Every Social Media

Privacy Policy

How we collect, use, and protect your information when you use our AI DM Concierge service.

Who We Are

Every Social Media provides AI-powered DM automation and booking services for aesthetic and medspa clinics. We help clinics convert Instagram and WhatsApp enquiries into booked consultations with deposits.

Contact: Contact us

What Data We Collect

We collect information that you provide directly to us:

  • Demo requests: Your name, email address, phone number (optional), clinic name, and preferred contact times
  • Service setup: Your clinic's FAQs, pricing information, booking policies, service descriptions, and staff availability
  • Account access: Authorised access tokens for Instagram and WhatsApp Business accounts (we do not store passwords)
  • Booking data: Enquiry messages, appointment details, deposit confirmations, and reminder interactions

How We Use Your Data

We use the information we collect to:

  • Respond to demo requests and schedule consultations
  • Set up and operate your AI DM Concierge service
  • Process enquiries and bookings on your behalf
  • Send booking confirmations and appointment reminders
  • Generate your Weekly Revenue Scorecard and performance reports
  • Improve our services and develop new features
  • Communicate service updates and support information

Legal Basis for Processing (UK/EEA)

We process your data based on:

  • Contract performance: To deliver the services you've engaged us to provide
  • Legitimate interests: To improve our services, prevent fraud, and ensure security
  • Consent: For marketing communications (you can opt out at any time)
  • Legal obligation: To comply with applicable laws and regulations

Data Sharing and Processors

We share data with trusted service providers who help us operate:

  • Hosting: Secure cloud infrastructure providers
  • Email: Transactional email services for confirmations and reminders
  • Analytics: Privacy-focused analytics to understand service usage
  • Payments: Stripe for secure deposit processing
  • Platforms: Meta (Instagram) and WhatsApp Business API for messaging

We do not sell your personal data to third parties.

Data Retention

We retain your data for as long as necessary to provide our services:

  • Active clients: Data is retained throughout our working relationship
  • After service ends: Core records retained for 6 years for legal/accounting purposes
  • Demo enquiries: Retained for 2 years unless you request earlier deletion
  • Message logs: Retained for 90 days for service quality and troubleshooting

Security Measures

We take data security seriously:

  • All data is encrypted in transit (TLS) and at rest
  • Access is restricted on a need-to-know basis
  • We use official Meta and WhatsApp Business APIs with least-privilege permissions
  • Regular security reviews and updates
  • Secure credential management (no hard-coded secrets)

Your Rights

Under UK and EEA data protection law, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal retention requirements)
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Opt out of marketing at any time

To exercise your rights, contact us.

Cookies

Our website uses minimal cookies for essential functionality. We do not use advertising or tracking cookies. Analytics cookies (if used) are privacy-focused and do not identify individual users.

Updates to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or website notice.

Last updated: January 2026

Book a Free Demo