Privacy Policy

Effective Date: 5.7.2026

This Privacy Policy applies to the website https://bookedtocapacity.com (the “Site”) operated by Booked To Capacity, a DBA of Little Red Hen LLC, a Michigan limited liability company (“Booked To Capacity,” “we,” “us,” or “our”). By accessing or using our Site, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our Site.

This policy describes how we handle data in two distinct contexts: (1) data collected from visitors to our Site, and (2) data we access or process on behalf of Clients who engage us for paid marketing services. The two contexts are governed by different practices, both described below.

1. Information We Collect from Site Visitors

Personal Data

  • Identifiers: Name, email address, phone number, business name.
  • Online Identifiers: IP address, device type, browser type and version, operating system.
  • Usage Data: Pages visited, time on page, referring source, and click data.
  • Business Information: Practice details submitted through forms or shared during strategy calls.

Aggregate & De-identified Data

Non-personal data used for site analytics, performance monitoring, and service improvements.

2. Sources of Personal Data

  • Directly from You: When you submit contact forms, book strategy calls, or communicate with us.
  • Automatically: Via cookies, pixel tags, and similar technologies.
  • From Third Parties: Service providers for hosting, analytics, email, and scheduling.

3. How We Use Your Information

  • Service Delivery: Respond to inquiries, schedule consultations, and provide marketing services.
  • Communication: Send service updates, respond to questions, and follow up on consultations.
  • Site Operation & Improvement: Analyze behavior to enhance functionality and develop new features.
  • Marketing: Deliver promotional content if you opt in.
  • Legal & Security: Comply with legal obligations, enforce terms, detect and prevent fraud.

4. Sharing Your Information

We do not sell personal data. We may share data with:

  • Service Providers: Hosting, analytics (e.g., Google Analytics), email, scheduling (Calendly), call tracking (CallRail), and payment processing.
  • Legal Authorities: To comply with lawful requests or protect our rights.
  • Business Transfers: In connection with mergers, acquisitions, or asset sales.
  • With Your Consent: For third-party integrations that you enable.

5. Information We Process on Behalf of Clients

When a Client engages Booked To Capacity for paid marketing services, we are granted access to and may process the following types of data on their behalf:

  • Marketing platform data: Performance metrics, ad spend, conversion data, and account configurations within Google Ads, Google Analytics, Google Business Profile, and similar platforms.
  • Call tracking data: Phone numbers, call recordings, call duration, caller ID information, and call transcripts captured through CallRail.
  • Website analytics and conversion data: User behavior on Client websites, form submissions, and conversion events.
  • Aggregated business performance data: Information used to populate Client-facing reporting dashboards and ROI calculations.

This data is collected for the purpose of operating, optimizing, and reporting on Client marketing campaigns. Booked To Capacity does not use Client business data for our own marketing purposes without Client consent, except in aggregated and de-identified form for service improvement and historical reporting.

Healthcare and Patient Information

Booked To Capacity provides marketing services to healthcare practices, including orthodontic practices that handle Protected Health Information (PHI) as defined under HIPAA. Booked To Capacity is not a covered entity, does not provide HIPAA compliance services, and does not intentionally collect, store, or process PHI. However, in the normal course of marketing service delivery, certain data we process may incidentally include identifying information about patients of our Clients, including but not limited to:

  • Phone numbers and voices of individuals who call tracked numbers
  • Names and contact details submitted via website forms
  • Information referenced during recorded inbound calls

We treat such information with appropriate confidentiality and limit access to authorized personnel only. Clients are responsible for ensuring their use of marketing services, including call tracking, complies with applicable healthcare privacy laws and for obtaining any required consents. Clients should consult with their own legal and compliance advisors regarding HIPAA obligations.

6. Tracking Technologies & Your Choices

Cookies & Tracking

  • Essential Cookies: Required for site functionality.
  • Functional Cookies: Remember preferences and settings.
  • Analytics Cookies: Collect usage data for performance and improvement.

Manage cookies via your browser settings.

Do Not Track

We currently do not honor Do Not Track browser signals.

7. Data Security & Breach Notification

We implement industry-standard measures—TLS encryption, secure servers, access controls—to protect data. In the unlikely event of a data breach, we will notify affected users and regulatory authorities in accordance with applicable law.

8. Data Retention

We retain personal data only as long as necessary for the purposes described or as required by law.

For Client business data, we retain access only during the active engagement and any agreed-upon transition period. Upon termination, we remove access to Client accounts and dashboards within five (5) business days, as described in our Terms and Conditions.

Aggregate or anonymized data may be retained for service improvement and historical reporting purposes.

9. Third-Party Links

Our Site may include links to external sites. We are not responsible for their privacy practices; please review their policies separately.

10. Children’s Privacy

The Site is not directed to children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such data, contact us and we will delete it promptly.

11. Your Privacy Rights

U.S. State Rights

  • California (CCPA/CPRA): Access, deletion, correction, and non-sale rights.
  • VA, CO, CT, UT, WA, etc.: Similar rights under state privacy laws.

Submit requests to hello@bookedtocapacity.com.

EU/EEA (GDPR)

Rights to access, rectification, erasure, restriction, portability, and objection. Contact us to exercise.

12. International Transfers

Booked To Capacity operates in the United States, and data processed by us is generally stored and processed in the United States. If you access the Site from outside the United States, you understand that your information may be transferred to and processed in the U.S. and other jurisdictions where our service providers operate. We use appropriate safeguards consistent with applicable law to protect data transfers.

13. Changes to This Policy

We may update this policy; the “Effective Date” will reflect changes. Your continued use of the Site constitutes acceptance of the revised policy.

14. Contact Us

For questions, concerns, or to exercise your rights, email hello@bookedtocapacity.com.

Last Updated: 5.7.2026