Privacy Policy

Effective Date: July 4, 2026 | Last Updated: July 4, 2026

Enterprise Ultra ("Enterprise Ultra," "we," "us," or "our") operates the online booking, client-intake, and appointment-messaging platform (the "Platform") used by independent wellness and personal-care businesses — including massage therapy, reflexology, and nail and salon services. This Privacy Policy describes how Enterprise Ultra collects, uses, and protects personal information when you use the Platform to book and manage appointments.

Who does what. Enterprise Ultra provides the technology — this website, the booking flow, the intake forms, and appointment reminders — and stores your information securely. The business you booked with (the "Provider") is the independent business that delivers your service and is responsible for your care. The Provider presents its own treatment consent and booking/cancellation policies at the time of booking; those govern your service relationship with that business.

1. Information We Collect

We collect personal information that you voluntarily provide when you:

We also automatically collect certain technical information when you use the Platform, including IP address, browser type, and pages visited, through standard web server logs.

2. How We Use Your Information

We use personal information to:

3. Information Sharing

We do not sell, rent, or trade your personal information.

We share your information only in the following limited circumstances:

4. SMS / Text Messaging

By providing your phone number and booking an appointment or creating an account, you consent to receive transactional SMS messages that Enterprise Ultra sends on behalf of the business you booked with, including appointment confirmations and reminders, account notifications, and customer-care responses. Message frequency varies based on your appointment activity. Message and data rates may apply. You may opt out at any time by replying STOP. Reply HELP for assistance. We do not send marketing or promotional messages without separate explicit consent.

5. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information in accordance with 201 CMR 17.00 (Massachusetts Standards for the Protection of Personal Information), including encryption in transit (TLS/SSL), need-to-know access controls, secure password hashing, and regular review of security practices.

6. Data Breach Notification

In the event of a breach of security involving your personal information, we will provide notice in accordance with Massachusetts General Laws Chapter 93H and 201 CMR 17.04, including notification to affected individuals and the Massachusetts Attorney General's Office and the Office of Consumer Affairs and Business Regulation.

7. Your Rights

You have the right to request access to, correction of, or deletion of your personal information (subject to legal retention requirements), to opt out of SMS by replying STOP, and to opt out of email via the unsubscribe link. To exercise these rights, contact us using the information below; requests concerning your treatment records may be directed to us or to the business you booked with.

8. Data Retention

We retain personal information only as long as necessary to provide the Platform, comply with legal and regulatory obligations, and establish, exercise, or defend legal claims.

Client treatment records. Where the Provider's profession imposes a records-retention obligation, records are retained for at least that period on the Provider's behalf. For Massachusetts massage therapy, that period is a minimum of seven years from the date of the last client encounter (269 CMR 6.06); records for clients who received services before age two are retained until the client reaches age nine. Records are maintained with secure back-ups.

Account and transaction records are retained while your account is active and for the period required to meet tax, accounting, and recordkeeping obligations.

Retention for legal claims. Because claims arising from personal-care services may be brought under extended statutes of limitations, we retain a minimum record set for the establishment, exercise, or defense of such claims, governed by the longest applicable statute of limitations.

Deletion requests. Upon request we will inactivate the account, remove it from active use, and restrict internal access. Underlying records are preserved to meet the retention obligations described above and are purged in the ordinary course once no retention basis remains.

9. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. A parent or legal guardian may provide information and consent on behalf of a minor where the business you booked with offers services to minors. If we become aware that we have collected information from a child under 18 other than through a guardian, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date above indicates the most recent revision. Continued use of the Platform after changes constitutes acceptance of the updated policy.

11. Contact

About the Platform (booking, account, data, messaging) — Enterprise Ultra:
Email: info@enterpriseultra.com · Web: www.enterpriseultra.com

About your service or treatment records — the business you booked with:
The business you booked with