This Privacy Policy explains how The Beauty Bell (“we”, “us”, “our ”) collects and processes your personal data when you use our mobile apps (iOS/Android) and website (the “Services”).
Controller: Ahmet Basli (The Beauty Bell) Email: [email protected]
Domain: https://beautybell.app
Jurisdiction / Governing law: Indonesia (venue: Jakarta)
Language: English controls in case of conflict with Bahasa Indonesia
What We Collect
We collect the following categories of data, depending on how you use the Services.
- Account & Identity (All Users)
Use: account creation/login, identification, security
Basis: contract necessity; legitimate interests (fraud/security)
- Contact Details (All Users)
Use: booking coordination, transactional notifications, support Basis: contract necessity
- Eligibility / Age (Customers)
Use: age gating (18+), eligibility verification Basis: legal obligations; contract necessity
- Customer Profile & Addresses (Customers)
Use: map display, booking address and discovery, account management
Basis: contract necessity; consent for device location (see 2.6)
- Artist Profile (Artists)
Use: marketplace listing; quality/safety; blacklist enforcement after repeated accepted-then- canceled bookings
Basis: contract necessity; legitimate interests (platform integrity and safety)
- Location (Customers & Artists)
Use: show booking location; discovery; on-map features
Basis: consent (OS-level for location); contract necessity for address data
Note: We do not collect background location. If we add background tracking in the future, we will request additional consent and update this Policy.
- Media (Customers & Artists)
Use: identity and listing content
Basis: consent (upload action); contract necessity (listing)
- Notifications (All Users)
Use: transactional pushes (booking status, acceptance, payouts) Basis: contract necessity; consent at OS level
- Payments & Payment Hold (All Users; Artists for payouts)
Use: accept payments, payment hold via our payment partner (Xendit), automatic release after the completion window (3 hours after completion unless a support ticket blocks), withdrawals, refunds/voids
Basis: contract necessity; legal obligations (financial/tax)
Note: We do not store raw card/wallet PAN. We store provider tokens/ids from Xendit.
- KYC / Verification (Artists)
Use: compliance, fraud prevention, payout eligibility, and confirmation of consent to contractual terms.
Basis: legal obligations; legitimate interests (trust/safety); contract necessity (agreement signature).
Note: ID cards and signatures are collected securely through verified online signing platforms (e.g., Lumin or equivalent) and stored in encrypted form. They are used solely for verification and legal compliance.
- Support & Disputes (All Users)
Use: resolve issues; coordinate refunds/chargebacks; temporarily block auto-transfer while a ticket is open
Basis: contract necessity; legitimate interests
- Devices & Security (All Users)
Use: notifications, session/account association, localization, fraud/security, debugging
Basis: contract necessity; legitimate interests (security/service continuity)
- Analytics / Ads
Future tools (e.g., Google Tag Manager) will be added only with notice/consent where required, and this Policy will be updated.
- Agreement and Signature (Artists)
Use: confirmation of legal consent to Beauty Bell partnership terms; prevention of impersonation or unauthorized use; record-keeping for compliance and dispute resolution.
Basis: contract necessity; legal obligations; legitimate interests (proof of consent and authenticity).
Note: Signatures are collected via secure third-party electronic signing tools (e.g., Lumin) integrated with our document sharing process. Signed copies are stored securely and accessible to both parties.
How We Use Personal Data
- Provide and operate the Services (search, booking, messaging/notifications, maps)
- Payments and payment hold via our payment partner (capture, hold, refund/void, automatic release to artists)
- Payouts to artists (via Xendit; artist bears payout fee per Xendit’s terms)
- Identity verification and fraud/safety (including blacklist enforcement)
- Customer support and dispute resolution (including chargebacks with Xendit)
- Security, monitoring, debugging, and service integrity
- Compliance with law and tax/accounting obligations (PPN/VAT on platform fees)
- Platform fee: 15% of service totalPrice; PPN/VAT 11% on the platform fee only; amounts rounded up to IDR integer.
- Customer charge: grandTotal = totalPrice + platformFee + VAT.
