Sailia is designed to keep your business data and customer information secure. This page explains how data is handled, what security measures are in place, and how to manage customer privacy.Documentation Index
Fetch the complete documentation index at: https://sailia-mintlify-intercom-migration-1775615253.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Payment security
All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. This means:- Card details are never stored on Sailia’s servers — Stripe handles all sensitive payment data
- Online payments use 3D Secure authentication when required by the customer’s bank
- POS card payments are processed through Stripe Terminal with end-to-end encryption
- MOTO payments (phone/mail orders) skip 3D Secure but are processed securely through Stripe and require the Operator Booking permission
Customer data
Sailia stores the following customer information:| Data type | Purpose | Who can access |
|---|---|---|
| Name and email | Booking confirmations, workflow emails, and account management | Staff with appropriate permissions |
| Booking history | Visible to the customer and your team from the customer dashboard | Staff with View Other Users permission |
| Membership and pass status | Tracks active subscriptions and remaining sessions | Staff and the customer |
| Waiver responses | Stored against individual bookings, including file uploads and digital signatures | Staff with booking access |
| Internal notes | Staff-only notes on customer profiles | Staff with View Other Users permission |
| Profile images | Optional photos uploaded by customers | Visible on the customer profile |
Staff permissions
Sailia uses a permission system to control what each team member can access. There are eight permission groups covering different areas of the platform:- What’s On — schedule and booking access
- Financial Dashboard — revenue and payout data
- POS — point of sale operations
- Communications — marketing and email access
- Manage Staff — staff profiles and timesheets
- Manage POS — POS configuration and grid layout
- Operator Booking — creating bookings on behalf of customers
- View Other Users — access to customer profiles
Data shared with integrations
When you connect external services, Sailia shares specific data:| Integration | Data shared |
|---|---|
| Stripe | Payment amounts, customer email for receipts, refund details |
| Xero | Payout invoices with line items, VAT rates, and account codes — no customer personal data |
| Adventuro | Activity details, real-time availability, waiver questions, and booking confirmations |
| Google Tag Manager / PostHog | Anonymized booking events (session IDs, conversion values) — no personal customer data |
Email communications
Sailia sends automated emails for transactional purposes (booking confirmations, refunds, waitlist notifications) and marketing purposes (workflow campaigns, newsletters). Customers can unsubscribe from marketing emails at any time, but transactional emails continue to be delivered.File storage
- Profile images — PNG, JPG, JPEG, or SVG up to 50 MB
- Waiver attachments — various formats up to 10 MB per file
- All uploads require an authenticated customer session
Deleting customer data
To remove a customer’s data, contact the Sailia support team at support@sailia.com. The team can assist with data deletion requests in compliance with applicable data protection regulations.Related guides
Permissions reference
Control what each staff member can access.
Customer management
Manage customer profiles and data.