Privacy Policy

StyleDesk AI, LLC (“StyleDesk AI,” “we,” “us,” or “our”) is committed to protecting your privacy and handling your personal information with transparency and care. This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information in connection with the StyleDesk AI platform and website at www.styledesk.ai (collectively, the “Platform” or “Services”).

This Privacy Policy applies to: (a) Subscribers — barbershop owners, nail salon owners, and other business operators who register for and use the Platform; and (b) End-Users — clients and members of the public who interact with the Platform by calling or texting a Subscriber’s dedicated phone number.

By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, you must discontinue use of the Platform.

Information We Collect

1.1 From Subscribers

When you register, we collect: full name and business name; business address and location (used to assign a matching local area code); email address and telephone number; billing information (processed by Stripe, Inc. — we do not store full payment card data); subscription plan selection and preferences; business configuration data (service menus, pricing, hours, booking links, staff schedules, FAQ content); login credentials and account security information.

1.2 From End-Users

When an End-User calls or texts a Subscriber’s dedicated StyleDesk AI phone number, we may collect: the End-User’s phone number; call recordings and/or transcripts of voice communications; content of inbound and outbound text messages; images and media files sent by MMS, including reference photos of hairstyles or nail designs (Pro and Premium plans only); AI-generated captions describing those images; the End-User’s name and appointment time or day, if voluntarily provided in response to an AI follow-up prompt; date, time, and duration of calls and text sessions; call disposition data (e.g., transfer, hangup, booking link sent); and booking-link click metadata (see Section 1.4).

1.4 Booking-Link Click Tracking

When StyleDesk AI sends a Subscriber’s booking link to an End-User via SMS, the link is wrapped in a short redirect URL (for example, styledesk.ai/go/xxxxxxxx) that 302-redirects to the Subscriber’s actual booking page. When an End-User taps the short link, we log the timestamp of the tap, a count of taps on the same token, and the HTTP User-Agent string of the first tap, then seamlessly forward the End-User to the underlying booking page. This metadata lets us determine whether the 30-minute auto follow-up text is warranted (we skip the follow-up if the End-User already tapped the link) and lets Subscribers see link-engagement data in their dashboards. Click metadata is retained for thirty (30) days and then automatically deleted. Taps occurring within sixty (60) seconds of link delivery are treated as likely automated previews (iMessage, carrier spam scanners) and are not counted as engagement for follow-up suppression.

1.3 Automatically Collected

When Subscribers access the Platform, we may automatically collect: IP address and approximate geographic location; browser type, version, and operating system; device identifiers; pages viewed, features accessed, and time spent; referring URLs and navigation paths; cookie identifiers and similar tracking technologies (see Section 10).

How We Use Your Information

• To provision and operate the Platform, including activating Subscriber accounts, assigning dedicated phone numbers, and enabling AI answering, messaging, and photo intake features;
• To authenticate Subscribers and maintain account security;
• To process subscription payments and manage billing through Stripe;
• To generate and deliver AI-powered responses to End-Users on behalf of Subscribers;
• To generate AI captions for End-User-submitted photos for dashboard organization;
• To populate Subscriber dashboards with call logs, text history, photo galleries, analytics, and performance data;
• To send Subscribers notifications when End-Users submit photos (via SMS and/or daily email digest, subject to Subscriber preferences);
• To provide customer support and troubleshoot technical issues;
• To send transactional communications (account confirmations, billing notices, service updates, security alerts);
• To send marketing and promotional communications to Subscribers, subject to applicable consent and opt-out rights;
• To monitor, analyze, and improve Platform performance, reliability, and features;
• To develop our AI models using aggregated and de-identified data (we do NOT use End-User photos, voice recordings, or text content to train generative AI models for third-party sale);
• To detect and prevent fraud, abuse, security incidents, and violations of our Terms of Service;
• To comply with applicable legal obligations and enforce our legal rights.

