CosmoDigest
CosmoDigestSign In

Privacy Policy

Last updated: February 2, 2026

CosmoDigest ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Service"). Please read this privacy policy carefully. By using the Service, you consent to the practices described in this policy.

Note: CosmoDigest is an information aggregation service. Any data, analytics, or insights we display are for informational purposes only. Please see our Terms of Service for complete disclaimers regarding the use of our content.

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Information Sharing and Disclosure
  4. Third-Party Services
  5. Data Retention
  6. Data Security
  7. Your Privacy Rights
  8. Cookies and Tracking
  9. Children's Privacy
  10. International Data Transfers
  11. Changes to This Policy
  12. Contact Us

1. Information We Collect

Information You Provide Directly

  • Account Information: When you create an account, we collect your email address, full name, and password.
  • Professional License Information: For Pro tier users, we collect your professional license number, license type (e.g., cosmetologist, barber, esthetician), issuing state, and license expiration date. If you upload a license image for verification, we process that image to extract relevant information.
  • Content Preferences: We collect your selected disciplines (hair, nails, esthetics, etc.), content type preferences, and geographic locations for personalized content delivery.
  • Payment Information: When you subscribe to a paid plan, payment information is collected and processed by our payment processor, Stripe. We do not store your full credit card number on our servers.
  • Communications: When you contact us for support or feedback, we collect the content of your messages.

Information Collected Automatically

  • Usage Data: We collect information about how you interact with our Service, including pages viewed, articles read, features used, and time spent on the platform.
  • Device Information: We collect device type, operating system, browser type, and unique device identifiers.
  • Log Data: Our servers automatically record information including your IP address, access times, and referring URLs.
  • Newsletter Engagement: We track email opens, link clicks, and delivery status to improve our newsletter service.
  • Authentication Data: We track login attempts, email verification status, and session information for security purposes. This includes rate limiting data to protect against unauthorized access attempts.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Personalize Services: Deliver personalized newsletters, regulatory alerts, and trend reports based on your preferences and location.
  • License Verification: Verify your professional license status to ensure our platform serves licensed beauty professionals and to enable verified professional badges.
  • Process Payments: Process subscription payments and manage your billing account.
  • Communications: Send service-related emails, including account notifications, regulatory alerts, and weekly newsletters.
  • Improve Our Services: Analyze usage patterns to improve content curation, user experience, and feature development.
  • Security and Fraud Prevention: Detect and prevent fraudulent activity, unauthorized access, and abuse of our services. This includes rate limiting login attempts and monitoring for suspicious activity.
  • Account Verification: Verify your email address and authenticate your identity when you access the Service.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.

Note: Any analytics, trends, or insights we generate from aggregated data are for informational display purposes only and should not be relied upon for business, financial, or legal decisions. See our Terms of Service for complete disclaimers.

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share information with third-party service providers who perform services on our behalf (see Section 4).
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
  • Legal Requirements: We may disclose information if required by law, subpoena, or legal process, or to protect our rights, safety, or property.
  • With Your Consent: We may share information with your explicit consent for purposes not described in this policy.
  • Team/Business Accounts: If you are part of a team or business account, your account administrator may have access to certain account information.

4. Third-Party Services

We use the following third-party services to operate our platform:

Stripe (Payment Processing)

Processes subscription payments. Stripe's privacy policy: stripe.com/privacy

SendGrid (Email Delivery)

Delivers newsletters and transactional emails. SendGrid's privacy policy: twilio.com/legal/privacy

OpenAI (License Verification)

Used to analyze uploaded license images for verification purposes. License images are processed but not stored by OpenAI for training. OpenAI's privacy policy: openai.com/privacy

Railway (Cloud Hosting)

Hosts our application infrastructure. Railway's privacy policy: railway.app/legal/privacy

5. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:

  • Account Data: Retained while your account is active and for up to 30 days after account deletion to allow for account recovery.
  • License Information: Retained while your account is active. License images used for verification are deleted within 30 days of successful verification.
  • Payment Records: Retained for 7 years as required for tax and accounting purposes.
  • Usage Data: Aggregated and anonymized after 2 years.
  • Email Engagement Data: Retained for 1 year to improve newsletter personalization.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • All data is encrypted in transit using TLS 1.3
  • Sensitive data is encrypted at rest using AES-256 encryption
  • Passwords are hashed using bcrypt with appropriate work factors
  • Access to personal data is restricted to authorized personnel only
  • Regular security audits and penetration testing
  • Multi-factor authentication available for all accounts

While we strive to protect your information, no method of transmission or storage is 100% secure. If you believe your account has been compromised, please contact us immediately.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

All Users

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request deletion of your account and personal data
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications

California Residents (CCPA)

Under the California Consumer Privacy Act, you have additional rights:

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information held by us
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

European Economic Area Residents (GDPR)

Under the General Data Protection Regulation, you have additional rights:

  • Right to withdraw consent at any time
  • Right to restrict processing of your data
  • Right to object to processing based on legitimate interests
  • Right to lodge a complaint with a supervisory authority

To exercise your rights: Go to Settings → Privacy in your dashboard, or email us at hello@cosmodigest.io. We will respond within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our Service:

Cookie TypePurposeDuration
EssentialAuthentication, security, preferencesSession / 7 days
FunctionalRemember settings, dark mode preference1 year
AnalyticsUnderstand usage patterns (anonymized)2 years

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

9. Children's Privacy

Our Service is intended for adults interested in the beauty industry and is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us at hello@cosmodigest.io, and we will take steps to delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and service providers are located. These countries may have different data protection laws than your country. We implement appropriate safeguards, including standard contractual clauses approved by relevant authorities, to protect your information during international transfers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page with an updated "Last updated" date and, where appropriate, sending you an email notification. We encourage you to review this policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

CosmoDigest Privacy Team

Email: hello@cosmodigest.io

For general support: hello@cosmodigest.io

Terms of ServiceContact UsBack to Home