Privacy Policy

What we collect, and what we don’t.

How NYSF handles your account info, booking data, and the few things we share with the services that help us run.

Last updated June 21, 2026

What we collect

To run NYSF as a members' building, we collect:

We do not store credit-card data. Card processing is handled by our payment processor; we only see the last four digits and a secure token used to charge your card.

When you join as a member and book a studio, we also collect — once, to verify you and issue your access:

Sensitive credentials & the New York SHIELD Act

Your ID, license, and insurance documents are sensitive, and we treat them that way. We collect them only to verify your credentials, issue your building access, and meet our insurance, landlord, and legal obligations. We never collect them by text message or unencrypted email.

These documents are kept in private, access-controlled storage that is not public and not searchable on the open web, and access is limited to authorized NYSF personnel who need it. Where we can, we practice data minimization — for example, keeping a verification record (credential type, the date we verified it, and the last few digits) rather than a full copy of your ID image once verification is complete.

We acknowledge that a driver's-license or non-driver-ID number is "private information" under the New York SHIELD Act. We maintain reasonable administrative, technical, and physical safeguards for it, and we are committed to notifying affected members as required by law in the event of a breach. We do not perform any biometric or facial-recognition processing on your photo ID without your separate, explicit consent.

Service providers

We share limited information with the trusted service providers that help us run NYSF, described by what they do for us:

Each provider may use your information only to perform services for NYSF. A current list of our specific providers is available on request at info@nystudiofactory.com.

How long we keep it

Booking history is retained for 7 years for tax and accounting purposes. Account info is retained while your account is active and for 90 days after closure, then deleted unless we're required to keep it longer by law. Magic-link tokens expire and are deleted within 24 hours.

Cookies & pixels

This site uses essential cookies for authentication and a marketing analytics pixel to understand inquiries and follow up on tour requests. You can disable cookies in your browser, but you won't be able to sign in to the member portal.

Your rights

You can:

Email info@nystudiofactory.com for any of the above.

California & EU residents

If you're a resident of California (CCPA) or the EU/UK (GDPR), additional rights may apply, including the right to access, delete, or restrict certain uses of your information, and the right not to have your personal information sold (we do not sell it). To exercise any of these rights, contact us at info@nystudiofactory.com.

Changes

If we materially change how we handle your data, we'll email active members and post the change date at the top of this page.

Contact

Privacy questions: info@nystudiofactory.com.