Glammr booking and calendar integration features you have chosen to use. This may include sharing limited Google user data with trusted service providers who help us operate Glammr, host our systems, maintain calendar synchronisation, provide technical support, monitor security, or troubleshoot technical issues.

These service providers are required to protect Google user data and may only use it to provide services to Glammr. We do not sell Google user data. We do not share, transfer, or disclose Google Calendar data or other Google user data to marketing or analytics partners for advertising, retargeting, personalised advertising, interest-based advertising, unrelated marketing, data brokerage, creditworthiness assessment, lending, AI model training, machine learning model training, or unrelated machine learning purposes.

Where Glammr displays availability to consumers or other users, we may show whether a booking time is available or unavailable. Unless required to provide the booking feature you have chosen to use, we do not display private Google Calendar event details such as event descriptions, personal notes, attendee details, or unrelated calendar content to consumers.

If Glammr is sold, merged, restructured, or involved in a business transaction, Google user data will not be sold as a standalone asset. Any transfer of Google user data in connection with such a transaction will remain subject to this Privacy Policy, Google’s API Services User Data Policy, and any applicable user consent requirements.

We may disclose Google user data where required by law, regulation, court order, or lawful request from a government authority, or where reasonably necessary to protect the rights, safety, security, or integrity of Glammr, our users, or the public.

Storage, security, and protection of Google user data
We take reasonable technical, administrative, and organisational steps to protect Google user data from misuse, interference, loss, unauthorised access, modification, or disclosure.

These measures may include:
- encryption of data in transit;
- encryption of stored data where supported by our systems and service providers;secure storage of OAuth tokens and access credentials;
- access controls that limit Google user data access to authorised personnel and systems;
- least-privilege access practices;authentication and permission controls;logging, monitoring, and security review processes;
- service provider confidentiality and data protection obligations; and
- deletion or de-identification processes for data that is no longer required.

No system is completely secure, but we take reasonable steps to protect Google user data in accordance with applicable privacy and security requirements.

Retention and deletion of Google user data
We retain Google user data only for as long as reasonably necessary to provide the Google Calendar connection, booking synchronisation, availability management, security, troubleshooting, legal compliance, and support services described in this Privacy Policy.

If you disconnect Google Calendar from Glammr, revoke Glammr’s access through your Google Account, or close your Glammr account, we will stop accessing your Google Calendar data.

We will delete or de-identify stored Google user data within a reasonable period, unless we are required or permitted to retain limited information for legal, security, fraud prevention, dispute resolution, backup, or legitimate business record purposes.

You can request deletion of Google user data associated with your Glammr account by contacting us at privacy@glammr.vip.

10. Children

Glammr is not intended for children under 16. We do not knowingly collect personal information from children.

11. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website with the updated date.

12. Additional information for individuals in the European Economic Area (EEA)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, and you access or use Glammr, this section applies to you in addition to the rest of this Privacy Policy.

Legal basis for processing
We process your personal information under the following legal bases:
- Performance of a contract
— to provide the Services you request (such as creating an account, facilitating bookings, and processing payments).
- Legitimate interests — to operate, improve, and promote Glammr, ensure platform security, prevent fraud, and understand how our Services are used.
- Consent — where required, for example for certain marketing communications or cookies.
- Legal obligation — where we are required to comply with applicable laws.

Your rights
You have the right, subject to certain conditions, to:
- Access your personal data
- Request correction or deletion of your data
- Object to or restrict processing
- Request data portability
- Withdraw consent where processing is based on consent
You can exercise these rights by contacting us using the details in the “Contact us” section.

International transfers
Your personal information may be transferred to and processed in countries outside the EEA, including Australia. Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place, such as contractual protections or recognised transfer mechanisms.

Supervisory authority
If you are in the EEA and have concerns about how we handle your personal data, you also have the right to lodge a complaint with your local data protection authority.

13. Contact us

If you have questions, concerns, or complaints about privacy, please contact us:

Glammr
Email: privacy@glammr.vip
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).