Legal

Privacy Policy

This policy explains how Shade Diary handles personal information for the public website, waitlist, checkout interest flow, future web purchase flow, and future iOS app.

Effective May 26, 2026 Operator: Shade Diary, operated by Clueless Creations Contact: hello@clueless-creations.com

Current Snapshot

Shade Diary is a pre-dye planning product. The public site collects waitlist and checkout-interest information and, when you use the Color Read funnel at /check/, it also collects Hair Passport answers, TikTok or formula references, and your email address so your session can be redeemed in the iOS app. Subscription billing through Stripe (via RevenueCat) is now active for web purchases. PostHog product analytics is active when you use the funnel.

If the product starts collecting materially different categories of data we will update this policy before that launch.

Hair Passport And Health-Adjacent Information

The Color Read funnel at /check/ asks for Hair Passport answers that may include hair-health details such as scalp reaction history, current irritation, chemical treatment history (bleach, henna, metallic dyes), breakage or sensitivity flags, current hair level, and target shade. This information is used solely to compute your personalized Damage Check and Color Read. It is not sold, used for advertising profiling, or shared except with the service providers listed below that are necessary to operate the funnel.

A future app may let you choose hair photos, formulas, receipts, and dye-day notes. Shade Diary should be treated as a beauty planning aid, not medical, dermatology, allergy, or professional colorist advice.

Notice At Collection

Category	Examples	Purpose	Currently active?
Identifiers and contact details	Email address, normalized email hash, consent status.	Waitlist, launch updates, purchase redemption, support, deletion requests.	Yes, through the waitlist forms.
Pre-dye intent	Shade goal, source, mode, optional note.	Prioritize Color Read demand, segment launch invites, improve product messaging.	Yes, if you submit a form.
Hair Passport and health-adjacent answers	Current hair level, scalp reaction history, chemical treatment history (bleach, henna, metallic dyes), breakage or sensitivity flags, gray coverage percentage, vibrancy goal, developer preference, target shade name.	Compute the Damage Check band (Soft Go / Strand Test First / Pause And Soften / Salon Zone) and generate the full Color Read; stored in Cloudflare KV for your session only.	Yes, when you complete the Color Read funnel at /check/.
Checkout interest	Selected annual or weekly plan, timestamp, referrer, user agent.	Measure purchase intent and route to checkout when purchase links are configured.	Yes, when you press a checkout-intent button.
Account and entitlement data	Email address (optional, for iOS redemption), anonymous app user ID (UUID stored in your browser), RevenueCat customer ID, entitlement status, session token.	Authenticate purchase entitlement, restore access, redeem web purchases in the iOS app.	Active for web purchase sessions. Full account system planned for the consumer product.
Commercial information	Product selected, subscription status, renewal and cancellation status, processor receipt identifiers, billing-issue flags.	Provide paid access, manage subscriptions, prevent fraud, support refunds.	Active for web purchases via RevenueCat and Stripe. Planned for Apple in-app purchases.
User content	Hair photos you choose, formula notes, Color Receipts, Day 3 proof (future app); TikTok URL or formula text you enter in the web funnel Trend Capture step.	Generate and save Color Reads, receipts, reminders, and privacy-controlled share cards.	Trend Capture fields active in the web funnel. Photos and receipts planned for the iOS app only.
Device, log, and diagnostic data	IP-derived request data, user agent, referrer, timestamps, error logs, app diagnostics.	Operate the service, secure the site, debug issues, improve reliability.	Partly active through Cloudflare request handling.
Support communications	Emails, requests, issue descriptions, attachments you choose to send.	Answer questions, resolve access issues, process privacy requests.	Active if you contact us.

How We Use Information

To provide the website, waitlist, checkout interest flow, future app accounts, and future paid Color Read features.
To send launch updates, purchase or redemption instructions, service notices, and support replies.
To understand which hair-color goals, formulas, and risk moments users care about before launch.
To keep safety stop conditions visible and avoid hiding high-risk warnings behind a paywall.
To prevent abuse, debug the Worker, protect accounts, and comply with legal obligations.
To improve the product experience without selling personal information or sharing it for cross-context behavioral advertising as currently configured.

Processors And Service Providers

Shade Diary uses service providers to run the product. They process data on our behalf or under their own customer terms, depending on the feature.

Cloudflare — website hosting, Worker runtime, request handling, KV session storage for Hair Passport answers and Color Read results (72-hour TTL per session), and KV entitlement cache.
RevenueCat — active for web purchases. Receives your anonymous app user ID, selected plan, purchase timestamp, and entitlement status. Manages subscription lifecycle events (purchase, renewal, cancellation, expiration, billing issues). RevenueCat processes payment card data through its Stripe integration on your behalf.
Stripe — active for web purchases (via RevenueCat Web Billing). Receives billing details (card number, expiry, CVC, billing address) directly in an inline Stripe Elements iframe. Card numbers are never transmitted to or stored in the Shade Diary Worker. Stripe performs fraud checks and issues payment receipts under its own terms.
Supabase — planned consumer authentication, account records, and future app data storage.
Apple — planned App Store distribution, in-app purchases, receipts, refunds, and subscription management.
Resend — planned transactional email delivery for iOS redemption instructions sent on initial web purchase. Receives your email address only when you provide it and only to send that message.
PostHog — active in the web funnel when you use /check/. Receives anonymized funnel events (steps completed, Damage Check band reached, paywall shown, purchase completed). Your email is hashed with SHA-256 before being sent to PostHog — the raw email address is never transmitted as an event property. PostHog processes data under its own privacy terms.
Google Fonts and Higgsfield CDN — font delivery and hosted static design or marketing imagery.

