Privacy Policy

Introduction

This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our yoga studio booking platform. We are committed to protecting your privacy and handling your data with care and transparency.

Data We Collect

Studio Owner Data

When you create a studio on our platform, we collect:

  • Account information (email address, password, authentication data)
  • Billing information (payment methods, subscription details, transaction history)
  • Studio information (name, address, contact details, branding, settings)
  • Onboarding details (name, phone, website, social media links)
  • Usage data (how you use the platform, features accessed, timestamps)

Student Data

When students use our platform to book classes, we collect:

  • Account information (email address, password, authentication data)
  • Profile information (name, phone number, profile picture)
  • Booking history (classes booked, attendance records, cancellations)
  • Payment information (processed securely through Stripe, we do not store full card details)
  • Subscription and class pack data (active plans, credits remaining, purchase history)

How We Use Your Data

We use the data we collect to:

  • Provide and maintain our booking platform services
  • Send you important updates, booking confirmations, and service-related communications
  • Process payments and manage subscriptions securely
  • Analyze platform usage to improve our services and user experience
  • Comply with legal obligations and enforce our terms of service
  • Provide customer support and respond to your inquiries

Data Sharing and Disclosure

We respect your privacy and only share data as described below:

With Studio Owners

Studio owners have access to their students' booking data, profile information, and payment history for the purpose of managing their studio operations. This access is limited to data related to their studio only.

With Service Providers

We use trusted third-party services to operate our platform:

  • Supabase (database and authentication) - stores and secures your data
  • Stripe (payments) - processes payments securely, we do not store full payment card details
  • SendGrid (email) - sends transactional and notification emails
  • Vercel (hosting) - hosts our application infrastructure

Legal Requirements

We may disclose your data if required by law, court order, or to protect our rights, property, or safety, or that of our users.

Data Security

We implement industry-standard security measures to protect your data:

  • Data encryption in transit and at rest
  • Strict access controls and authentication requirements
  • Row-level security policies to ensure data isolation between studios
  • Regular security monitoring and vulnerability assessments
  • Regular backups to prevent data loss

Data Retention

We retain your data for as long as necessary to provide our services:

  • Active accounts: Data is retained while your account is active
  • Account deletion: You can request account deletion, and data will be anonymized after a retention period (1-90 days as specified)
  • Legal requirements: Some data may be retained longer if required by law

Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction: Request restriction of processing in certain circumstances

Cookies and Tracking

We use essential cookies and session storage to maintain your login state and provide core functionality. We do not use third-party tracking cookies or advertising cookies.

Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the 'Last updated' date. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us through your studio dashboard or by emailing the studio owner directly.