Privacy Policy

Last updated: 04/06/2026

1. Introduction & Scope

Welcome to Glamour, operated by Qubit Innovations ("we", "our", or "us"). Glamour is a platform that connects users ("Clients") with beauty centers, making it easy to discover services, book appointments, and access exclusive offers.

This Privacy Policy applies to all users of our services, including:

  • Clients — individuals who use the Glamour mobile app (iOS & Android) or web app at app.glamour.tn to browse and book beauty services.
  • Professionals / Partners ("Pros") — beauty center owners and staff who use the Glamour Pro app to manage their business.

By using our services, you agree to the practices described in this policy. If you do not agree, please discontinue use.

2. Information We Collect

We collect only what is necessary to deliver our services. The information collected depends on whether you are a Client or a Pro.

For all users:

  • Account data: Phone number (primary account identifier), full name, email address (optional), and profile photo.
  • Authentication data: We use phone-number login with a one-time passcode (OTP). The code is sent via WhatsApp (primary channel) or SMS (fallback). We do not use passwords; we retain only verification metadata (number, timestamp, delivery status), never the code itself beyond its validity window.
  • Device & technical data: Device type, operating system version, IP address, browser type, app version, unique device identifiers, and push notification token.
  • Usage data: Pages visited, features used, time spent, clicks, and in-app behavior.
  • Communications & AI messages: Messages you send us via email, in-app chat, or support channels, and the content of conversations processed by our automated assistant (see the "Artificial Intelligence Features" section).

For Clients only:

  • Booking data: Appointment history, selected services, preferred salons, and booking preferences.
  • Location data (optional): Approximate or precise location, used only to show nearby beauty centers via a mapping and geolocation provider. You may disable this at any time in your device settings.
  • Reviews and ratings: Text and star ratings you voluntarily leave for beauty centers.

For Pros only:

  • Business information: Salon name, address, tax registration number (MF), bank account details (RIB) for commission payouts.
  • Staff data: Names, roles, and schedules of team members you add to the platform (you are responsible for obtaining their consent).
  • Client data you manage: Contact details and appointment history of your own clients imported into Glamour Pro.
  • Meta connection — Instagram & WhatsApp (optional): If you enable message automation, we collect and store the identifiers of your Instagram Professional account / Facebook Page and/or your WhatsApp Business account, along with an access token issued by Meta via OAuth, in order to manage your messages (Instagram DMs and WhatsApp Business conversations) on your behalf. See the "Instagram & WhatsApp Message Automation" section.
  • Analytics and financial data: Revenue reports, occupancy rates, and commission invoices generated within the platform.

3. How We Collect Your Information

We collect information in the following ways:

Directly from you: When you register, verify your number via OTP, set up your profile, book an appointment, leave a review, or contact support.

Automatically — Web App (app.glamour.tn):

  • Browser cookies, local storage, and session tokens (see our Cookie Policy).
  • Technical logs and aggregated usage metrics generated by our own infrastructure.

Automatically — Mobile Apps (iOS & Android):

  • Push notification tokens, managed via a push notification provider, when you grant notification permissions.
  • Location data via GPS or network-based location services, used with a mapping and geolocation provider (only when the app is in use and you have granted permission).
  • Non-advertising device identifiers, used for session management and fraud prevention.
  • App permissions: camera and storage (to upload salon photos — Pros only), notifications, and location.

We do not collect advertising identifiers (IDFA/GAID) and do not use third-party advertising SDKs.

From third parties: Meta (when a Pro connects their Facebook Page / Instagram account), or publicly available business directory information (for pre-verified salon profiles).

4. How We Use Your Information

We use your data for the following purposes:

Providing the service:

  • Creating and managing your account, and verifying your identity via OTP (WhatsApp/SMS).
  • Processing and confirming bookings (Client's name, phone, and service details are shared with the booked Pro).
  • Sending appointment reminders via push notifications and WhatsApp/SMS messages.
  • Enabling Pros to manage their calendar, team, and client list.

Platform improvement:

  • Analyzing usage patterns from aggregated, anonymized metrics produced by our own infrastructure to improve features and fix bugs.

Artificial Intelligence features:

  • Processing messages via an AI processing provider to power the conversational assistant and automated replies. See the dedicated AI section for applicable limits and safeguards.

Communication:

  • Responding to your support requests.
  • Sending transactional messages (booking confirmations, cancellation notices, commission invoices for Pros).
  • Sending promotional messages (with your consent where required by law).

