GetStyled | Find & Book Salons, Barbershops & Spas

1. Introduction

GetStyled.io is operated by JMV Labs LLC (doing business as "GetStyled," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, applications, and services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

Account Information: Name, email address, password, business name, phone number, and business address when you register.
Business Data: Services offered, pricing, staff information, schedules, and business hours.
Client Data: Names, contact information, appointment history, and preferences of your salon clients that you enter into the system.
Payment Information: Billing details processed through our payment provider Stripe. We do not store credit card numbers on our servers.
Communications: Messages, support requests, and feedback you send us.

2.2 Information Collected Automatically

Usage Data: Pages viewed, features used, time spent, and interactions with the Service.
Device Information: Browser type, operating system, device identifiers, and screen resolution.
Log Data: IP address, access times, referring URLs, and error logs.
Cookies: See Section 7 (Cookies) below.

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Process transactions and send billing-related communications
Send appointment reminders and notifications (with your consent)
Send marketing emails about new features or promotions (with your consent)
Respond to support requests and inquiries
Monitor and analyze usage trends to improve user experience
Detect, prevent, and address fraud, abuse, or technical issues
Comply with legal obligations

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation, we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to provide the Service, including account management, appointment scheduling, payment processing, and sending transactional notifications.
Consent: Marketing communications, non-essential cookies, and analytics tracking. You may withdraw consent at any time through your account settings or by contacting us.
Legitimate Interests: Fraud prevention, security monitoring, service improvements, and business analytics, where our interests do not override your fundamental rights.
Legal Obligation: Retaining financial and billing records as required by tax law, and complying with legal requests from authorities.

5. How We Share Your Information

We do not sell your personal information. We share information only in these circumstances:

Service Providers: We use third-party providers including Stripe (payments), Supabase (database hosting), and AWS SES (email delivery) who process data on our behalf under strict data processing agreements.
Public Directory: If you opt in to the salon directory, your business name, address, services, and reviews are publicly visible.
Legal Requirements: We may disclose information if required by law, regulation, legal process, or government request.
Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction.
With Your Consent: We may share information for any other purpose with your explicit consent.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. After account deletion:

Account data is deleted within 30 days
Client data entered by you is deleted within 30 days
Anonymized analytics data may be retained indefinitely
Financial records are retained for 7 years as required by tax law
Backup copies are purged within 90 days of deletion

7. Data Security

We implement industry-standard security measures including:

Encryption in transit (TLS/HTTPS) and at rest
Secure password hashing (bcrypt with high cost factor)
Role-based access controls and row-level security
Regular security audits and monitoring
Rate limiting on authentication endpoints

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Cookies

We use the following types of cookies:

Essential Cookies: Required for authentication and security (session cookies). These cannot be disabled.
Analytics Cookies: Help us understand how visitors interact with the Service. These are only set with your consent.
Preference Cookies: Remember your settings and preferences. These are only set with your consent.

You can manage cookie preferences through the cookie consent banner or your browser settings.

9. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate data.
Erasure: Request deletion of your personal data ("right to be forgotten").
Portability: Request your data in a machine-readable format.
Restriction: Request restriction of processing.
Objection: Object to processing based on legitimate interests.
Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, use the data management tools in your account settings or contact us at privacy@getstyled.io. We will respond within 30 days.

10. Your Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected.
Right to Delete: Request deletion of personal information we have collected.
Right to Opt-Out: We do not sell personal information. If this changes, you will be notified and given the ability to opt out.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, visit our Do Not Sell My Personal Information page or contact us at privacy@getstyled.io.

11. International Data Transfers

Your data may be processed in the United States. If you are accessing the Service from outside the US, your data will be transferred to and processed in the US. We use appropriate safeguards including standard contractual clauses where required.

12. Children's Privacy

The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before they take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@getstyled.io
Address: JMV Labs LLC

For GDPR inquiries, our Data Protection Officer can be reached at dpo@getstyled.io.