Payment card numbers are handled by Stripe, not stored directly in the Shade Diary Worker or waitlist database.

Cookies, Analytics, And Advertising

The public homepage does not run an analytics SDK or ad pixel.

The Color Read funnel at /check/ uses PostHog for product analytics. PostHog records which funnel steps you complete, the Damage Check band result, whether the paywall was shown, and whether a purchase was completed. PostHog may set a first-party cookie or use localStorage to assign an anonymous session identifier. UTM parameters from the URL (utm_source, utm_medium, utm_campaign, utm_content, utm_term) are captured and associated with your session as super-properties. Your raw email address is never sent to PostHog; if you provide an email, a SHA-256 hash is used for identity stitching only. We do not use PostHog data for cross-context behavioral advertising.

Stripe Elements sets cookies or tokens on Stripe's own domain (js.stripe.com) as part of fraud prevention and payment processing. RevenueCat may set session tokens in your browser's localStorage. These are necessary for checkout and subscription management and are not used for advertising.

The private workspace and future consumer account flows may use necessary authentication cookies or tokens. Apple, Supabase, or other future providers may set cookies on their own domains.

Retention

Hair Passport session data and Color Read results — stored in Cloudflare KV with a 72-hour time-to-live per session. Automatically purged 72 hours after creation. Also purged within 30 days of a verified deletion request, and within 90 days of account termination.
Checkout intent records — retained for up to 12 months for fraud prevention and conversion analysis, then purged unless a longer period is required by law.
Subscription and entitlement records — retained for the duration of the active subscription plus 7 years to meet accounting, tax, and dispute-resolution obligations.
Waitlist and purchase-interest records — kept until no longer needed for launch operations, until you ask us to delete them, or until a longer period is required for security or compliance.
Support communications — retained as long as needed to resolve the request, then archived for up to 3 years unless a legal obligation requires longer retention.
Payment processors (Stripe, RevenueCat, Apple) retain billing, refund, and tax records under their own legal and operational requirements.

Your Choices And Rights

Email us at hello@clueless-creations.com to request access, correction, export, deletion, or marketing opt-out.
You can choose not to submit waitlist forms, checkout-interest buttons, app photos, or optional notes.
You can manage subscriptions through the processor that billed you, such as Apple, Stripe, or RevenueCat-powered web checkout.
California residents may request to know, delete, correct, and limit certain uses of personal information. Shade Diary does not sell personal information and does not share personal information for cross-context behavioral advertising. To exercise your right to opt out of any future sale or sharing, or to submit any other California privacy request, email hello@clueless-creations.com with "Do Not Sell or Share My Personal Information" in the subject line.
We do not discriminate against users for exercising privacy rights.

Security

We use reasonable technical and organizational safeguards for a small launch-stage product, including limited public data collection, Cloudflare infrastructure, protected workspace routes, and payment processors for card handling. No internet service can guarantee perfect security.

International Users

Shade Diary is currently built for a United States launch. If you use the site or future app from another country, your information may be processed in the United States and other countries where our providers operate.

Children

Shade Diary is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 submitted information, contact us and we will delete it. Users under the age of majority should use Shade Diary only with permission from a parent or guardian.

Changes

We may update this policy as Shade Diary moves from waitlist to checkout, iOS app, subscriptions, and account features. The effective date will be updated when the policy changes materially.

Subscription Purchase Disclosure

This disclosure applies when you purchase a Shade Diary subscription through the web funnel at /check/.

Prices: Shade Diary Pro — Annual: $59.99 per year (default); Weekly: $12.99 per week. Prices shown at checkout control and may differ from these reference prices if updated before you purchase.
Billing processor: RevenueCat (powered by Stripe). Payment card data is entered directly into a Stripe-hosted form and is not stored by Shade Diary.
Auto-renewal: Subscriptions renew automatically at the end of each billing period (annually or weekly) until you cancel. The renewal charge is the same price as your initial purchase unless we notify you of a change in advance.
No free trial: There is no free trial. Your card is charged at the moment you confirm purchase.
How to cancel: Log in to the RevenueCat customer portal linked in your purchase confirmation email, or email hello@clueless-creations.com. Cancellation takes effect at the end of the current billing period. You retain access until that date.
Refund policy: Payments are non-refundable. Requests received within 48 hours of the first charge will be considered on a case-by-case basis. Email hello@clueless-creations.com with your receipt to request a review. If you purchased through Apple, refund requests must go through Apple's App Store process.