- Payment release: sends booking.totalPrice to the artist’s Xendit account (platform keeps platformFee + VAT).
- Payout fees: Xendit payout fee (e.g., IDR 2,500) is borne by the artist and may change per Xendit’s current pricing.
- Artist taxes: artists are responsible for their own taxes on services; platform does not withhold on payouts.
- Wallets supported: OVO and DANA (via Xendit). Cards are not enabled now.
- Contract necessity: to provide the Services you request (accounts, bookings, payments/payouts).
- Legitimate interests: platform integrity, fraud/security, service improvement, customer support.
- Consent: device location “when in use”, notifications at OS level, media uploads; future analytics/marketing if introduced.
- Legal obligations: tax/accounting, KYC/AML where applicable.
We share data with service providers under contracts that require appropriate safeguards:
- Microsoft Azure (East Asia): hosting, DB, logs
- Cloudflare R2 + Cloudflare CDN: media/object storage and CDN
- Google Maps SDK: map display and geolocation features
- APNs / FCM / Expo Notifications: push notifications
- Xendit XenPlatform: payments, payment hold, refunds, payouts, and where applicable, KYC
- OVO, DANA: e-wallet payment rails (through Xendit)
- Zoho Mail: email services for support/notifications
We do not sell personal data.
International TransfersYour data may be processed or stored outside Indonesia (e.g., Azure region, Cloudflare CDN, APNs/FCM infrastructure).
We use contractual and technical safeguards appropriate to the transfer and will update this Policy if transfer practices materially change.
Retention
- Account/profile data: life of account + 30 days for operational close-out; backups/logs per system cycles
- Bookings/payments records: 5 years (or longer if legally required)
- KYC/verification (including ID cards and signed agreements): 5 years after last use or as required by law
- Support tickets: 2 years after resolution
- Security/usage logs: up to 30 days
- Device tokens/media/addresses: until removed or account deletion
We may retain limited information as required by law or for the establishment, exercise, or defense of legal claims.
ChildrenThe Services are intended for adults (18+). We do not knowingly collect personal data from children.
If you believe a child has provided data, contact us at [email protected] for deletion.
Your Rights
Subject to applicable law, you may request:
- Access to your data; correction; deletion
- Portability (where applicable)
- Withdrawal of consent (e.g., location permissions) without affecting prior processing
- Restriction or objection to certain processing (where applicable)
Deletion requests will be honored promptly, subject to legal/financial record-keeping obligations (e.g., maintaining transaction records for 5 years).
Device Permissions (Mobile)
- Location (When in Use): to show map and booking locations
- Photos: to upload profile/service images
- Camera: to take profile/service images (no background recording)
- Notifications: transactional booking/payment updates
If we add new permissions, we will request consent and update this Policy.
Safety and Enforcement
- We may temporarily block automatic payment release via our payment partner while a support ticket is open.
- Artists who cancel accepted bookings three times (not necessarily consecutively) may be blacklisted until support reactivation.
- We may suspend or terminate accounts for fraud, abuse, or policy violations (see Terms).
We use industry-standard technical and organizational safeguards (including encryption in transit and access controls) to protect your information.
We continually improve our security measures and promptly address potential issues.
Prohibited Content / Services (Summary)
This marketplace is for beauty services.
Prohibited categories include illegal activities, dangerous or harmful services, medical/clinical procedures requiring licensing, adult/sexual content, and any service violating law or our policies.
We may expand permitted categories later (e.g., dog grooming/barber, massage) in line with law and store policies.
Changes to This Policy
We may update this Policy to reflect changes in our practices or legal requirements.
We will post the updated version at https://beautybell.app/privacy and adjust the “Effective date” above.
Where required, we will seek consent for material changes.
October 2025 Update:
We now collect artists’ ID cards and electronic signatures on partnership agreements to strengthen verification, compliance, and transparency.
Contact
Email (General / Support / Privacy): [email protected]
If you have concerns about our handling of personal data, please contact us. We will work to resolve your inquiry promptly.
Jurisdiction and Language
This Policy is governed by the laws of Indonesia, with exclusive venue in Jakarta.
In case of any discrepancy between language versions, the English version controls.