Privacy Policy

Last updated: May 4, 2026

This page describes how skeditor (“we”, “us”) collects, stores, and uses information when you use our scheduling software at skeditor.com. We aim to be plain about what happens to your data; if anything here is unclear, write to us at our support page.

1. What we collect

When you create a skeditor account, we store:

• Your email address and a hashed version of your password (we never store your password in readable form).
• Your business name, the subdomain you chose, your timezone, and your service-type selection.
• The customers and appointments you enter, including names, addresses, phone numbers, email addresses, payment status, and notes you write.
• Any settings you configure, such as Venmo or Zelle handles used to generate payment links.
• Records of when you sign in, your active session, and the device-friendly notes browsers send (user-agent header).

When you subscribe to a paid plan, our payment processor (Stripe) collects your billing information directly. We never see or store your full card number. We do store the Stripe customer and subscription identifiers Stripe gives us so we can look up your subscription state.

2. How we use it

We use the data above to:

• Run the scheduling product you signed up for — show you your customers, your appointments, your stats.
• Send appointment confirmation and 24-hour reminder emails to the customers you enter (these emails come from your business name; recipients can reply directly to you).
• Send you account emails about password resets, billing receipts, and major service changes.
• Detect and prevent abuse of the service.

We do not use your data, or your customers’ data, for advertising. We never sell your data. We never share your customers’ data with anyone except the service providers listed below who help us run the product.

3. Who we share it with

We rely on a small number of service providers to operate skeditor. Each one only sees the data needed to do its job:

• Cloudflare — hosts the application and stores the database.
• Stripe — handles subscription billing. We pass them your email and our internal account identifier; they handle card details directly.
• Resend — delivers transactional email (confirmations, reminders, password resets, support replies).

We do not use third-party advertising trackers, analytics pixels, or session recorders.

4. Your rights

You can:

• View and edit your account data any time inside the app.
• Cancel your subscription from Settings → Billing → Manage billing.
• Request a full export of your data by emailing us through the support page. We’ll send a JSON file of your customers, appointments, and settings within 30 days.
• Request deletion of your account by emailing us through the support page. We’ll delete your account and associated data within 30 days, except where law requires us to retain billing records.

5. Data retention

We keep your data as long as your account is active, plus 90 days after cancellation in case you change your mind. After 90 days of cancellation we delete the data, except for billing records, which we retain for 7 years to comply with tax and accounting requirements.

6. Cookies and sessions

We set one HTTP-only cookie when you sign in — it stores a random session identifier so the server knows it’s you on subsequent requests. The cookie expires after 30 days of inactivity. We do not use third-party cookies, advertising cookies, or tracking pixels.

We also use the browser’s localStorage to remember your light/dark theme preference and whether you’ve dismissed the welcome card. This is stored only on your device and never sent to our servers.

7. Security

Passwords are hashed with PBKDF2-SHA256 (100,000 iterations). All connections use HTTPS. The session cookie is HttpOnly and Secure (browsers won’t expose it to scripts and won’t send it over plain HTTP). Your data is stored on Cloudflare’s infrastructure with their standard production security controls.

8. Children’s privacy

skeditor is not intended for children under 13. If you operate skeditor as a teacher of children (e.g., swim instruction for kids), the customer record you create represents the parent or guardian, not the child. Please use parent contact information rather than the child’s.

9. International users

Your data is stored on Cloudflare’s globally-distributed infrastructure, which means it may be processed in countries outside your home country. By using skeditor, you consent to this. If you have specific data-residency requirements, please contact us before signing up.

10. Changes to this policy

If we make material changes to this policy, we’ll email account owners at least 14 days before the changes take effect. The “Last updated” date at the top always reflects the current version.

11. Contact us

Questions about this policy, data requests, or anything else: please use our support page.