Legal Basis for Processing (Where Applicable)

• Contractual Necessity: Processing necessary to perform our contract with you as a Subscriber;
• Legitimate Interests: Processing necessary for our legitimate business interests, including security, fraud prevention, analytics, and service improvement;
• Legal Obligation: Processing necessary to comply with applicable laws and regulations;
• Consent: Where we rely on your consent (such as for certain marketing communications or non-essential cookies), you may withdraw consent at any time.

How We Share Your Information

StyleDesk AI does not sell your personal information to third parties. We do not share End-User call recordings, text message content, or submitted photos with any third party for advertising or analytics purposes.

4.1 Service Providers

We share personal information with the following vendors who assist us in operating the Platform:

• Stripe, Inc. — payment processing;
• Telnyx, Inc. — telephony and SMS/MMS infrastructure;
• Supabase, Inc. — cloud hosting, database, and file storage (including photo storage);
• OpenAI, L.L.C. — AI language and vision model processing of call transcripts, SMS content, and submitted photos;
• Deepgram, Inc. — real-time speech-to-text transcription of inbound calls;
• ElevenLabs, Inc. — AI voice synthesis for outbound call audio;
• Resend — transactional email delivery;
• Vercel, Inc. and Railway Corp. — Platform hosting infrastructure;
• Google Analytics and PostHog — Platform usage analytics (see Section 10);
• Sentry — application error monitoring.

All service providers are contractually obligated to use personal information only for the purposes for which it was shared and to maintain appropriate security measures.

4.2 Business Transfers

In the event of a merger, acquisition, sale of substantially all of our assets, or other business restructuring, personal information may be transferred to the acquiring entity. We will notify affected Subscribers prior to such transfer if practicable.

4.3 Legal Requirements and Safety

We may disclose personal information when we reasonably believe disclosure is necessary to: comply with a valid legal obligation; enforce our Terms of Service or protect our legal rights; investigate fraud or security incidents; or protect the safety, rights, or property of StyleDesk AI, our Subscribers, End-Users, or the public.

4.4 With Your Consent

We may share personal information for additional purposes with your prior express consent.

Data Retention & Deletion

5.1 Subscriber Account Data

Retained for the duration of your active subscription and for twelve (12) months following account cancellation, after which we securely delete or de-identify it unless legal retention is required.

5.2 Call Logs and Transcripts

Retained for ninety (90) days from the date of the call.

5.3 Text Message Records

Retained for ninety (90) days from the date of each message exchange.

5.4 Photo Intake (Pro and Premium)

End-User-submitted photos and their AI-generated captions are retained for a maximum of one hundred eighty (180) days from the date of receipt. After 180 days, photos are automatically deleted. Subscribers may manually delete individual photos from their dashboard at any time (removed within 7 days). Subscribers may request that all photos from a specific End-User phone number be purged by emailing hello@styledesk.ai.

5.5 Billing Records

Retained for a minimum of five (5) years for financial record-keeping and tax compliance.

5.6 Deletion Requests

Subscribers may request deletion of their personal information by contacting hello@styledesk.ai. We process requests in accordance with applicable law. Certain information may be retained to comply with legal obligations, resolve disputes, or enforce our agreements.

5.7 End-User Data

End-User Data (call recordings, transcripts, text content, submitted photos) is processed and retained on behalf of and at the direction of the Subscriber. End-Users seeking access to or deletion of their data should contact the Subscriber directly. If the Subscriber is unable to address the request, the End-User may contact hello@styledesk.ai.

Data Security

StyleDesk AI implements commercially reasonable administrative, technical, and physical safeguards:

• Encryption of data in transit using industry-standard TLS protocols;
• Encryption of sensitive data at rest;
• Access controls and role-based permissions;
• Row-level security policies restricting photo access so that each Subscriber can only view photos sent to their own dedicated phone number;
• Regular security reviews and vulnerability assessments;
• Secure deletion procedures for personal information no longer required.

No security system is impenetrable. In the event of a data security breach, we will notify affected parties in accordance with applicable law and without undue delay.

