Privacy Policy
Emily Lynn & Company
California Consumer Privacy Act (CCPA/CPRA) Compliant
Effective Date: January, 2026 | Last Updated: March, 2026
1. Introduction
Emily Lynn & Company ("Company," "we," "us," or "our"), operated by Wright Ventures LLC doing business as Emily Lynn & Company, is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at emilylynnandcompany.com, use our client platform at documents.emilylynn.co, or use our bridal hair and makeup services.
This Privacy Policy is designed to comply with the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), and the regulations adopted by the California Privacy Protection Agency (CPPA).
Please read this Privacy Policy carefully. By using our Services, you consent to the practices described in this policy. If you do not agree with this Privacy Policy, please do not access or use our Services.
2. Information We Collect
2.1 Personal Information You Provide
We collect information you voluntarily provide to us, including:
• Contact Information: Name, email address, phone number, and mailing/billing address.
• Event Information: Wedding date, venue/location details, event timeline, service preferences, and special requests.
• Payment Information: Credit card or bank account information for payment processing. Note: We do not store your complete payment card information on our servers. All payment information is processed and stored securely by our payment processor, Stripe, which is PCI-DSS compliant.
• Communications: Any messages, inquiries, or feedback you send to us.
• Photos: Images you may provide for consultation purposes, such as inspiration photos or photos showing your desired look.
• Electronic Signatures: Your electronic signature on contracts and agreements executed through our platform.
2.2 Information Collected Automatically
When you visit our website or use our platform, we may automatically collect certain information, including:
• Device Information: Browser type, operating system, device type, and unique device identifiers.
• Usage Information: Pages viewed, time spent on pages, links clicked, and referral source.
• Log Data: IP address, access times, and referring website addresses.
2.3 Information from Third Parties
We may receive information about you from third parties, including referrals from wedding planners, venues, or other vendors; information from social media platforms if you interact with us there; and payment confirmation from our payment processor.
3. How We Collect Information
We collect information through the following methods:
• Directly from You: When you fill out forms on our website, submit inquiries, sign contracts, make payments, or communicate with us via email or phone.
• Automatically: Through cookies, web beacons, and similar tracking technologies when you visit our website.
• From Third Parties: Through referrals from venues, wedding planners, or other service providers, or from social media platforms.
4. How We Use Your Information
We use the information we collect for the following purposes:
• To Provide Services: To deliver our bridal hair and makeup services, process bookings, manage contracts, and coordinate with you about your event.
• To Process Payments: To process transactions, send invoices, and manage billing through our secure payment processor.
• To Communicate: To respond to inquiries, send booking confirmations, provide event reminders, and share important service-related information.
• To Improve Services: To analyze usage patterns, understand client preferences, and enhance our services and platform.
• For Marketing: With your consent, to send promotional materials, newsletters, or information about special offers. You can opt out at any time.
• For Legal Compliance: To comply with applicable laws, regulations, and legal processes, and to protect our legal rights.
5. How We Share Your Information
We may share your information with the following categories of recipients:
Service Providers
We share information with third-party service providers who perform services on our behalf. These providers are contractually obligated to use your information only for the purposes of providing services to us and to maintain appropriate security measures. Our service providers include:
• Stripe: Payment processing (PCI-DSS compliant)
• Supabase: Database hosting and storage
• Railway: Application hosting
• Google Maps API: Location and travel calculations
• Resend: Transactional email delivery
Artists and Staff
We share necessary information with the artists assigned to your event, including your name, event date, venue location, timeline, and service details needed to provide your services.
Legal Requirements
We may disclose information if required by law, regulation, legal process, or governmental request, or to protect our rights, privacy, safety, or property.
Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
WE DO NOT SELL YOUR PERSONAL INFORMATION. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
6. Cookies & Tracking Technologies
We use cookies and similar tracking technologies to collect information and improve our Services.
6.1 Types of Cookies We Use
• Essential Cookies: Required for our website to function properly, including session management and security features.
• Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage data.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences.
6.2 Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. However, blocking essential cookies may affect the functionality of our website.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including:
• Active Clients: We retain your information throughout our business relationship and for a reasonable period afterward.
• Completed Events: We retain contract and payment records for seven (7) years after your event date for tax, legal, and business purposes.
• Marketing Communications: If you have opted in to marketing, we retain your contact information until you opt out.
• Website Analytics: Anonymized analytics data may be retained indefinitely for historical analysis.
Upon request, we will delete your personal information in accordance with your rights under applicable law, subject to our legal retention obligations.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
• Encryption: Data transmitted to and from our website is encrypted using SSL/TLS technology.
• Access Controls: Access to personal information is limited to authorized personnel who need it to perform their job functions.
• Secure Payment Processing: All payment transactions are processed through Stripe, which is PCI-DSS Level 1 compliant, the highest level of payment security certification.
• Secure Infrastructure: Our platform is hosted on secure, professionally managed infrastructure with regular security updates.
While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.
9. Your California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). We are committed to honoring these rights.
9.1 Right to Know
You have the right to know what personal information we collect about you and how we use it. You may request disclosure of the categories of personal information we have collected, the sources from which we collected it, our business or commercial purpose for collecting it, the categories of third parties with whom we share it, and the specific pieces of personal information we have collected about you.
9.2 Right to Access
You have the right to request a copy of the personal information we have collected about you. We will provide this information in a portable and readily usable format.
9.3 Right to Delete
You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions.
9.4 Right to Correct
You have the right to request that we correct inaccurate personal information that we maintain about you.
9.5 Right to Opt-Out of Sale or Sharing
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes.
9.6 Right to Limit Use of Sensitive Personal Information
We only collect and use sensitive personal information as necessary to provide our services.
9.7 Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights.
9.8 How to Exercise Your Rights
To exercise any of your California privacy rights, you may submit a request by email to [email protected] with the subject line "California Privacy Request."
10. Global Privacy Control & Opt-Out Preference Signals
We honor Global Privacy Control (GPC) and other opt-out preference signals. When we detect a GPC signal or similar opt-out preference signal from your browser, we will treat it as a valid request to opt out of the sale or sharing of your personal information.
As stated above, we do not currently sell or share personal information for cross-context behavioral advertising. If you send an opt-out preference signal, we will confirm that your request has been honored.
11. Do Not Track Signals
Some web browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. We currently do not respond to DNT signals because there is no common industry standard for DNT. However, we do honor Global Privacy Control signals as described above.
12. Children's Privacy
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete such information as soon as possible. If you believe we have collected information from a child under 13, please contact us immediately.
For California residents under 16 years of age, we comply with additional protections under CCPA/CPRA, including obtaining affirmative consent before selling or sharing their personal information. As noted, we do not sell or share personal information.
13. Third-Party Links
Our website may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access through our website.
14. International Users
Our Services are primarily intended for clients in the United States, particularly in California and Southern California. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located. By using our Services, you consent to the transfer of your information to the United States.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on our website with a new "Last Updated" date, sending you an email notification if we have your email address, and/or providing notice through our platform.
We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes indicates your acceptance of the updated Privacy Policy.
16. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Emily Lynn & Company
A division of Wright Ventures LLC
11400 W Olympic Blvd, Ste 200
Los Angeles, CA 90064
For Privacy Questions: [email protected]
For California Privacy Requests: [email protected]
Subject Line: "California Privacy Request"
Website: emilylynnandcompany.com
