Privacy Policy
What we collect, and what we don’t.
How NYSF handles your account info, booking data, and the few things we share with the services that help us run.
Last updated June 21, 2026
What we collect
To run NYSF as a members' building, we collect:
- Account info — name, email, phone, profession (e.g. "hair stylist"), to confirm you're a working professional.
- Booking history — which studio, when, how long, what you paid. We use this to manage availability, send confirmations, and surface remaining pack hours in your portal.
- Authentication tokens — short-lived magic-link tokens that let you sign in without a password.
- Behavioral data — pages you view on this site and tour requests you submit, via our marketing tools. This helps us follow up on inquiries.
We do not store credit-card data. Card processing is handled by our payment processor; we only see the last four digits and a secure token used to charge your card.
When you join as a member and book a studio, we also collect — once, to verify you and issue your access:
- Government-issued photo ID — to confirm your identity matches your professional license and to issue your building badge or key.
- Professional license information — your license or certification number, type, issuing state, and expiration date, for each service you perform.
- Insurance information — your insurance carrier, policy details, and your Certificate of Insurance (COI).
- Your electronic signature record — when you sign an agreement on this site, we keep a record of the signing (a timestamp, your IP address, and the version of the agreement you signed) so your on-site signature is valid and verifiable.
Sensitive credentials & the New York SHIELD Act
Your ID, license, and insurance documents are sensitive, and we treat them that way. We collect them only to verify your credentials, issue your building access, and meet our insurance, landlord, and legal obligations. We never collect them by text message or unencrypted email.
These documents are kept in private, access-controlled storage that is not public and not searchable on the open web, and access is limited to authorized NYSF personnel who need it. Where we can, we practice data minimization — for example, keeping a verification record (credential type, the date we verified it, and the last few digits) rather than a full copy of your ID image once verification is complete.
We acknowledge that a driver's-license or non-driver-ID number is "private information" under the New York SHIELD Act. We maintain reasonable administrative, technical, and physical safeguards for it, and we are committed to notifying affected members as required by law in the event of a breach. We do not perform any biometric or facial-recognition processing on your photo ID without your separate, explicit consent.
Service providers
We share limited information with the trusted service providers that help us run NYSF, described by what they do for us:
- Payment processing — to take payment securely (we never store your full card number).
- Cloud database & sign-in — to store your account and power passwordless sign-in.
- Transactional email & text — to send booking confirmations, sign-in links, and reminders.
- Customer-relationship & marketing tools — to manage inquiries and follow up on tour requests.
Each provider may use your information only to perform services for NYSF. A current list of our specific providers is available on request at info@nystudiofactory.com.
How long we keep it
Booking history is retained for 7 years for tax and accounting purposes. Account info is retained while your account is active and for 90 days after closure, then deleted unless we're required to keep it longer by law. Magic-link tokens expire and are deleted within 24 hours.
Cookies & pixels
This site uses essential cookies for authentication and a marketing analytics pixel to understand inquiries and follow up on tour requests. You can disable cookies in your browser, but you won't be able to sign in to the member portal.
Your rights
You can:
- Request a copy of the data we hold about you.
- Correct anything that's wrong.
- Delete your account (and the data attached to it, subject to retention rules above).
- Opt out of marketing email at any time via the unsubscribe link.
Email info@nystudiofactory.com for any of the above.
California & EU residents
If you're a resident of California (CCPA) or the EU/UK (GDPR), additional rights may apply, including the right to access, delete, or restrict certain uses of your information, and the right not to have your personal information sold (we do not sell it). To exercise any of these rights, contact us at info@nystudiofactory.com.
Changes
If we materially change how we handle your data, we'll email active members and post the change date at the top of this page.
Contact
Privacy questions: info@nystudiofactory.com.