AI-Generated Content Disclosure

The StyleDesk AI Platform uses artificial intelligence technology to generate automated responses to inbound calls, text messages, and captions for submitted photos. Subscribers and End-Users should be aware that:

• All voice and text responses generated through the Platform are produced by an AI system and not by a human employee of StyleDesk AI or the Subscriber;
• AI-generated photo captions are algorithmically produced and may not perfectly describe the image content;
• AI-Generated Content is based on information provided by the Subscriber in the Platform’s configuration and does not reflect independent knowledge or professional advice;
• AI-Generated Content may be inaccurate, incomplete, or contextually inappropriate;
• The Platform cannot engage in emergency services dispatch or crisis intervention. End-Users in an emergency should call 911 (US) or applicable emergency services.

StyleDesk AI does not use End-User call recordings, text message content, or submitted photos to train generative AI models for sale or distribution to third parties without explicit authorization.

California Privacy Rights (CCPA/CPRA)

This Section applies to California residents.

8.1 Categories of Personal Information Collected

In the preceding twelve (12) months, we have collected the following categories of personal information from California residents:

• Identifiers: Name, email, telephone number, IP address, account username;
• Commercial Information: Subscription plan, billing records, transaction history;
• Internet or Other Electronic Network Activity: Browsing behavior, dashboard usage, device information;
• Audio and Electronic Data: Call recordings, call transcripts, inbound text message content;
• Visual Information: Reference photos submitted by End-Users via MMS to Pro and Premium Subscribers, and AI-generated captions;
• Geolocation Data: Approximate location derived from IP address.

8.2 California Consumer Rights

• Right to Know: Request disclosure of categories and specific pieces of personal information we have collected;
• Right to Delete: Request deletion of personal information, subject to certain exceptions;
• Right to Correct: Request correction of inaccurate personal information;
• Right to Opt-Out of Sale or Sharing: Direct us not to sell or share your personal information for cross-context behavioral advertising (see our Do Not Sell or Share page);
• Right to Limit Sensitive Information: Limit use and disclosure of sensitive personal information;
• Right to Non-Discrimination: Exercise privacy rights without discrimination.

8.3 How to Exercise CCPA/CPRA Rights

Submit a verifiable consumer request to hello@styledesk.ai with the subject line “California Privacy Request.” We respond within 45 days (with a possible 45-day extension).

8.4 Do Not Sell or Share

StyleDesk AI does not sell personal information for monetary consideration. To the extent we share personal information with analytics providers for cross-context behavioral advertising, California residents may opt out via our Do Not Sell or Share page.

8.5 Authorized Agent

California residents may designate an authorized agent to submit requests on their behalf.

Canadian Privacy Rights (PIPEDA & Provincial Laws)

9.1 Consent

StyleDesk AI collects, uses, and discloses personal information about Canadian individuals with their knowledge and consent, as required by PIPEDA. Consent is obtained at or before the time of collection.

9.2 PIPEDA Rights

Canadian individuals have the right to request access, challenge accuracy, have corrected, or withdraw consent. Contact hello@styledesk.ai with the subject “Canadian Privacy Request.”

9.3 Data Transfers

Personal information of Canadian individuals may be transferred to and processed in the United States. By using the Platform, Canadian Subscribers consent to such transfers in accordance with applicable law.

9.4 Quebec Law 25

Residents of Quebec have additional rights under Quebec’s Law 25, including rights relating to de-indexation, portability, and enhanced rights regarding automated decision-making.

9.5 CASL

Commercial electronic messages sent by StyleDesk AI include identity information and a functional unsubscribe mechanism. To unsubscribe, use the link in any marketing email or text, or contact hello@styledesk.ai.

Cookies & Tracking Technologies

StyleDesk AI uses cookies and similar tracking technologies on our website and dashboard. For a complete description, see our Cookie Policy. In summary, we use:

• Strictly Necessary Cookies — required for authentication, session management, and security;
• Analytics Cookies — via Google Analytics and PostHog, to understand Platform usage and improve performance;
• Functional Cookies — to remember preferences and settings.

