Compliance

Privacy Policy

Wenlar LLC (“PigmentCRM”, “we”, “us”) operates pigmentcrm.com and the PigmentCRM application. This policy explains what personal data we collect, why, who we share it with, and the rights you have. Last updated 2026-05-01.

1. Who we are

PigmentCRM is operated by Wenlar LLC, a Wyoming limited liability company with its registered office at 30 N Gould St, STE R, Sheridan, WY 82801, United States. For data protection matters write to [email protected]. We act as controller for visitor and prospect data on the marketing site, and as processor for personal data that studios put into the application on behalf of their own clients and staff.

2. What we collect

  • Account data. Studio name, contact name, email, phone, password (hashed), 2FA secret (encrypted), role assignments.
  • Studio business data. Customer records (name, contact, DOB, ID image, driver’s licence number, health-screening answers from waivers), tickets, sessions, payments, photos, finance entries, SMS logs. The studio is the controller of this data; we are the processor.
  • Third-party connection data. When a studio connects Google Calendar or Google Drive we receive OAuth tokens scoped only to the data needed for the requested function (events, the studio’s own waiver folder).
  • Usage and security data. Application logs, audit log (actor, resource, action, before/after, IP, user-agent), error reports.
  • Marketing-site data. Pages viewed, anonymised IP, referrer. We do not use third-party tracking cookies on the marketing site.

3. Why we use it

  • To deliver the service the studio has subscribed to (performance of contract / GDPR Art. 6(1)(b)).
  • To meet legal obligations such as accounting and tax record-keeping (Art. 6(1)(c)).
  • To keep the platform secure, prevent abuse and respond to incidents (legitimate interest / Art. 6(1)(f)).
  • To send transactional emails and SMS the studio has configured (e.g. appointment reminders) on the studio’s instruction.
  • To improve product fit using aggregated, anonymised analytics. We do not profile individual data subjects.

3.1 Transactional SMS notifications (US A2P 10DLC)

When a studio enables SMS, the client’s mobile number is collected at the point of booking, waiver signing or in-studio check-in. The disclosure shown next to the phone-number field reads, in substance: “By providing your number you agree to receive transactional SMS (appointment confirmations, reminders, payment receipts) from this studio. Message and data rates may apply. Reply STOP to unsubscribe, HELP for support.” Consent is given by submitting the form and is not a condition of any service.

  • Sender: Wenlar LLC, on behalf of the studio, via Twilio (registered A2P 10DLC brand).
  • Message types: appointment confirmations, session reminders, completion notices, payment receipts, refund notifications, cancellation-consent links. No marketing.
  • Frequency: recurring — typically 0–5 messages per scheduled appointment, depending on what the studio has configured.
  • Carrier rates: standard message and data rates may apply per your mobile carrier’s plan.
  • Opt-out: reply STOP to any message; Twilio also recognises UNSUBSCRIBE, QUIT, CANCEL and END. You will receive a single confirmation and no further texts. We do not honour opt-outs across studios automatically — replying STOP unsubscribes you from the studio that sent that specific message.
  • Help: reply HELP for support information or write to [email protected].
  • No sharing: phone numbers collected for SMS are never sold, rented or shared with third parties or affiliates for their own marketing. They are passed only to Twilio (sub-processor) for the sole purpose of delivering the message you opted in to receive.
  • Retention: SMS logs (number, timestamp, status, template id, no message body retained beyond the carrier delivery window) are kept for 12 months and then purged by the quarterly retention cron documented at /retention.

4. Sharing

We do not sell personal data and we do not share it for cross-context behavioural advertising. We share it only with the sub-processors listed at /sub-processors (Cloudflare, AWS SES, Twilio, Google, Hetzner) — each bound by a Data Processing Agreement and limited to the minimum data needed. We also share data when the law requires us to, or to defend our rights.

5. Where data lives and international transfers

Application data is hosted in the European Union (Hetzner, Germany). Files (waivers, photos, ID images) are stored on Cloudflare R2 with AES-256 encryption at rest. Where data is transferred outside the EEA / UK, we rely on the EU Standard Contractual Clauses and the UK International Data Transfer Addendum.

6. How long we keep it

Retention periods are listed by category at /retention. In short: active customer profiles for the life of the subscription plus 30 days; financial and waiver records for 7 years (legal obligation); audit log for 3 years; application logs for 30 days; backups roll over every 30 days.

7. Security

  • TLS in transit; AES-256 at rest for files in Cloudflare R2.
  • Per-tenant logical isolation; per-branch role-based access control.
  • Bcrypt-hashed passwords, optional TOTP 2FA, JWT sessions with idle timeout.
  • Audit logging on consent, refund, discount, finance approval and GDPR actions.
  • Encrypted backups with a 30-day rolling window.
  • Vulnerability monitoring and dependency patching.

