Incratic Less Admin, More Time
← Back to home

Privacy Policy

Effective date: June 28, 2026

Last updated: June 28, 2026

1. Who we are

Extraordinary Products, LLC ("Incratic," "we," "us," or "our") provides a software platform that dance studios, yoga studios, and similar businesses (each a "Studio") use to schedule classes, manage enrollment and attendance, invoice and collect payments, and communicate with their customers.

This Policy explains how we handle personal information. Because of how the platform works, two different roles apply to the data in it:

  • When you are a Studio (a business that subscribes to Incratic), you are the data controller for your customers' information. We act as your service provider / data processor and handle that information on your behalf and under our agreement with you.
  • For information about the Studios themselves and their staff, and for operating and securing the platform, we are the controller.

If you are a dancer, a parent, or another customer of a Studio, the Studio is primarily responsible for your information. Please also read that Studio's own privacy notice and direct access/deletion requests to them first; we will assist them as required.

Contact: privacy@incratic.com

2. Information we collect

2.1 Account and profile information

  • Name (first and last)
  • Email address
  • Phone number
  • Preferred language
  • Date of birth
  • For students: school and grade level
  • Account credentials (passwords are stored only as a salted hash; we never store plaintext passwords)

2.2 Children's / minor's information

Studios on the platform commonly enroll minors. A parent or guardian account can create and manage family member profiles (children and co-parent contacts) that do not have their own login. These profiles may include the child's name, date of birth, school, and grade, plus class registrations and attendance.

This information is provided by the managing adult account or by the Studio. See Section 8 (Children's privacy) for details and consent requirements.

2.3 Emergency contact information

Name, phone number, and relationship of emergency contacts that a customer or Studio adds to a profile. This may be information about a third party; the person who provides it is responsible for being authorized to share it.

2.4 Scheduling, enrollment, and attendance

  • Classes, sessions, and events a person is registered for
  • Attendance records and status (present, absent, etc.)
  • Skill/event levels and category preferences
  • For staff/instructors: availability schedules and assigned sessions

2.5 Payment and billing information

  • Invoices and line items, amounts, due dates, and payment status
  • Payment method (credit/debit card via Stripe, cash, or check)
  • Check numbers recorded by Studio staff for check payments
  • Store-credit balances (e.g., credit issued for a cancelled class)
  • Stripe payment references (e.g., PaymentIntent identifiers)

We do not store full card numbers, CVV, or bank account numbers. Card payments are processed by Stripe, Inc., our payment processor. Card data is transmitted directly to Stripe and handled under Stripe's Privacy Policy. We retain only the non-sensitive references and status needed to reconcile invoices.

2.6 Communications

  • Emails we (or a Studio through the platform) send you, including recipient address, subject, template, delivery status, and any delivery errors (an email log)
  • Policy/waiver acknowledgements, including which policy version you accepted and when

2.7 Authentication and security data

  • Session/access and refresh tokens (stored only as hashes), issue/expiry times, and revocation status
  • Account status flags (enabled, locked)

2.8 Audit / change history

The platform keeps a detailed audit trail that records changes to records (such as registrations, invoices, sessions, users, and policies), including which user made a change and when. This is used for security, dispute resolution, and Studio recordkeeping.

2.9 Technical and usage data

Standard server and device data such as IP address, browser/device type, log timestamps, and actions taken in the application, collected automatically to operate and secure the service.

3. How we use information

We use personal information to:

  • Provide, maintain, and improve the platform and its scheduling, enrollment, attendance, invoicing, and payment features
  • Authenticate users and secure accounts
  • Process payments and issue invoices, refunds, and store credit
  • Send transactional communications (registration confirmations, invoices, reminders, password resets, policy updates)
  • Maintain audit and financial records, and resolve disputes
  • Detect, prevent, and investigate fraud, abuse, and security incidents
  • Comply with legal, tax, and accounting obligations

We do not sell personal information, and we do not use the personal information of a Studio's customers for our own advertising.

