Effective Date: February 1, 2026
1. Introduction
Welcome to Schdlr ("we," "our," or "us"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our website, mobile app, and related services (collectively, the "Service").
By using Schdlr, you agree to the practices described in this policy.
If you have questions or concerns about how we handle your data, please contact us at [email protected].
2. Information We Collect
We collect the following types of information to provide and improve our Service:
2.1 Personal Information
For All Users:
Name, phone number, and email address
Account credentials (username/password)
Profile information and preferences
Appointment details (date, time, services requested)
For Service Providers (Businesses):
Business name, address, and contact information
Service offerings, pricing, and availability
Staff member information
Payment information (processed securely via Stripe)
Business photos and descriptions
For Clients:
Booking history and preferences
Communication preferences
2.2 Identity Verification Data
For certain booking types (private studios requiring verification), we collect identity verification data through our partner, Stripe Identity.
This verification process collects:
Government-issued identification documents (driver's license, passport, state ID, etc.)
Facial biometric data (selfie photograph for identity matching)
Document verification metadata (verification status, timestamp, session ID)
Important Disclosures:
Stripe Identity processes and stores your ID documents and biometric data according to their Privacy Policy: https://stripe.com/privacy
We (Schdlr) do NOT store copies of your ID documents or biometric data on our servers
We store only: Verification status (verified/unverified), Stripe verification session ID, and timestamp of verification
Stripe retains verification data for fraud prevention, legal compliance, and regulatory requirements
Data retention by Stripe: Verification documents and biometric data are retained according to Stripe's policies and applicable law, typically for several years after verification
You consent to this identity verification process when you choose to book appointments at private studio locations that require verification.
2.3 Payment Information
All payment processing is handled securely by Stripe. We do not store your complete credit card numbers or banking information. Stripe collects:
Payment card information (card number, expiration, CVV)
Billing address
Payment transaction history
See Stripe's Privacy Policy for details: https://stripe.com/privacy
2.4 Usage and Technical Data
We automatically collect:
Device information: Device type, operating system, browser type and version
Usage data: Pages visited, features used, time spent on the app
Location data: Approximate location based on IP address (we do not track precise GPS location)
Log data: IP address, access times, error logs
2.5 Communications
Messages sent through our platform between clients and service providers
Customer support communications
Email and SMS opt-in preferences
3. How We Use Information
We use your information for the following purposes:
3.1 Providing the Service
Process and manage appointment bookings
Send appointment confirmations and reminders via SMS and email
Facilitate communication between clients and service providers
Manage service provider profiles, schedules, and availability
Process payments and subscriptions through Stripe
3.2 Identity Verification
Verify user identities for bookings at private studio locations
Prevent fraud, identity theft, and unauthorized access
Comply with legal and regulatory requirements
Protect the safety and security of our users
3.3 Service Improvement
Analyze usage patterns to improve features and user experience
Develop new features and functionality
Personalize content and recommendations
Conduct research and analytics
3.4 Communications
Send transactional messages (booking confirmations, appointment reminders, payment receipts)
Respond to customer support inquiries
Send important updates about our Service
Send marketing communications (only if you opt-in; you may opt-out at any time)
3.5 Legal and Safety
Comply with legal obligations and respond to lawful requests
Enforce our Terms of Service and policies
Protect against fraud, abuse, and security threats
Resolve disputes and investigate complaints
4. How We Share Information
We do not sell your personal information to third parties.
We may share your information in the following circumstances:
4.1 Service Providers and Partners
We share data with trusted third-party service providers who help us operate the Service:
Stripe: Payment processing AND identity verification (including ID documents and biometric data)
Twilio: SMS notifications and communications
Google: Calendar integrations and mapping services
Email service providers: Transactional and marketing emails
Cloud hosting providers: Secure data storage and infrastructure
Analytics providers: Usage analytics and service improvement
These providers are contractually obligated to protect your data and use it only for the purposes we specify.
4.2 Between Users
Appointment information is shared between clients and service providers to facilitate bookings
Business information (name, address, services, photos) is publicly visible on the platform
Private studio addresses are only revealed to verified clients after appointment acceptance
4.3 Legal Requirements
We may disclose information if required by law or in good faith belief that disclosure is necessary to:
Comply with legal process (subpoenas, court orders, government requests)
Enforce our Terms of Service
Protect the rights, property, or safety of Schdlr, our users, or the public
Investigate fraud or security issues
4.4 Business Transfers
If Schdlr is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the new entity. We will notify you of any such change.
