B&WBeauty & Wellness BOS
PlansSoloBusinessDemoTermsPrivacyRefund
See plans

On this page

  • Scope
  • Who we are
  • Our role in relation to your data
  • When Voltalyze acts as a controller
  • When Voltalyze acts as a processor or service provider
  • Categories of personal data
  • How we use personal data
  • Legal bases and processing grounds where applicable
  • Sensitive or health-related data
  • Marketing and unsubscribe choices
  • Data sharing
  • International transfers
  • Security
  • Retention
  • Your rights
  • Children
  • External sites and integrations
  • Changes to this Policy
  • Contact and complaints

Voltalyze Beauty & Wellness Operating System

Privacy Policy

This Privacy Policy explains how VOLTALYZE PTE. LTD., trading as Voltalyze (UEN 202554078Z), collects, uses, stores, shares, protects, and otherwise processes personal data in connection with the Voltalyze website, demos, support channels, billing, and the Voltalyze Beauty & Wellness Operating System. Voltalyze is based in Singapore at 2 Venture Drive, 19-21, Vision Exchange, Singapore 608526.

Effective:
1 January 2026
Last updated:
17 May 2026

At a glance

  • Voltalyze is VOLTALYZE PTE. LTD. (UEN 202554078Z), registered in Singapore.
  • Voltalyze is the controller for its own website, sales, demos, billing, and support data, and a processor or service provider for data inside client deployments.
  • Client deployment data is archived for up to 12 months after cancellation, unless longer retention is required or justified.
  • Support: support@voltalyze.com · Legal: claudiu@voltalyze.com · Phone: +353 87 005 4734.
  • To exercise a rights request against Voltalyze as controller, email claudiu@voltalyze.com. If your request concerns data held by one of our clients, contact that client first.

Scope

This Privacy Policy applies to:

  • voltalyze.com and related Voltalyze-operated pages
  • lead capture, sales, demo, onboarding, support, and billing interactions
  • Voltalyze-administered service operations
  • client deployments operated by Voltalyze, to the extent Voltalyze acts as a controller of its own operational data

This Privacy Policy does not replace a client's own customer-facing privacy notice for the client's business. If you book with, buy from, work for, or otherwise interact with one of our clients through a Voltalyze-powered deployment, that client may have its own privacy notice that also applies.

Who we are

Controller for Voltalyze business operations:

  • VOLTALYZE PTE. LTD.
  • Trading name: Voltalyze
  • UEN: 202554078Z
  • Registered address: 2 Venture Drive, 19-21, Vision Exchange, Singapore 608526
  • Legal contact: claudiu@voltalyze.com
  • Support contact: support@voltalyze.com
  • Public phone: +353 87 005 4734

Our role in relation to your data

Voltalyze may act in different data roles depending on the context.

Roles overview
ContextVoltalyze's roleWho controls / who to contact
Voltalyze website, demos, sales, support, billing, marketingControllerVoltalyze — claudiu@voltalyze.com
Customer, staff, booking, treatment, review, payment-status data inside a client deploymentProcessor / service providerThe relevant client — contact that client first
Service security, audit, fraud-prevention, and operational logsControllerVoltalyze — claudiu@voltalyze.com

Roles overview

Context
Voltalyze website, demos, sales, support, billing, marketing
Voltalyze's role
Controller
Who controls / who to contact
Voltalyze — claudiu@voltalyze.com
Context
Customer, staff, booking, treatment, review, payment-status data inside a client deployment
Voltalyze's role
Processor / service provider
Who controls / who to contact
The relevant client — contact that client first
Context
Service security, audit, fraud-prevention, and operational logs
Voltalyze's role
Controller
Who controls / who to contact
Voltalyze — claudiu@voltalyze.com

When Voltalyze acts as a controller

Voltalyze generally acts as a controller for personal data relating to:

  • website visitors
  • enquiry, demo, and sales leads
  • client account owners and team contacts
  • billing contacts
  • support conversations
  • service security, audit, fraud-prevention, and operational logs
  • marketing preferences for Voltalyze's own communications

When Voltalyze acts as a processor or service provider

For customer, staff, booking, treatment, review, payment-status, and operational data handled inside a client deployment for that client's own business purposes, the relevant client generally acts as the controller or business and Voltalyze generally acts as a processor or service provider acting on that client's instructions.

End-customer rights requests

If you are an end-customer of one of our clients and want to exercise your rights in relation to booking, profile, treatment, or communication data, contact that client first. Where required, Voltalyze will assist the client in responding.

Categories of personal data

We may process the following categories of personal data, depending on the context.

