Skip to main content

Privacy Policy: Data Protection & Privacy Information 2026

TL;DR

  • We collect information you provide (name, email, company) and usage data through analytics
  • Your data is used to respond to inquiries, improve services, and comply with legal obligations
  • We do not sell your personal information to third parties
  • You have rights to access, correct, and delete your information

Last updated: January 2026

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, such as when you:

  • Register for an account or create a profile
  • Fill out our contact form or request a demo
  • Subscribe to our newsletter or marketing communications
  • Use our ROI calculator or other interactive tools
  • Communicate with us via email, chat, or phone
  • Participate in surveys, contests, or promotions
  • Upload content, data, or files to the Service

The types of information we may collect include: name, email address, company name, phone number, billing address, payment information, device information, compliance data, staff information, and any other information you choose to provide.

1.2 Automatically Collected Information

When you use our Service, we automatically collect certain information, including:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent, clicks, scroll depth, features used
  • Location Data: General geographic location based on IP address
  • Log Data: Access times, error logs, performance data
  • Cookies and Tracking: See our Cookie Policy for details

1.3 Information from Third Parties

We may receive information about you from third-party services, such as payment processors (Stripe), authentication providers (Clerk), analytics services (Google Analytics, Mixpanel), and business partners. This information is used to provide and improve our Service.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our Service
  • Account Management: To create and manage your account, process payments, and send service-related communications
  • Customer Support: To respond to your inquiries, provide technical support, and resolve issues
  • Communication: To send you service updates, security alerts, and administrative messages
  • Marketing: To send you promotional communications (with your consent) about our products and services
  • Analytics: To analyze usage patterns, improve user experience, and develop new features
  • Legal Compliance: To comply with legal obligations, enforce our Terms, and protect our rights
  • Business Operations: To conduct business analytics, prevent fraud, and ensure security

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on:

  • Contract: To fulfill our contract with you (providing the Service)
  • Consent: When you have given clear consent (marketing communications)
  • Legal Obligation: To comply with legal requirements
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf, including:

  • Payment processing (Stripe)
  • Authentication services (Clerk)
  • Email delivery (Resend)
  • Analytics services (Google Analytics, Mixpanel, Vercel Analytics)
  • Cloud hosting and infrastructure (Vercel)
  • Customer support tools

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a legal process.

4.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Row-Level Security (RLS) for data isolation
  • Secure data centers and infrastructure
  • Employee training on data protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide the Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain business records for legitimate purposes

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes. Some information may remain in backup systems for a limited period.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 General Rights

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your information
  • Restriction: Request restriction of processing

7.2 GDPR Rights (EEA Residents)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

7.3 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (we do not sell personal information).

7.4 Exercising Your Rights

To exercise your rights, please contact us at privacy@aesthetictrack.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and provide personalized content. For detailed information about our use of cookies, please see our Cookie Policy.

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including standard contractual clauses approved by the European Commission, to protect your information during such transfers.

11. Third-Party Links

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Sending an email notification to registered users
  • Displaying a notice on our Service

The "Last updated" date at the top indicates when this policy was last revised. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@aesthetictrack.com
Website: https://www.aesthetictrack.com
Data Protection Officer: dpo@aesthetictrack.com