Privacy Policy

Account information. When you create an artist account, we collect your name, email address, and any profile details you provide (display name, bio, shop location, social links).

Client submissions. When clients submit booking requests through an artist's microsite, we collect the information they provide — typically name, email, phone number, and any form fields the artist has configured. This data belongs to the artist and is stored on their behalf.

Photos. Artists upload portfolio and healed-photo images to the platform. These are stored securely via Uploadthing and served through their CDN.

Payment information. Billing is handled by Stripe. We do not store credit card numbers or payment details. Stripe's privacy policy applies to payment data.

Usage data. We collect anonymous analytics on how the platform is used via PostHog. This includes page views and feature interactions. No personal identifiers are attached to this data.

We use the information we collect to:

• Operate and improve the Stencled platform
• Send transactional emails — booking confirmations, appointment reminders, aftercare instructions, and healed photo prompts — on behalf of artists
• Send platform notifications such as account confirmations and sign-in links
• Process subscription billing through Stripe
• Respond to support requests

We do not sell your personal information. We do not use client submission data for marketing purposes.

Transactional emails (booking confirmations, reminders, aftercare) are sent via Resend on behalf of the artist. These are required for the service to function and cannot be opted out of while using the platform.

Marketing emails (product updates, waitlist communications) are sent only to users who have opted in. You can unsubscribe at any time using the link in any marketing email.

Your data is stored in Supabase, a managed database platform with encryption at rest and in transit. Authentication is handled by Supabase Auth. Images are stored via Uploadthing.

We implement row-level security at the database layer — artists can only access their own data. Client submission data is scoped to the artist it was submitted to.

We use the following third-party services to operate Stencled:

• Supabase — database and authentication
• Stripe — payment processing
• Resend — transactional email delivery
• Uploadthing — image storage and delivery
• PostHog — anonymous product analytics
• Cloudflare — DNS, CDN, and bot protection
• Vercel — application hosting

Each provider has their own privacy policy governing how they handle data.

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your account and associated data
• Export your data in a portable format

To exercise these rights, email us at hello@stencled.com.

We retain your account data for as long as your account is active. If you delete your account, your data is removed within 30 days, except where we are required to retain it for legal or tax purposes (e.g., billing records).

We may update this policy from time to time. We'll notify active users of material changes via email. Continued use of the platform after changes constitutes acceptance of the updated policy.

Questions about this policy? hello@stencled.com