Where required by applicable law, we request consent for non-essential cookies through our cookie banner. California residents should also refer to Section 8. StyleDesk AI honors the Global Privacy Control (GPC) browser signal as a valid opt-out for California residents.

Additional US State Privacy Rights

In addition to California, residents of the following states have specific privacy rights under applicable state law:

• Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA): Rights to access, correct, delete, and port personal data, and to opt out of sale, targeted advertising, and profiling;
• Florida (FDBR): Rights to access, delete, and correct personal data, and to opt out of sale and targeted advertising (applicable to covered entities);
• Washington (MHMDA): Rights regarding consumer health data;
• Montana (MCDPA), Oregon (OCPA), and other states: Rights substantially similar to those above.

To exercise any of these rights, contact hello@styledesk.ai with the subject line “State Privacy Request.”

Children’s Privacy

The Platform is not directed to children under the age of thirteen (13). We do not knowingly collect personal information from children under thirteen. If you believe a child under thirteen has provided us personal information, please contact hello@styledesk.ai.

Third-Party Links & Integrations

The Platform may contain links to third-party websites, applications, and services. This Privacy Policy does not apply to third-party practices. We encourage you to review the privacy policies of any third-party services you use in connection with StyleDesk AI.

International Data Transfers

StyleDesk AI is based in the United States and processes data on US servers. If you are located outside the United States, your personal information will be transferred to and processed in the United States. By using the Platform, you consent to the transfer of your personal information to the United States for the purposes described in this Privacy Policy.

Telecom & Communications Data

• Call recordings and transcripts may be generated automatically and stored in the Subscriber’s dashboard;
• The Subscriber is responsible for providing any required call recording disclosures to End-Users under applicable state law;
• Text message content and MMS photos from End-Users are processed by the Platform to generate AI responses and stored in the Subscriber’s dashboard;
• StyleDesk AI processes telecommunications data as a service provider acting at the direction of the Subscriber.

Marketing Communications

16.1 Subscriber Marketing

We may send marketing communications to Subscribers regarding StyleDesk AI products, features, and promotions. Subscribers may opt out at any time via the unsubscribe link in any marketing email or by contacting hello@styledesk.ai.

16.2 Subscriber Broadcast Messaging

Pro and Premium Subscribers have access to promotional broadcast messaging (including segmented broadcast groups on Premium) to their own End-User contacts. The Subscriber is solely responsible for ensuring such broadcasts comply with the TCPA, CASL, and applicable laws, and that End-User consent has been obtained.

Do Not Sell or Share My Personal Information (California)

StyleDesk AI does not sell your personal information for monetary consideration. We may share personal information with analytics providers (Google Analytics, PostHog) for purposes that may constitute “sharing” under the CCPA/CPRA. California residents have the right to opt out.

To opt out, visit our Do Not Sell or Share page, or email hello@styledesk.ai with the subject line “Do Not Sell or Share Request.” We process requests within 15 business days. We honor the Global Privacy Control (GPC) signal.

Changes to This Privacy Policy

StyleDesk AI may modify this Privacy Policy at any time. Material changes will be notified by email or prominent notice on the Platform at least fourteen (14) days before they take effect. For Canadian Subscribers, material changes that affect collection purposes will require renewed consent where mandated.

Automated Decision-Making

The Platform uses automated processing to generate responses to inbound calls and text messages, captions for submitted photos, and to route callers based on configured schedules. This automated processing is not used to make significant decisions that produce legal or similarly significant effects on End-Users. The AI system generates informational responses only, and all decisions regarding whether to book an appointment or engage with a business remain with the End-User. Subscribers and End-Users retain the right to request human review of any AI-Generated Content.

Contact Us

Please include your name, contact information, and a description of your inquiry. For privacy rights requests, specify the applicable right and your state or province of residence. We respond within the time period required by applicable law.

This Privacy Policy was last updated on April 18, 2026. Copyright © 2026 StyleDesk AI, LLC. All rights reserved.