LashOSLashOS
Sign InStart Free Trial

Legal

Privacy Policy

Last updated: May 19, 2026

Overview

LashOS ("we," "us," or "our") provides a business operating system for lash professionals. This Privacy Policy explains what information we collect, how we use it, and your choices. By using LashOS, you agree to the practices described here.

Information we collect

  • Account information: name, email address, business name, phone, profile photo, timezone, and studio settings you provide during signup or in Settings.
  • Client & appointment data: client names, contact details, visit history, appointment records, notes, photos, and revenue data you enter or import.
  • Usage data: basic logs needed to operate the service (e.g., sign-in events, feature usage) through our hosting and authentication providers.
  • Payment information: billing status and subscription metadata processed by Stripe. We do not store full credit card numbers on our servers.
  • Google Calendar data: when you connect Google Calendar (Pro feature), we access calendar events needed to sync appointments as described below.

Google Calendar access

If you choose to connect Google Calendar, LashOS requests OAuth access to read and write calendar events associated with your connected Google account. We use this access solely to:

  • Create, update, and delete calendar events when you create or modify appointments in LashOS
  • Optionally import existing calendar events into your LashOS schedule
  • Keep your LashOS appointments and Google Calendar in sync

Google OAuth tokens are stored encrypted. We do not sell your Google data, use it for advertising, or access your calendar unless you explicitly connect the integration. You can disconnect Google Calendar at any time in Settings → Integrations, which revokes our access and stops further sync.

User account storage

Your account and studio data are stored in a private Supabase project with row-level security. Only your authenticated account can access your clients, appointments, media, and settings. Data is hosted on infrastructure operated by our cloud providers (Supabase, Vercel) in accordance with their security standards.

Stripe billing

Paid subscriptions are processed by Stripe. When you subscribe to LashOS Pro, Stripe collects payment method details and processes charges on our behalf. We receive subscription status, plan type, and billing period information to enable Pro features. Stripe's privacy policy governs payment data they collect: stripe.com/privacy.

How we use your information

  • Provide, maintain, and improve LashOS features
  • Send transactional emails (e.g., appointment reminders, weekly reports) when you enable them
  • Process subscriptions and provide customer support
  • Protect against fraud, abuse, and security incidents

Data retention & deletion

We retain your data while your account is active. You may request account deletion by contacting us. Upon deletion, we will remove or anonymize your personal data within a reasonable period, subject to legal retention requirements.

Contact

Questions about this Privacy Policy or your data? Email us at KDOS.Dev@gmail.com.

Terms of Service · Back to home