Coiffe Home

Privacy Policy

Last updated June 14, 2026

Sample document for a portfolio project — illustrative, not legal advice.

Coiffe provides booking software to salons (each a “Salon”). This policy explains what we collect and why. It covers two audiences: Salon owners who run their business on Coiffe, and the customers who book appointments on a Salon’s booking page.

Controller vs. processor

When you book an appointment with a Salon, that Salon is the controller of your personal data — it decides why your details are collected and is your first point of contact. Coiffe acts as a processor, handling that data on the Salon’s behalf to run the booking service. For Coiffe’s own account holders (Salon owners), Coiffe is the controller.

What we collect

  • Salon accounts: name, email, business details, and subscription/billing information (payments handled by Stripe — we never see or store full card numbers).
  • Booking customers: the name, email, phone number, and any note you provide when booking, plus the appointment itself (service, stylist, time). If a Salon requires a deposit or card on file, payment is handled by Stripe.
  • Anonymous usage: aggregate booking-funnel metrics (how many visitors viewed a booking page, chose a service, and booked). These carry no personal identifiers — only an ephemeral random visit id (never linked to a person) and the referring website’s hostname.

How we use it

  • To provide the booking service and manage appointments.
  • To send booking confirmations, reminders, and updates by email (Resend) and, where enabled, SMS (Twilio).
  • To process subscription and deposit payments (Stripe).
  • To secure the service and prevent abuse.

We do not sell personal data, and we do not use it for third-party advertising.

Cookies

We use a small number of strictly functional cookies — a sign-in session for Salon owners and a theme preference. The embeddable booking widget is designed to work without third-party cookies, so it keeps functioning under browser tracking protections. We don’t use advertising or cross-site tracking cookies.

Who we share it with

We share data only with the service providers needed to run Coiffe: Stripe (payments), Resend (email), Twilio (SMS), Supabase (database and authentication), and Vercel (hosting). Each processes data on our behalf under their own terms.

Retention & security

We keep personal data for as long as the Salon’s account is active or as needed to provide the service, then delete or anonymize it. Data is encrypted in transit, and access is restricted to what each part of the service needs.

Your choices

For data tied to a booking, contact the Salon you booked with (the controller) to access, correct, or delete it. For Coiffe account data, contact us and we’ll help. See also our Terms of Service.