8. Your rights

Under the EU/UK GDPR you have the rights of access, rectification, erasure, restriction, portability and objection. Residents of certain US states (e.g. California, Virginia, Colorado, Connecticut, Utah) have similar rights under their own privacy laws. For studio-held data the studio is the controller and you should reach out to them first; we assist on request. For data we hold as controller, write to [email protected]. We respond within 30 days and never charge for the first request.

Studio admins can export or anonymise any individual customer record from the customer detail screen, satisfying GDPR Articles 15 and 17 in one click.

9. Cookies

The application uses strictly necessary cookies and tokens for authentication and session management. The marketing site does not use third-party advertising or tracking cookies; analytics is privacy-friendly and aggregated.

10. Personal-data breaches

Our breach response and notification commitments are described at /breach-notification (72-hour notification, severity tiers, post-incident review).

11. Google API user data

Where a studio connects Google Calendar or Drive, our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to train AI/ML models, and we do not share it with third parties beyond what is needed to provide the feature.

12. Children

The Service is not directed at children under 16, and we do not knowingly collect data from children under 13 (COPPA). Studios must obtain valid consent from a parent or legal guardian before collecting any data from a minor.

13. Notice for California residents (CCPA / CPRA)

This section applies to California residents and supplements the rest of this policy. Terms have the meanings given in the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act (collectively, “CCPA”).

Categories of personal information we collect

In the past 12 months we may have collected the following CCPA categories. We do not infer characteristics about consumers and we do not engage in cross-context behavioural advertising.

CCPA CategoryExamplesSourcePurpose
A. IdentifiersName, email, phone, postal address, IP address, account IDYou; the studio; automatic logsProvide the Service, security, billing
B. Customer-records (Cal. Civ. Code §1798.80)Name, contact info, financial info collected by the studioThe studio (as controller)Provide the Service to the studio
D. Commercial informationService subscription, billing history, product purchasesYou; the studioProvide the Service, billing
F. Internet/network activityPages viewed, login times, audit-log entries, anonymised IPAutomatic logsSecurity, fraud prevention, service operation
G. GeolocationApproximate location derived from IP only; we do not use precise geolocationAutomaticSecurity, fraud prevention
K. InferencesNone — we do not build profiles or infer characteristics
L. Sensitive personal information (CPRA)Driver’s licence number, government ID image, health-screening answers from waiversThe studio’s clients via signed waiversSolely to provide the waiver and identity-verification function the studio requested

No sale or sharing

We do not sell personal information and we do not share personal information for cross-context behavioural advertising. We have not done so in the preceding 12 months. Because of this, we are not required to display a “Do Not Sell or Share My Personal Information” link, but you may still contact [email protected] to confirm the position for your account.

Sensitive personal information — limited use

We process sensitive personal information (driver’s licence number, government ID image, health-screening answers) only for the purposes permitted under CPRA §7027(m) — to provide the Service requested by the studio, prevent fraud, ensure security, comply with law, and verify identity. We do not use sensitive PI to infer characteristics about consumers. As a result, the “right to limit use of sensitive personal information” does not change the way we process this data; you may still send a request and we will confirm.

Your California rights

  • Right to know. Request the categories or specific pieces of personal information we have collected about you, the sources, the purpose, and any third parties we shared it with.
  • Right to delete. Request that we delete personal information we collected from you, subject to exceptions (e.g. completing the transaction, security, legal obligation, internal use compatible with the context).
  • Right to correct. Request that we correct inaccurate personal information.
  • Right to opt-out of sale or sharing. N/A — we do not sell or share. If this changes we will publish the link required by CCPA.
  • Right to limit use of sensitive personal information. See above.
  • Right to non-discrimination. We will not deny service, charge different prices, or provide a different level of quality because you exercised any of these rights.

How to submit a request

Email [email protected] with the words CCPA REQUEST in the subject. Include your full name, the email or phone associated with your record, the studio you interacted with, and the right you want to exercise. We will:

  • Acknowledge within 10 business days.
  • Verify your identity (we may ask for two or three pieces of information that match what we hold).
  • Respond substantively within 45 days, with one 45-day extension if reasonably necessary.
  • Not charge a fee for the first request in any 12-month period.

Authorised agents

You may use an authorised agent to make a request on your behalf. The agent must provide written, signed authorisation from you, and we may still ask you to verify your identity directly.

Data processed for studios

Most of the information in PigmentCRM is held on behalf of the studio you interacted with — the studio is the “business” under CCPA and we are the “service provider”. Please contact the studio first; we will assist them with your request.

Annual review

We review the categories collected, sold (none), shared (none), or disclosed for a business purpose at least once per year and update this notice as needed. Last review: 2026-05-01.

14. Complaints

If you believe your data has been mishandled, we’d like to hear about it first at [email protected]. EU/UK residents may also lodge a complaint with their local data protection authority. US residents may contact the attorney general of their state.

15. Changes

We update this policy when our practices or the law change. The date at the top reflects the latest version. Material changes are announced to account owners by email.

Contact

Wenlar LLC
30 N Gould St, STE R
Sheridan, WY 82801, United States
Data protection: [email protected]
General: [email protected]