CategoryExamples
Business and account detailsname, business name, job title, email, phone, account role
Website and enquiry dataform submissions, contact requests, demo requests, messages, traffic and device data where used
Onboarding and setup databranding assets, business profile details, services, pricing, staff details, hours, domain and setup information
Client operational databooking records, appointment notes, customer details, staff details, service history, review records, waitlist entries
Payment and billing databilling contact details, transaction references, payment status, invoices, subscription status
Communications dataemail, WhatsApp, support history, call records or message records where applicable
Security and technical datalogin events, audit logs, IP address, device or browser information, error logs
Marketing preference dataopt-in status, unsubscribe status, communication preferences
Health-related or treatment-related data where enabled by a clientallergy information, patch-test status, treatment notes, service suitability notes
Category
Business and account details
Examples
name, business name, job title, email, phone, account role
Category
Website and enquiry data
Examples
form submissions, contact requests, demo requests, messages, traffic and device data where used
Category
Onboarding and setup data
Examples
branding assets, business profile details, services, pricing, staff details, hours, domain and setup information
Category
Client operational data
Examples
booking records, appointment notes, customer details, staff details, service history, review records, waitlist entries
Category
Payment and billing data
Examples
billing contact details, transaction references, payment status, invoices, subscription status
Category
Communications data
Examples
email, WhatsApp, support history, call records or message records where applicable
Category
Security and technical data
Examples
login events, audit logs, IP address, device or browser information, error logs
Category
Marketing preference data
Examples
opt-in status, unsubscribe status, communication preferences
Category
Health-related or treatment-related data where enabled by a client
Examples
allergy information, patch-test status, treatment notes, service suitability notes

We do not intentionally ask for more personal data than is reasonably needed for the relevant purpose.

How we use personal data

We use personal data for the following purposes.

PurposeExamples
To operate our website and respond to enquiriescontact forms, demo requests, follow-up messages
To onboard and configure the Servicesetup, branding, business configuration, domain linking
To provide the Servicehosting, booking flows, account access, reminders, support, reporting
To administer subscriptions and billingpayments, invoices, arrears, account status
To protect the Service and usersauthentication, fraud prevention, abuse prevention, audit logs, incident response
To improve and maintain the Servicediagnostics, support analysis, troubleshooting, service planning
To send service communicationsonboarding updates, support responses, billing notices, legal notices
To send Voltalyze marketing communications where lawfulproduct updates, founder offers, commercial announcements
Purpose
To operate our website and respond to enquiries
Examples
contact forms, demo requests, follow-up messages
Purpose
To onboard and configure the Service
Examples
setup, branding, business configuration, domain linking
Purpose
To provide the Service
Examples
hosting, booking flows, account access, reminders, support, reporting
Purpose
To administer subscriptions and billing
Examples
payments, invoices, arrears, account status
Purpose
To protect the Service and users
Examples
authentication, fraud prevention, abuse prevention, audit logs, incident response
Purpose
To improve and maintain the Service
Examples
diagnostics, support analysis, troubleshooting, service planning
Purpose
To send service communications
Examples
onboarding updates, support responses, billing notices, legal notices
Purpose
To send Voltalyze marketing communications where lawful
Examples
product updates, founder offers, commercial announcements

Legal bases and processing grounds where applicable

Where laws such as the GDPR or UK GDPR apply, we may rely on one or more of the following legal bases:

  • performance of a contract or steps taken before entering into a contract
  • compliance with a legal obligation
  • legitimate interests, where those interests are not overridden by your rights and interests
  • consent, where consent is required or where we choose to rely on consent

Examples:

  • enquiry handling and demos may rely on pre-contract steps or legitimate interests
  • account administration, onboarding, support, and billing may rely on contract performance
  • compliance, records, and fraud prevention may rely on legal obligation or legitimate interests
  • Voltalyze marketing emails may rely on consent or another lawful basis allowed by applicable law
  • where a client enables health-related treatment notes or similar data in a deployment, the client is generally responsible for the underlying legal basis for that processing

Sensitive or health-related data

Some client deployments may include allergy notes, patch-test status, treatment notes, or similar service-related information. In some jurisdictions, such data may be considered health-related or otherwise sensitive.

Client-enabled sensitive fields

Voltalyze does not require clients to collect this type of data unless the client chooses to enable or use relevant features. If such data is used, Voltalyze processes it within the scope of the Service and subject to the client's instructions, technical safeguards, and applicable law.

Marketing and unsubscribe choices

Voltalyze may send the following categories of communications:

  • operational and transactional messages, such as support, billing, setup, and legal notices
  • product or commercial communications about Voltalyze, where lawful
  • client-controlled customer communications sent through the client's deployment, such as reminders, review requests, and marketing messages, where the client configures and authorizes them

You can unsubscribe from Voltalyze marketing communications at any time using the unsubscribe link in the message or by contacting us.

Clients are responsible for ensuring they have lawful consent or another lawful basis to send marketing communications to their own customers and contacts.

Data sharing

We may share personal data with:

  • hosting, infrastructure, database, and security providers
  • authentication, email, communications, analytics, and support providers
  • payment processors and billing providers
  • professional advisers, auditors, insurers, or legal counsel
  • regulators, law enforcement, courts, or authorities where required by law
  • relevant clients, where a request relates to a client deployment and the client is the controller

We do not share personal data more broadly than reasonably necessary for the relevant purpose.

International transfers

Cross-border processing

Voltalyze is based in Singapore, and personal data may be processed in Singapore and in other countries where Voltalyze, its infrastructure providers, or its subprocessors operate. Where required by applicable law, we use appropriate safeguards for international transfers — these may include contractual safeguards, transfer mechanisms, or equivalent protective measures appropriate to the transfer context.

If you need more information about relevant transfer safeguards, contact us at support@voltalyze.com.

Security

We use technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, misuse, or destruction. These measures may include:

  • access controls and role-based permissions
  • authentication controls
  • encrypted transmission where appropriate
  • logging and audit trails
  • backups and recovery controls
  • principle-of-least-privilege access
  • vendor and infrastructure controls
  • incident response processes

No method of transmission or storage is completely risk-free, but we work to maintain a security level appropriate to the nature of the data and risks involved.

Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Policy, including for support, operational continuity, security, disputes, unpaid fees, audit, legal compliance, and record-keeping. Standard retention approach:

Data typeTypical retention approach
Sales and enquiry recordsretained for a reasonable commercial follow-up and record period
Account, billing, and support recordsretained while the account is active and for a reasonable period afterward
Client deployment data after cancellationarchived and retained for up to 12 months after cancellation, unless longer retention is required or justified
Backups and system logsretained according to operational, security, and backup rotation needs
Marketing preference recordsretained as needed to respect opt-out and compliance records
Data type
Sales and enquiry records
Typical retention approach
retained for a reasonable commercial follow-up and record period
Data type
Account, billing, and support records
Typical retention approach
retained while the account is active and for a reasonable period afterward
Data type
Client deployment data after cancellation
Typical retention approach
archived and retained for up to 12 months after cancellation, unless longer retention is required or justified
Data type
Backups and system logs
Typical retention approach
retained according to operational, security, and backup rotation needs
Data type
Marketing preference records
Typical retention approach
retained as needed to respect opt-out and compliance records

Where personal data is no longer needed in identifiable form, we may delete, suppress, de-identify, or archive it, subject to legal and operational needs.

Data export may be available to clients, but Voltalyze may restrict export where there are unpaid arrears, subject to applicable law.

Your rights

Depending on the law that applies to you and the context of the processing, you may have rights including:

  • access
  • correction or rectification
  • deletion or erasure
  • restriction
  • objection
  • portability
  • withdrawal of consent where consent is the basis
  • complaint to a supervisory or regulatory authority

If Singapore PDPA applies, you may in particular have rights relating to access and correction, subject to applicable exceptions.

If GDPR or UK GDPR applies, you may also have rights to erasure, restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority, subject to the conditions and limitations in those laws.

To exercise a rights request relating to Voltalyze's own controller activities, contact claudiu@voltalyze.com or support@voltalyze.com.

If your request concerns data processed on behalf of one of our clients, contact that client first. Voltalyze may ask you to do so where appropriate.

Children

Voltalyze is a B2B service and is not directed at children. We do not knowingly market the Service directly to children.

A client may decide to use the Service in contexts where appointment data may involve minors. In those cases, the client is responsible for ensuring lawful collection and use of that data.

External sites and integrations

Voltalyze pages or deployments may link to third-party websites or services. This Privacy Policy does not govern third-party sites, products, or services that Voltalyze does not control.

Changes to this Policy

We may update this Privacy Policy from time to time. The latest version will be posted on the relevant page with an updated effective date or last updated date where appropriate.

Contact and complaints

  • General privacy and legal contact: claudiu@voltalyze.com
  • Support: support@voltalyze.com
  • Public phone: +353 87 005 4734
  • Registered entity: VOLTALYZE PTE. LTD., UEN 202554078Z, 2 Venture Drive, 19-21, Vision Exchange, Singapore 608526

If you are not satisfied with our response, you may have the right to complain to the relevant data protection or privacy regulator in your jurisdiction.

Next steps

Explore the product, talk to the team, or write to us directly.

Product overviewBook a walkthroughRequest founder offer

Contact

  • support@voltalyze.com
  • claudiu@voltalyze.com

Registered office

VOLTALYZE PTE. LTD., 2 Venture Drive, 19-21, Vision Exchange, Singapore 608526

B&W
Voltalyze Beauty & Wellness BOS · © 2026 VOLTALYZE PTE. LTD.
PlansSoloBusinessTermsPrivacyRefundsupport@voltalyze.com