Privacy Policy

Last updated: March 18, 2026

1. Introduction

Styleaidr ("we", "us", "our") operates the styleaidr.ca platform, a multi-tenant salon booking service. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA, S.C. 2000, c. 5).

This policy applies to all users of the Styleaidr platform, including salon owners ("Tenants"), their staff, and customers who book appointments through any salon's booking page.

2. Information We Collect

2.1 Salon Owners & Staff

  • Full name and email address (for account creation and login)
  • Salon name, address, and branding information (logo, description)
  • Usage data and login activity

2.2 Customers (Booking Clients)

  • Full name, email address, and phone number (provided when booking)
  • Appointment history, service preferences, and booking notes
  • Visit count

2.3 Automatically Collected Information

  • Authentication session cookies (required for login functionality)
  • Basic web analytics via Vercel Analytics (page views, performance metrics — no personally identifiable information)

3. How We Use Your Information

  • To provide and operate the booking platform
  • To send booking confirmations, reminders, and cancellation notices via email and SMS
  • To authenticate salon owners and staff
  • To allow salon owners to manage their client records and appointments
  • To improve platform performance and user experience

4. Data Sharing & Third Parties

We do not sell your personal information. We share data only with the following service providers, strictly for the purposes described:

  • Supabase (database & authentication) — stores all platform data in the us-east-1 (United States) region
  • SendGrid (email delivery) — sends booking confirmation, reminder, and cancellation emails on behalf of salons
  • Twilio (SMS delivery) — sends booking confirmation, reminder, and cancellation text messages to customers' phone numbers
  • Vercel (hosting & analytics) — hosts the platform and collects anonymous performance metrics

5. Data Residency

Personal data stored in our database is hosted by Supabase on AWS infrastructure in the United States (us-east-1 region). Data is encrypted at rest and in transit, and access is protected by row-level security policies. Hosting and edge delivery are provided by Vercel, which may process requests at edge locations globally but does not persistently store personal data outside of our primary database.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Upon account closure by a salon owner, all associated personal data — including customer records, booking history, and staff profiles — will be deleted within 90 days. Anonymous, aggregated data may be retained for analytics purposes.

7. Cookies

Styleaidr uses essential cookies only. These are authentication session cookies required for salon owners and staff to remain logged in. We do not use advertising cookies, tracking cookies, or third-party marketing cookies.

8. Data Controller & Processor Relationship

Styleaidr acts as the data controller for the platform relationship (salon owner accounts, staff accounts, platform usage). Each salon owner acts as the data controller for their own clients' booking data, with Styleaidr serving as the data processor on their behalf.

9. Your Rights Under PIPEDA

You have the right to:

  • Request access to the personal information we hold about you
  • Request correction of inaccurate personal information
  • Request deletion of your personal information
  • Withdraw consent for the collection, use, or disclosure of your information
  • File a complaint with the Office of the Privacy Commissioner of Canada

Booking clients: to exercise your rights regarding data held by a specific salon, please contact that salon directly. For platform-level requests, contact us at the email below.

10. Security

We implement appropriate technical and organizational measures to protect your personal information, including encrypted connections (TLS/HTTPS), row-level security policies for multi-tenant data isolation, secure authentication via Supabase Auth, and content security policy headers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

airgogna@gmail.com