Hathaura Logo← Back to Home

Privacy Policy

Last updated: May 2025

1. Who We Are

Hathaura Color Studio ("Hathaura," "we," "us," or "our") is operated by Hathaura Color Studio LLC, a Texas limited liability company based in Houston, Texas, USA.

Data Controller: Hathaura Color Studio LLC
Responsible Person: Sasha Taha
Contact: hathaurasocial@gmail.com

2. Types of Data Subjects

This Privacy Policy covers two types of individuals:

  • Stylists (Account Holders): Professionals who create accounts on our platform to manage their color analysis business.
  • Stylist's Clients: Third-party individuals whose photos and color analysis data are uploaded by stylists for analysis purposes.

3. Client Photo Data: Processor Relationship

Important: When stylists upload photos of their clients to our platform, Hathaura acts as a data processor on the stylist's behalf. The stylist remains the data controller for their client's personal data.

Stylist Responsibility: Before uploading any client photos to Hathaura, stylists must obtain appropriate consent from their clients. By using our platform, stylists warrant that they have the necessary rights and permissions to upload and process their clients' photos and personal information.

Hathaura processes client photos solely for the purpose of providing color analysis services to the stylist. We do not use client photos for any other purpose, including marketing or training AI models.

4. Information We Collect

From Stylists (Account Holders):

  • Account information: email address, password (hashed)
  • Profile information: business name, contact details
  • Payment information: processed securely via Stripe (we do not store card details)
  • Usage data: features used, analysis history

From Stylist's Clients (via stylists):

  • Photos uploaded for color analysis
  • Client names and contact information (if provided by stylist)
  • Derived color analysis data (skin tone, seasonal palette, etc.)

5. How We Use Your Information

  • To provide and maintain our service
  • To process color analysis requests and generate reports
  • To process payments and manage subscriptions
  • To communicate with you about your account
  • To improve our service and develop new features
  • To comply with legal obligations

6. Legal Bases for Processing (GDPR)

We process personal data under the following legal bases:

  • Contract: Processing necessary to perform our contract with you (providing the service)
  • Consent: Where you have given explicit consent (e.g., marketing communications)
  • Legitimate Interests: For our legitimate business interests (e.g., improving our service, fraud prevention)
  • Legal Obligation: Where we need to comply with a legal requirement

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we need to retain it for legal compliance.

Client photos and analysis data are retained while the stylist's account is active. Stylists can delete individual client records at any time. Upon account deletion, all associated client data is also deleted.

8. Sub-Processors and Third Parties

We use the following service providers to operate our platform:

  • Supabase: Database and authentication (US-based)
  • Stripe: Payment processing (US-based, PCI-DSS compliant)
  • Vercel: Website hosting and serverless functions (US-based)
  • OpenAI: AI-powered color analysis (US-based)

All sub-processors are bound by data processing agreements and maintain appropriate security measures.

9. International Data Transfers

We are based in the United States and process data in the US. For users in the European Economic Area (EEA), United Kingdom, or Switzerland, this means your data may be transferred to and processed in the US.

We rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for transfers of personal data from the EEA to the US.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your personal data
  • Restriction: Request restriction of processing
  • Objection: Object to processing based on legitimate interests
  • Portability: Request transfer of your data in a machine-readable format

To exercise any of these rights, contact us at hathaurasocial@gmail.com. We will respond within 30 days.

Right to Complain: If you are in the EEA, you have the right to lodge a complaint with a supervisory authority in your country of residence.

11. Cookies and Analytics

We use essential cookies to maintain your session and preferences. We may use analytics tools to understand how our service is used. You can control cookie preferences through your browser settings.

12. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS) and at rest, secure authentication, and regular security reviews.

13. Children's Data

Our service is not directed to individuals under 18 years of age. Stylists should not upload photos of minors without appropriate parental or guardian consent.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Your continued use of the service after such changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Hathaura Color Studio LLC
Houston, Texas, USA
Email: hathaurasocial@gmail.com