At a glance
This Privacy Notice describes how CrownApp, LLC ("we," "us," or "our") collects, uses, stores, discloses, and otherwise processes your personal information when you use our Services — including the Crown Booking mobile application, which connects clients with independent beauty and personal-care professionals for on-location and scheduled appointments.
If you do not agree with our policies and practices, please do not use our Services. Questions? Email admin@crownapp.io.
The short version: we collect what we need to run the app and process bookings — your name, phone, payment details (via Stripe), and (if you allow it) device location. We don't collect sensitive personal information, we don't sell your data, and we don't market to children under 18.
Section 01What information do we collect?
Personal information you disclose to us
In short: we collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you register for the Services, express interest in our products, participate in activities on the Services, or otherwise contact us. The personal information we collect depends on how you interact with us and may include:
- Names
- Phone numbers
- Contact or authentication data
Sensitive information. We do not process sensitive information.
Payment data. We may collect data necessary to process your payment — such as your payment instrument number and the associated security code — if you choose to make purchases. All payment data is handled and stored by Stripe. You can read their privacy notice at stripe.com/privacy.
Application data
If you use our application(s), we may also collect the following information if you grant us access or permission:
- Geolocation information. We may request access to track location from your mobile device, either continuously or while you are using the app, to provide location-based services. You can change this in your device's settings at any time.
- Mobile device data. Device ID, model, manufacturer, operating system and version, system configuration, application identifiers, browser type, hardware model, internet service provider or mobile carrier, IP address, and details about the features you use.
- Push notifications. We may request to send push notifications about your account or app features. You can opt out from your device's settings.
This information is primarily used to maintain the security and operation of the application, for troubleshooting, and for our internal analytics and reporting.
All personal information you provide must be true, complete, and accurate, and you must notify us of any changes.
Information automatically collected
In short: some information — like your IP address and device characteristics — is collected automatically.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, and details about how and when you use our Services. We collect this through cookies and similar technologies. It includes:
- Log and usage data. Service-related, diagnostic, usage, and performance information our servers automatically record — IP address, device info, browser type, settings, activity on the Services (timestamps, pages viewed, searches, actions), and device events (system activity, error reports, hardware settings).
- Location data. Device location, either precise or imprecise. We may use GPS and similar technologies to collect geolocation data based on your IP address. You can opt out by refusing access or by disabling Location in your device settings — though some Services may not work without it.
Section 02How do we process your information?
In short: we process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To create and manage user accounts — so you can sign up, log in, and keep your account in working order.
- To deliver requested services to the user.
- To protect our Services, including fraud monitoring and prevention.
- To identify usage trends so we can understand how the Services are being used and improve them.
- To comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.
Section 03When and with whom do we share your personal information?
In short: we may share information in specific situations and with specific third parties.
We may share your personal information in the following situations:
- Business transfers. We may share or transfer your information in connection with — or during negotiations of — any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
- When we use Google Maps Platform APIs. We may share your information with Google Maps Platform APIs (e.g., Google Maps API, Places API). Google Maps uses GPS, Wi-Fi, and cell towers to estimate location — GPS is accurate to about 20 meters, while Wi-Fi and cell towers help indoors. This data helps Maps provide directions but is not always perfectly precise.
Section 04Do we use cookies and other tracking technologies?
In short: yes — we may use cookies and similar technologies to collect and store your information.
We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some of these technologies help us maintain security, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.
We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising — including to help manage and display advertisements, tailor ads to your interests, or send abandoned shopping cart reminders, depending on your communication preferences. The third parties may use that technology to provide advertising about products and services on our Services or on other websites.
To the extent these technologies are deemed a "sale"/"sharing" (which includes targeted advertising, as defined under applicable laws) under U.S. state laws, you can opt out by submitting a request as described under U.S. resident rights.
Google Analytics
We may share your information with Google Analytics to track and analyze use of the Services. To opt out of being tracked by Google Analytics across the Services, visit tools.google.com/dlpage/gaoptout.
Section 05How long do we keep your information?
In short: we keep your information for as long as necessary to fulfill the purposes outlined here, unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information longer than the period for which you have an account with us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or — if that is not possible (for example, because the information has been stored in backup archives) — securely store it and isolate it from any further processing until deletion is possible.
Section 06How do we keep your information safe?
In short: we aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission to and from our Services is at your own risk. You should only access the Services within a secure environment.
Section 07Do we collect information from minors?
In short: we do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18, or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users under 18 has been collected, we will deactivate the account and take reasonable measures to promptly delete the data. If you become aware of any data we may have collected from children under 18, contact us at admin@crownapp.io.
Section 08What are your privacy rights?
In short: you may review, change, or terminate your account at any time, depending on your country, province, or state of residence.
Withdrawing your consent. If we are relying on your consent to process your personal information — which may be express and/or implied depending on applicable law — you have the right to withdraw it at any time by contacting us using the details in How can you contact us. Withdrawing consent will not affect the lawfulness of processing before its withdrawal, nor processing conducted under other lawful grounds.