4. How information is shared

  • With the Studio you interact with. Your information is visible to the Studio you registered with and its authorized staff, according to their roles and permissions.
  • Within a family. A managing adult account can view information for the child and family-member profiles it manages.
  • Service providers / subprocessors, who process data on our behalf under contract, including:
    • Stripe (payment processing)
    • Amazon Web Services (AWS SES) (transactional email delivery)
    • Amazon Web Services (AWS) (cloud hosting and database)
  • Legal and safety. When required by law, subpoena, or to protect rights, safety, and the integrity of the service.
  • Business transfers. In connection with a merger, acquisition, or sale of assets, subject to this Policy.

A current list of subprocessors is available on request.

5. Payments

Card payments are handled by Stripe. When you pay by card, your card details go directly to Stripe; we receive only a payment reference and status. Cash and check payments are recorded by Studio staff. Refunds may be issued as store credit or, where supported, back to the original payment method, according to the Studio's policy.

6. Data retention

We retain personal information for as long as needed to provide the service and for legitimate business and legal purposes:

  • Account and profile data: for the life of the account; deactivated ("inactive") records may be retained for history and recordkeeping.
  • Financial records (invoices, payments, store credit): retained as required by tax and accounting law (typically several years).
  • Audit / change history: retained for security and dispute resolution.
  • Email logs: retained for as long as needed.

When a Studio's subscription ends, we handle return or deletion of its data as described in our agreement with that Studio. Note that the platform uses soft deletion for many records (marking them inactive rather than erasing them) so that history and financial records remain intact; hard deletion is performed on verified request where legally permitted.

7. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, port, or restrict the use of your personal information, and to object to certain processing.

  • If you are a customer of a Studio, contact that Studio first; we will support the Studio in fulfilling your request.
  • Otherwise, contact us at privacy@incratic.com.

We will respond within the timeframes required by applicable law. We will not discriminate against you for exercising your rights.

California (CCPA/CPRA): We do not sell or "share" (for cross-context behavioral advertising) personal information. Categories collected and the purposes are described in Sections 2–3. You may exercise access and deletion rights as above.

8. Children's privacy

The platform is designed for Studios that serve minors, and it stores information about children (name, date of birth, school, grade, registrations, and attendance) that is entered by a parent/guardian account or by Studio staff.

  • Children do not create their own accounts; their profiles are created and managed by a parent/guardian account or by Studio staff.
  • The Studio is responsible for obtaining any required parental/guardian consent to collect and use a child's information, including consent that satisfies the Children's Online Privacy Protection Act (COPPA) and applicable U.S. state law. As the controller of its customer data, the Studio determines the policies and waivers presented to parents and is responsible for their content and legality.
  • We use children's information only to provide the service to the Studio and the managing adult (enrollment, attendance, billing, and communications) and do not use it for advertising or profiling.
  • A parent/guardian may review, update, or request deletion of their child's information through the Studio or by contacting us.

How consent is captured and recorded

Where a Studio requires acknowledgement of a policy or waiver before a customer can register, the platform captures the parent/guardian's agreement through an affirmative "I agree" action ("clickwrap") and stores a durable, write-once record of it. Each record pins the exact version of the policy that was accepted (by a tamper-evident content hash), the account that accepted it (the parent/guardian, including when they act on behalf of a child), the date and time of acceptance, and the IP address and device/browser from which it was made. A Studio can require renewed acknowledgement when a policy changes. These electronic acknowledgements are designed to be enforceable as electronic signatures (clickwrap) under the U.S. Electronic Signatures in Global and National Commerce Act (E-SIGN Act) and comparable U.S. state law (e.g., the Uniform Electronic Transactions Act); their ultimate validity in any given case is a legal determination.

This Policy and the platform are not directed to children, and we do not knowingly collect personal information directly from a child. Information about a minor is provided to us by the adult who manages their profile or by the Studio. If we learn we have collected a child's information without the required authorization, we will delete it.

9. Security

We use technical and organizational measures to protect personal information, including hashing of passwords and tokens, encrypted transport (TLS), role- and permission-based access controls, and audit logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. U.S.-only service

We offer the Service to, and transact business with, customers in the United States only, and we process personal information in the United States. The Service is not directed to individuals outside the United States.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be communicated by posting the updated Policy with a new "Last updated" date and, where appropriate, by notice through the service or email.

12. Contact us

Extraordinary Products, LLC
privacy@incratic.com