Privacy Policy

Overview

The Headshot Club is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data. If you have questions, contact us at hola@theheadshotclub.co.

Information We Collect

Contact Information: Your name, email address, and phone number are collected when you book a session via our Cal.com scheduling system.

Payment Information: Payment data is processed securely through Stripe. We do not store your full credit card details; Stripe handles all payment processing in compliance with PCI-DSS standards.

Session Details: We collect information about your session preferences, including background color selections, reference images, and add-on choices you provide during booking and the wardrobe consultation.

Photographs: During your session, we capture and store your photographs in our secure server. Images are retained for delivery and portfolio purposes as outlined in our Terms of Service.

How We Use Your Information

We use your information for: processing your booking and payment, conducting your session, delivering your final images, customer service and support, sending session reminders and gallery delivery notifications, and improving our services based on feedback.

We do not sell, rent, or trade your personal information. We do not use your contact information for unsolicited marketing without your consent.

Third-Party Processors

We use the following third-party services to support our business:

• Cal.com: Manages session scheduling and sends automated booking confirmations. Your name and email are stored in Cal.com.
• Stripe: Processes all payments securely. Stripe retains payment data in compliance with PCI standards.
• Supabase: Stores session data, client information, and image metadata in a secure cloud database.
• Google Drive: Used to deliver your final image galleries via secure, password-protected links. Your images are stored in folders accessible only to you and our team.
• Resend: Sends transactional emails including session confirmations, reminders, and gallery delivery notifications.

Each of these processors has its own privacy policies. We have entered into data processing agreements to ensure your information is protected in compliance with applicable laws.

Data Retention

Active Clients: We retain contact information and session data indefinitely for clients who have booked with us, to facilitate future bookings and maintain our client relationship.

Tax and Legal Records: Financial and booking records are retained for seven years to comply with tax and legal requirements. After seven years, data is securely deleted or anonymized.

Your Privacy Rights

Access: You have the right to request a copy of the personal information we hold about you.

Correction: You may request corrections to inaccurate or incomplete information.

Deletion: You may request deletion of your personal data, subject to our legal obligations to retain it for tax and booking purposes.

Opt-Out: You may unsubscribe from non-transactional emails at any time by clicking the unsubscribe link in any email or by contacting us directly.

To exercise any of these rights, contact hola@theheadshotclub.co with your request. We will respond within 30 days.

California Residents

Although California's Consumer Privacy Act (CCPA) does not apply to The Headshot Club as a Florida business, we extend the same privacy rights and protections described in this policy to all California residents as a good-faith gesture toward privacy protection. These rights include the ability to know, delete, and opt out of the sale or sharing of your personal information.

Cookies and Tracking

Session Cookies: Our website uses session-only cookies to maintain your booking customization state while you are on our site. These cookies are deleted when you close your browser.

No Tracking Pixels: The public-facing site does not use analytics pixels, tracking tags, or third-party tracking code. We do not track your browsing behavior across the web.

Admin Area: Our password-protected admin area uses localStorage to manage internal session state. Only team members with access can interact with this storage.

Security

We implement technical, administrative, and physical safeguards to protect your personal information from unauthorized access, alteration, and disclosure. However, no system is completely secure. If you believe your data has been compromised, please contact us immediately at hola@theheadshotclub.co.

Policy Updates

We may update this privacy policy at any time. Changes are effective immediately upon posting. Continued use of our services constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

This policy is not attorney-reviewed. For privacy inquiries or to exercise your rights, contact hola@theheadshotclub.co.