Cuticle Code Privacy Policy

1. Age Requirements

Cuticle Code is intended for users aged 16 and older. Users between 16 and 18 years of age must have parental or guardian consent to use the platform. We do not knowingly collect personal information from anyone under the age of 16. If we discover that we have collected data from a user under 16, we will promptly delete their account and all associated data. If you believe a minor under 16 is using Cuticle Code, please contact us at support@cuticlecode.com.

2. Information We Collect

We collect information you provide directly when using Cuticle Code:

• Account information: name, email address, phone number, profile photo
• Business information (providers/salons): business name, address, services, pricing, portfolio photos, technician roster
• Booking data: appointment dates, times, services selected, preferences, waitlist entries
• Favorites and Beauty Circle data
• Location information: address provided for services and address autocomplete
• Payment information: processed securely through Stripe — Cuticle Code never stores credit card numbers directly
• AI analysis data: hand/nail photos submitted for AI analysis, style preferences
• Communications: messages sent through our in-app chat system
• Reviews, ratings, and tips you submit
• Tip amounts, tip payment method, and tip routing information (e.g., whether tips are paid directly to the provider or tracked as owed by the salon) are collected and stored to facilitate tip transparency and reporting

3. How We Use Your Information

• Provide and improve our marketplace services
• Connect consumers with nail technicians and salons
• Process bookings, deposits, payments, refunds, and tips
• Power AI features (nail analysis, style recommendations, review responses, business insights) via Google Gemini
• Send booking confirmations, reminders, waitlist notifications, and availability alerts
• Translate app content into your preferred language
• Generate personalized booking links and QR codes
• Show you relevant providers and salons near your location using your saved address
• Calculate provider rankings using aggregated, anonymized booking and review data
• Improve our platform and develop new features
• Detect and prevent fraud or abuse
• Tip data is used to provide transparency features including "Tips Owed to You" (visible to technicians) and "Tips Owed to Technicians" (visible to salon owners), and to generate notifications when tips are received

4. Location Data & Provider Rankings

We use your address information to show you relevant providers and salons near your location. When you enter an address during sign-up or in your profile, we use the Google Places API to convert it to geographic coordinates (latitude and longitude), which are stored on your user profile.

Provider rankings in sections like "Trending Near You" are calculated using aggregated, anonymized booking and review data. No individual consumer's booking history is exposed to other users through the ranking system. Rankings are based on booking volume, ratings, profile completeness, and responsiveness.

We do not sell or share individual booking data with third parties for ranking purposes.

You can update or remove your address at any time in your Profile settings. Without an address, location-based features will show all providers without distance filtering.

5. Third-Party Services

Cuticle Code uses the following third-party services to operate the platform:

• Firebase (Google Cloud): authentication, Firestore database, hosting, cloud storage, email notifications via Trigger Email extension
• Stripe: payment processing, subscription billing, Connect payouts to providers. Consumer email addresses are shared with Stripe to facilitate payment receipt emails after successful transactions
• Google Gemini AI: nail analysis, dynamic translations, AI agent features (review response, revenue optimization, client retention, smart booking, style recommendations)
• Google Maps / Places API: address autocomplete for service locations
• Google Calendar API: optional two-way booking sync

Each third-party service operates under its own privacy policy and data handling practices.

6. Data Storage & Security

Your data is stored in Google Cloud Firestore (US multi-region, nam5) with encryption at rest and in transit. We use Firebase Authentication for secure login with email/password and Google Sign-In. Profile photos and portfolio images are stored in Firebase Cloud Storage with security rules ensuring only account owners can write to their own folders. Firestore security rules restrict data access so users can only read and modify their own information.

7. Account Deletion & Data Retention

You can delete your account directly in the app by going to your Profile (or Settings for salon owners) and tapping "Delete My Account."

Account deletion follows a 30-day soft delete process:

• Upon deletion request: your account is immediately deactivated, your profile is hidden from search, all pending bookings are cancelled, and the other parties are notified
• 30-day recovery window: your data is retained for 30 days. During this period, you can contact support@cuticlecode.com to cancel the deletion and restore your account
• After 30 days: your personal data is permanently purged, including your user profile, provider/salon profile, portfolio photos, and profile photos
• Anonymized data retained: booking history and reviews are anonymized (replaced with "Deleted User") rather than deleted, as the other party to each booking needs their history preserved
• Firebase Auth account is permanently deleted after 30 days

8. Your Rights

• Access: Download all your data anytime via "Download My Data" in Help & Support. Your data is exported as a JSON file containing your profile, bookings, portfolio, chats, and salon invites
• Correction: Edit your profile information (name, email, phone, photo) directly in the app
• Deletion: Delete your account in-app with a 30-day recovery window. Contact support@cuticlecode.com to cancel a pending deletion
• Portability: Your data export is provided in standard JSON format for easy portability

9. Cookies & Analytics

Our web app uses standard browser local storage for authentication state, language preferences, and session management. We do not use third-party tracking cookies or analytics trackers.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes through the app or via email to the address associated with your account.

11. Contact Us

For privacy questions, concerns, data requests, or to report a user under the minimum age:

Email: support@cuticlecode.com