Account information
If you would like to review or change information in your account or terminate your account at any time, you can:
- Log in to your account settings and update your user account.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. We may, however, retain some information to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms, and/or comply with applicable legal requirements.
If you have questions or comments about your privacy rights, email us at admin@crownapp.io.
Section 09Controls for Do-Not-Track features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard is adopted that we must follow, we will inform you about that practice in a revised version of this Privacy Notice.
California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.
Section 10Do United States residents have specific privacy rights?
In short: depending on your state of residence, you may have rights to access, correct, copy, or delete your personal data.
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing. These rights may be limited in some circumstances by applicable law.
Categories of personal information we collect
The table below shows the categories of personal information we have collected in the past twelve months. The examples are illustrative and do not reflect every piece of information we collect. For a comprehensive inventory, refer to What information do we collect.
| Cat. | Category & examples | Collected |
|---|---|---|
| A | Identifiers. Real name, alias, postal address, phone, unique personal identifier, online identifier, IP address, email, account name. | No |
| B | California Customer Records data. Name, contact information, education, employment, employment history, financial information. | Yes |
| C | Protected classification characteristics. Gender, age, date of birth, race and ethnicity, national origin, marital status, demographic data. | No |
| D | Commercial information. Transaction info, purchase history, financial details, payment info. | No |
| E | Biometric information. Fingerprints, voiceprints. | No |
| F | Internet or network activity. Browsing history, search history, online behavior, interactions with our and other websites/apps/ads. | No |
| G | Geolocation data. Device location. | Yes |
| H | Audio, electronic, visual or similar information. Images, audio, video, or call recordings created in connection with our business activities. | No |
| I | Professional or employment-related information. Business contact details, job title, work history, professional qualifications. | No |
| J | Education information. Student records and directory information. | No |
| K | Inferences drawn from collected personal information. Profiles or summaries about preferences and characteristics. | No |
| L | Sensitive personal information. | No |
We may also collect other personal information outside these categories when you interact with us in person, online, or by phone or mail in the context of:
- Receiving help through our customer support channels;
- Participating in customer surveys or contests; and
- Facilitating delivery of our Services and responding to inquiries.
We will use and retain the collected personal information as needed to provide the Services, or for:
- Category B — as long as the user has an account with us
- Category G — as long as the user has an account with us
Sources of personal information
Learn more about the sources of personal information we collect in What information do we collect.
How we use and share personal information
Learn more about how we use your personal information in How do we process your information.
Will your information be shared with anyone else?
We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider. Learn more in When and with whom do we share your personal information.
We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered a "sale" of your personal information.
We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve months. We will not sell or share personal information in the future belonging to website visitors, users, or other consumers.
Your rights
You have rights under certain U.S. state data protection laws. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law. These rights include:
- Right to know whether or not we are processing your personal data
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to request the deletion of your personal data
- Right to obtain a copy of the personal data you previously shared with us
- Right to non-discrimination for exercising your rights
- Right to opt out of the processing of your personal data if used for targeted advertising (or sharing as defined under California's privacy law), the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects
Depending on your state, you may also have the following rights:
- Right to access the categories of personal data being processed (Minnesota)
- Right to obtain a list of the categories of third parties to which we have disclosed personal data (California, Delaware, Maryland)
- Right to obtain a list of specific third parties to which we have disclosed personal data (Minnesota, Oregon)
- Right to obtain a list of third parties to which we have sold personal data (Connecticut)
- Right to review, understand, question, and correct how personal data has been profiled (Connecticut, Minnesota)
- Right to limit use and disclosure of sensitive personal data (California)
- Right to opt out of the collection of sensitive data and personal data collected through the operation of a voice or facial recognition feature (Florida)
How to exercise your rights
To exercise these rights, you can contact us by emailing admin@crownapp.io, by calling toll-free at +1-346-256-3628, or by referring to the contact details at the bottom of this document.
Under certain U.S. state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an agent who does not submit proof of authorization in accordance with applicable laws.
Request verification
Upon receiving your request, we will verify your identity to determine you are the same person about whom we have information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. If we cannot verify your identity from the information already maintained, we may request additional information for verification, security, or fraud-prevention purposes.
If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request, and the agent will need to provide a written and signed permission from you to submit the request on your behalf.
Appeals
Under certain U.S. state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing admin@crownapp.io. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons. If your appeal is denied, you may submit a complaint to your state attorney general.
California "Shine the Light" Law
California Civil Code Section 1798.83 — the "Shine the Light" law — permits our California-resident users to request, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. To make such a request, submit it in writing using the contact details in How can you contact us.
Section 11Do we make updates to this notice?
In short: yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently.
Section 12How can you contact us about this notice?
CrownApp, LLC
1111B S Governors Ave
STE 34423
Dover, DE 19904
United States
Email: admin@crownapp.io
Section 13How can you review, update, or delete the data we collect from you?
Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, email admin@crownapp.io.