Safety & compliance:

  • Detecting and preventing fraud, abuse, or unauthorized account access.
  • Enforcing our Terms of Use and applicable law.

For Pros specifically:

  • Generating revenue analytics, occupancy reports, and commission calculations.
  • Automatically managing your Instagram direct messages (DMs) and WhatsApp Business conversations on your behalf, when you have connected your account via Meta (see the "Instagram & WhatsApp Message Automation" section).
  • Enabling marketing campaigns (WhatsApp/SMS) to your own clients (on your request and your responsibility).
  • Displaying your public profile (salon name, address, services, photos, reviews) on the Glamour Client app.

5. Legal Basis for Processing (GDPR/UK GDPR)

If you are located in a jurisdiction covered by the GDPR or UK GDPR, we process your personal data on the following legal bases:

| Purpose | Legal Basis | |---|---| | Account creation and OTP verification (WhatsApp/SMS) | Performance of a contract (Art. 6(1)(b)) | | Sending booking reminders (push/WhatsApp/SMS) | Performance of a contract (Art. 6(1)(b)) | | Instagram & WhatsApp message automation (Pros) | Performance of a contract with the Pro (Art. 6(1)(b)) | | Conversational AI features | Performance of a contract / Legitimate interests (Art. 6(1)(b)/(f)) | | Analytics and platform improvement | Legitimate interests (Art. 6(1)(f)) | | Marketing communications | Consent (Art. 6(1)(a)) | | Fraud prevention and security | Legitimate interests (Art. 6(1)(f)) | | Legal compliance (invoicing, etc.) | Legal obligation (Art. 6(1)(c)) |

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing. To withdraw consent, update your preferences in the app settings or contact us at support@glamour.tn.

6. Sharing & Disclosure of Information

We do not sell your personal data. We share it only in the following limited circumstances:

With Pros (for Clients): When you book an appointment, your name, phone number, service request, and booking time are shared with the relevant beauty center so they can fulfill the service.

With Clients (for Pros): Your salon's name, address, services, prices, photos, and aggregate ratings are publicly visible on the Glamour Client app.

With service providers (sub-processors): Trusted third-party vendors who help us operate the platform, including:

  • Meta Platforms (WhatsApp Business & Instagram/Facebook): Sending OTP codes via WhatsApp and managing Instagram direct messages for connected Pros.
  • An AI processing provider: Processing messages for the conversational assistant and automated replies.
  • A mapping and geolocation provider: Nearby-center discovery.
  • A push notification provider: Push notification delivery.
  • A cloud storage provider: Secure hosting and storage of files and media (salon photos, etc.).
  • An SMS gateway provider: Fallback delivery of OTP codes and reminders.

All service providers are contractually bound to process data only on our instruction and to maintain appropriate security standards. The full, up-to-date list of our sub-processors, with their role, hosting country, and a link to their privacy policy, is available here: Sub-processors List.

For legal reasons: We may disclose your data if required by law, court order, or to protect the rights, property, or safety of Glamour, our users, or the public.

Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred. We will notify you before your data is subject to a different privacy policy.

7. Cookies, Tracking Technologies & Mobile Identifiers

On the web app (app.glamour.tn): We use cookies, local storage, and similar browser technologies. For full details, see our standalone Cookie Policy.

On the mobile apps (iOS & Android): We use the following technologies:

  • Push notification tokens: Used to deliver appointment reminders and platform updates.
  • Device identifiers (non-advertising): Used for session management and fraud detection.
  • Secure local storage: Keeps your session token so you stay logged in.

We do not use advertising identifiers (IDFA/GAID) or cross-app tracking for advertising purposes. We do not show third-party ads.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:

  • Encryption of data in transit (TLS/HTTPS) and at rest.
  • Access controls and role-based permissions for internal staff.
  • Regular security reviews.
  • Secure credential storage (passwords are hashed and never stored in plain text).

However, no method of transmission over the internet or electronic storage is 100% secure. If you suspect unauthorized access to your account, contact us immediately at support@glamour.tn.

For Pros: Business data (client lists, revenue reports, staff schedules) is access-controlled and visible only to authorized Pro account holders within your organization.

9. Data Retention

We retain your data only for as long as necessary:

| Data Category | Retention Period | |---|---| | Active account data | Duration of account activity | | Booking history | Duration of account + 1 year for support purposes | | Financial/commission records (Pros) | Up to 5 years (legal/accounting obligations) | | Analytics data (anonymized) | Up to 26 months | | Deleted account data | Anonymized within 90 days of deletion request |

When you delete your account, we anonymize or delete your personal data within 90 days, except where retention is required by law (e.g., financial records).

10. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

For all users:

  • Access: Request a copy of the data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure ("Right to be forgotten"): Request deletion of your account and associated data.
  • Data portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request we limit processing of your data in certain circumstances.
  • Withdraw consent: At any time, for processing based on consent.

For California residents (CCPA/CPRA): You have the right to know, delete, correct, and opt out of the sale/sharing of personal information. We do not sell personal data.

How to exercise your rights:

  • Edit your profile directly in the Glamour or Glamour Pro app.
  • Request account deletion via the in-app settings → Account Deletion.
  • Email us at support@glamour.tn with the subject "Data Rights Request".

We will respond to verified requests within 30 days.

11. Children's Privacy

Glamour is not directed at children under the age of 13 (or 16 in jurisdictions where that threshold applies under the GDPR). We do not knowingly collect personal data from children.

If you believe a child has provided us with personal data without parental consent, please contact us at support@glamour.tn and we will delete the information promptly.

Users must be at least 18 years old to book certain services or create a Pro account.

12. International Data Transfers

Glamour primarily targets users in Tunisia. Your data is processed by Qubit Innovations and may be stored on servers operated by our cloud infrastructure partners.

Some of our third-party service providers (notably Meta, along with our AI processing, push notification, mapping, and cloud storage providers) are based outside Tunisia and may process data in the European Union or the United States. Where such transfers occur, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions.

If you have questions about where your data is processed, contact us at support@glamour.tn.

13. Do Not Track / Global Privacy Controls

Web: Our web app does not currently respond to browser-level "Do Not Track" (DNT) signals. However, you can manage analytics and tracking preferences through your browser cookie settings or by using the GPC (Global Privacy Control) signal where supported.

Mobile: You can limit ad tracking or analytics on your mobile device:

  • iOS: Settings → Privacy & Security → Tracking → disable for Glamour.
  • Android: Settings → Google → Ads → Opt out of Ads Personalization.

Disabling tracking signals does not affect your ability to use core Glamour features.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Last updated" date at the bottom of this page.
  • Notify you via an in-app notification or email (for significant changes).

Continued use of Glamour after the effective date of changes constitutes your acceptance of the revised policy.

15. Artificial Intelligence (AI) Features

Glamour uses artificial intelligence technologies provided by an AI processing provider to power a conversational assistant and to automate certain replies (including Pros' Instagram and WhatsApp messages).

  • Processing: Messages you exchange via these features may be sent to this provider to generate a response. This provider acts as a sub-processor and does not use your data to train its models under our integration.
  • Limitations: AI-generated responses may contain errors or inaccuracies and do not constitute professional, medical, cosmetic, or legal advice. Always verify important information (prices, availability, treatments) directly with the beauty center.
  • Human involvement: You can request human assistance at any time by emailing support@glamour.tn. We do not make decisions producing legal effects concerning you based solely on fully automated processing.

16. Instagram & WhatsApp Message Automation (Pros)

For Pros who enable this feature, Glamour manages Instagram direct messages (DMs) and WhatsApp Business conversations on your behalf.

  • Authorization: You connect your Instagram Professional account / Facebook Page and/or your WhatsApp Business account via Meta's OAuth protocol and grant us an access token issued by Meta. You may revoke this access at any time from your Meta account settings or by contacting us.
  • What we process: The content of incoming and outgoing messages (Instagram DMs and WhatsApp conversations), sender identifiers (including their phone number on WhatsApp), and the metadata needed to send replies (manual or AI-automated).
  • Pro's responsibility: As the Instagram and WhatsApp Business account holder, you are responsible for the content sent on your behalf and for informing your clients and followers in accordance with Meta's rules and applicable law.
  • Meta compliance: This feature is subject to Meta's Platform Terms and the WhatsApp Business API policy. Access tokens are used only for the messaging purposes you have authorized.
  • Security: Access tokens are stored encrypted and are never shared with third parties for other purposes.

This is distinct from sending OTP codes via WhatsApp, which is a separate platform-level login feature.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Qubit Innovations — Data Privacy

  • Email: support@glamour.tn
  • Website: www.glamour.tn
  • Address: Qubit Innovations, Rue Omar Kaddeh, Montplaisir, Tunisia

We aim to respond to all privacy-related inquiries within 30 business days.


Last updated: 04/06/2026