Legal
Privacy Policy
Last updated: June 2, 2026
1. Overview
FadeKick is a product of Opynbox LLC (“Opynbox,” “FadeKick,” “we,” “us,” or “our”). FadeKick provides booking and business-management software for barbershops, salons, and grooming businesses, including an AI text-booking assistant. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have.
Our two roles. When you create a FadeKick account, we act as a data controller for your account and business information. When a shop uses FadeKick to manage its own customers (clients, appointments, and conversations), the shop is the controller of that customer data and FadeKick acts as a processoron the shop’s behalf. If you are a client of a shop, please also contact that shop with privacy requests.
2. Information We Collect
We collect the following categories of information, most of which is stored in our Supabase Postgres database and scoped to a single business with row-level security:
Account & business information
| Account | Name, email address, and password (handled by our authentication provider), and profile photo. |
|---|---|
| Signup & contact | If you start creating an account, request information, or otherwise interact with us, we may collect contact details such as your name, email address, and phone number — including if you do not finish creating an account. |
| Business | Shop name, type, slug, address, phone number, branding (logo, colors), operating hours, and time zone. |
| Team | Staff names, emails, phone numbers, roles, and working schedules. |
Customer & operational data (entered by shops)
| Clients | First and last name, email, phone number, notes, and visit/no-show counts. |
|---|---|
| Appointments | Service, staff, start/end times, status, and appointment notes. |
| Services | Service names, durations, and prices. |
| Reviews | Ratings and comments associated with a client or appointment. |
| Payments | Transaction amount and status. Card details are handled by our payment processor and are not stored by FadeKick. |
| Notifications | In-app activity such as new bookings, cancellations, and no-shows. |
AI text-booking & SMS conversations
| Messages | The content of SMS messages exchanged with a shop's booking number and the AI assistant's replies. |
|---|---|
| Conversation metadata | Channel, message counts, status, and a one-way hashed identifier of the customer's phone number. |
| Consent events | A record of opt-in and opt-out (STOP/START) events for messaging compliance. |
| Usage | Aggregate monthly conversation and message counts per business. |
Information collected automatically
When you use the product we and our infrastructure providers may collect technical data such as IP address, device and browser type, log and diagnostic data, and essential cookies/session tokens used to keep you signed in. We do not log message bodies in our application logs in production; phone numbers in logs are hashed.
3. How We Use Information
We use the information described above to:
- Provide, operate, and secure the booking and management platform.
- Power the AI text-booking assistant — reading availability, booking and confirming appointments, and answering questions.
- Send transactional communications such as booking confirmations and account emails.
- Send product updates, onboarding tips, and other marketing email about FadeKick where permitted by law. You can unsubscribe from marketing email at any time using the link in those messages or by contacting us. We do not use phone numbers collected during signup for SMS marketing unless you separately opt in.
- Process payments and protect against no-shows (where enabled).
- Provide analytics and reporting to shop owners about their own business.
- Maintain security, prevent abuse, debug issues, and comply with legal obligations.
We do not sell your personal information, and we do not use shop customer data for advertising.
4. AI Text Booking & SMS
FadeKick’s AI assistant replies to text messages sent to a shop’s booking number. By texting that number, a customer agrees to receive automated replies to help book appointments. Message and data rates may apply, and customers can reply STOP at any time to opt out or START to opt back in. We log these consent events for compliance with applicable messaging laws (including the TCPA).
To generate replies, message content and a limited window of recent conversation turns are sent to our AI provider (OpenAI). We do not send your full message history, and we use API settings intended to exclude your content from training the provider’s models. Message bodies are retained for 90 days, while conversation metadata and consent records are retained for up to one year (consent records may be kept longer where required by law).
6. Data Retention
We retain account, business, and customer data for as long as your account is active or as needed to provide the service. Contact information collected before an account is fully created is retained until you complete signup, unsubscribe from marketing email, or ask us to delete it. SMS message bodies are retained for 90 days and conversation metadata for up to one year, as described above. When you delete a record (such as a client) or close your account, we delete or anonymize the associated data within a reasonable period, except where we must retain it to comply with legal, accounting, or security obligations.
7. Security
Every data record is scoped to a single business and protected by database row-level security, so businesses can only access their own data. Data is encrypted in transit, access to administrative tools is restricted and protected by multi-factor authentication, and secrets and webhooks are validated server-side. No method of transmission or storage is 100% secure, but we work to protect your information using industry-standard safeguards.
8. Your Rights & Choices
Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights:
- Account holders (shops): manage your data in the app or contact us at privacy@fadekick.com.
- Shop customers: contact the shop you booked with (the controller of your data), or reach us and we will route your request. Customers can delete their conversation data by texting STOP and requesting deletion.
We will respond to verified requests within the time required by applicable law.
10. Children's Privacy
FadeKick is intended for businesses and is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
11. International Users
FadeKick is operated by Opynbox LLC from the United States, and your information may be processed in the United States and other countries where our service providers operate. We take steps to ensure appropriate safeguards are in place for such transfers.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice.
13. Contact Us
Questions about this policy or your data? Email us at privacy@fadekick.com.