5. Data Security
We implement industry-standard security measures to protect your information:
Encryption: Data is encrypted in transit (TLS/SSL) and at rest
Access controls: Limited access to personal data on a need-to-know basis
Secure infrastructure: Hosted on secure cloud platforms with regular security audits
Identity verification partner: Stripe Identity maintains SOC 2 Type II certification and complies with strict data security standards
However, no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You share information at your own risk.
Security Tips:
Use a strong, unique password
Do not share your login credentials
Log out when using shared devices
Report any suspicious activity immediately
6. Data Retention
We retain your information for as long as necessary to provide the Service and meet our legal obligations:
Account data: Retained while your account is active and for a reasonable period after deletion to resolve disputes or comply with legal requirements
Booking history: Retained for business records and tax purposes (typically 7 years)
Payment data: Managed by Stripe according to their retention policies and financial regulations
Verification data: Managed by Stripe Identity according to their policies and applicable law (typically several years after verification for fraud prevention and compliance)
You may request deletion of your data by contacting [email protected]. Note that we may retain certain information as required by law or for legitimate business purposes (e.g., fraud prevention, financial records).
7. Cookies and Tracking Technologies
Our Service uses cookies and similar technologies to:
Remember your preferences and settings
Analyze site traffic and user behavior
Improve performance and user experience
Deliver personalized content
Types of cookies we use:
Essential cookies: Required for the Service to function
Analytics cookies: Help us understand how users interact with the Service
Preference cookies: Remember your settings and choices
You can control cookies through your browser settings. Note that disabling certain cookies may limit your ability to use some features.
8. Your Rights and Choices
You have the following rights regarding your personal information:
8.1 Access and Correction
Access: Request a copy of the personal data we hold about you
Correction: Update or correct inaccurate information through your account settings
Portability: Request your data in a portable format (where technically feasible)
8.2 Deletion
Account deletion: You may delete your account at any time through account settings or by contacting us
Data deletion: Request deletion of your personal data (subject to legal retention requirements)
Note: We cannot delete identity verification data stored by Stripe Identity. You must contact Stripe directly to exercise deletion rights for verification data.
8.3 Marketing Communications
Opt-out: You may opt-out of marketing emails by clicking "unsubscribe" in any marketing message
SMS preferences: Manage SMS notification preferences in your account settings
Transactional messages: You cannot opt-out of essential transactional messages (appointment confirmations, payment receipts, etc.)
8.4 California & EU Residents (GDPR/CCPA)
If you are a California or European Union resident, you have additional rights:
California Residents (CCPA/CPRA):
Right to know what personal information we collect and how it's used
Right to request deletion of personal information (with certain exceptions)
Right to opt-out of "sales" of personal information (we do not sell data)
Right to non-discrimination for exercising your privacy rights
EU Residents (GDPR):
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten") in certain circumstances
Right to restrict or object to processing
Right to data portability
Right to withdraw consent
Right to lodge a complaint with your local data protection authority
Special Note on Verification Data:
Identity verification data processed and stored by Stripe Identity is subject to Stripe's privacy practices, data retention policies, and GDPR/CCPA compliance procedures
To exercise rights regarding verification data, you may need to contact Stripe directly
To exercise any of these rights, contact us at [email protected]
9. Children's Privacy
Schdlr is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
If we learn that we have collected information from a child under 18, we will delete it immediately. If you believe a child has provided us with personal information, please contact [email protected].
10. Third-Party Links and Services
Our Service may contain links to third-party websites, apps, or services (such as social media platforms). We are not responsible for the privacy practices of these third parties.
We encourage you to review the privacy policies of any third-party services you access.
Key Third-Party Privacy Policies:
Stripe (payments & identity verification): https://stripe.com/privacy
Google (calendar & maps): https://policies.google.com/privacy
Twilio (SMS): https://www.twilio.com/legal/privacy
11. International Data Transfers
Schdlr is based in the United States. If you access our Service from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries.
By using Schdlr, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.
12. Updates to This Policy
We may update this Privacy Policy from time to time to reflect:
Changes in our data practices
New features or services
Legal or regulatory requirements
User feedback
When we make material changes:
We will update the "Effective Date" at the top of this policy
We will notify you via email or in-app notification
Continued use of Schdlr after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically.
13. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:
📧 Email: [email protected]
📍 Address: Oxford, CT, USA
For specific data requests (access, deletion, correction):
Email [email protected] with "Privacy Request" in the subject line
Include your name, email, and specific request
We will respond within 30 days (or as required by applicable law)
For identity verification data questions: