Privacy and security

3 min read · Updated April 13, 2026 · Written by the OVIAH Team

Overview

OVIAH never stores payment card details — all payments go through Stripe or Square via OAuth, and client data is scoped only to your account.

Payment security

OVIAH never stores your credit card numbers or your clients' payment details. All payment processing is handled through Stripe or Square via secure OAuth connections. When you connect your account, you authorize OVIAH through the provider's own login flow — your credentials are never shared with us.

Payment links are unique, token-based, and expire after 7 days. They can only be used once and are tied to a specific booking.

Client data

Client profiles are stored securely and scoped to your account — no other business on OVIAH can see your clients. You control what data you collect and how it's used.

•

Communication preferences

Clients can set their preference to email, SMS, both, or none. OVIAH respects these settings automatically when sending reminders and follow-ups.

•

Cycle data

Cycle-aware booking is fully opt-in. Clients must explicitly consent before any cycle data is collected. This data is used only for appointment timing suggestions and is never shared externally.

•

Blocking and removal

You can block clients from booking and delete client records. Blocking records the reason and timestamp for your reference.

Account security

OVIAH uses secure session management powered by Supabase. Authentication supports SSO with RS256 JWT tokens for enterprise and platform integrations.

Your dashboard is protected by authentication — no one can access your business data, client list, or calendar without logging into your account.

Tip

Use a strong, unique password for your OVIAH account and don't share your login credentials. If you suspect unauthorized access, change your password immediately and contact support@oviah.io.

Data you control

You can export your client list at any time from the Clients tab. Revenue and booking data can be exported as CSV from the Reports tab. Your data belongs to you — OVIAH is the platform, not the owner of your business information.