Privacy Policy
At reSEAT, your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our services.
Information we collect
We collect the following information when you use reSEAT:
Information from your fitness studio platform (via Mariana Tek)
Account identifiers (user ID, email address).
Profile details like name.
Reservation and booking information (class IDs, reservation IDs, booking status).
Membership tier or eligibility.
Information you provide
Preferred seats, including ranked seat choices.
Notification preferences and communication settings.
Information collected automatically
Device information (IP address, browser type, OS).
Usage details such as pages visited or actions taken.
Log data used for debugging and security.
We do not collect passwords. Authentication is handled directly through your fitness studio via OAuth.
How we use your information
We use your information to:
Automatically move you into your preferred spot when it becomes available.
Display seat availability and class information.
Improve accuracy and performance of seat optimization.
Provide customer support and troubleshoot issues.
Send service updates, confirmations, and notifications related to your reservations.
We do not use your data for advertising.
We do not sell your personal information.
How we share your information
We only share your information with:
Your fitness studio
To complete reservation changes on your behalf.
To enable features they approve (e.g., VIP upgrades).
Studios may also receive high-level, anonymized analytics.
Trusted service providers
We work with third-party providers who help us operate reSEAT:
Vercel (application hosting)
Supabase (database and authentication infrastructure)
Inngest (background job processing)
SendGrid (email delivery)
These providers may access limited data only as needed to perform their services and are contractually required to protect it.
Mariana Tek
We access your MT data only with your permission via OAuth.
We act as a processor, and your fitness studio remains the data controller of your reservation data.
Legal requirements
We may disclose information if required by law, court order, or regulatory request.
We never share, sell, or transfer your personal information for advertising or marketing purposes.
Data security
We use industry-standard security practices to protect your data:
End-to-end encryption (HTTPS/TLS 1.3).
Encryption at rest (AES-256-GCM) for tokens and sensitive data.
OAuth 2.0 with PKCE for authentication.
Webhook signature validation.
Strict access controls and secure, read-only API access.
Your fitness studio accounts remain read-only. We cannot access, withdraw, or modify billing or payment information.
Data retention
We store your data only as long as necessary:
Account information — until you delete your account.
Seat preferences — until you change or remove them.
Seat move history — 30 days.
Logs for debugging/security — 7–90 days depending on type.
You may request deletion at any time.
Your rights
You may:
Request access to the personal data we hold.
Correct or update your information.
Delete your data or close your account.
Withdraw consent for optional features (e.g., notifications).
Export your data in a portable format.
To exercise your rights, contact privacy@reseat.com.
We respond within 30 days.
Changes to this policy
We may update this policy to reflect service changes or legal requirements.
We will notify you of significant updates via email or in-app messages.
Cookies
We may update this We use essential cookies for:
Authentication
Security (CSRF protection)
Basic session management
We do not use advertising cookies or cross-site tracking. to reflect service changes or legal requirements.
We will notify you of significant updates via email or in-app messages.
Contact us
If you have questions or concerns, please contact us at:
reSEAT Privacy Team
Email: privacy@reseat.com
For general support: support@reseat.com
