Legal

Privacy Policy

Last updated: 1 May 2026 · Effective: 1 May 2026

Taper ("we", "us", "Taper") provides software that helps barbershops manage their walk-in queue, client cards, and AI haircut previews. This policy explains how we collect, use, and protect personal information when you use the Taper website (taper.style), the Taper application (app.taper.style), and any other service we provide (together, the "Service").

We comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth) and the Spam Act 2003 (Cth). If you are in the EU/UK, the GDPR/UK GDPR also applies; we treat your data to a substantially equivalent standard. By using the Service you accept this Policy and our Terms of Service.

Plain-English summary. Barbershops are the data controllers for their own clients; we are the data processor. Photos and AI previews are kept only as long as the shop needs them, and you can ask us to delete your information at any time by emailing privacy@taper.style.

1. Who controls your data

If you are a barbershop owner or staff member using Taper to run your shop, Taper is the controller of your account information (email, login, billing).

If you are a customer of a barbershop using a Taper iPad or queue link to choose a haircut, the barbershop is the data controller of all information you provide and Taper is only a data processor acting on the shop's documented instructions. The barbershop is solely responsible for: obtaining your consent, telling you why your information is collected, deciding how long to keep it, and responding to your access, correction or deletion requests. Taper provides the tooling; the shop owns the relationship with you. Requests to see, correct, or delete your data should be directed to the barbershop. If the barbershop does not respond, you may email privacy@taper.style and we will assist as a processor where we are legally able.

2. What we collect

From shop owners and staff

Name, email, phone, business name, ABN if you provide one
Hashed password (we never store the plain text)
Subscription and billing metadata from Stripe (we never see your card number)
Server logs: IP address, browser type, pages visited, basic activity timestamps

From customers using a barbershop's Taper iPad or queue link

Name, mobile, email (only if you provide them)
Selected haircut
Front-facing photo (if you choose to use the AI preview)
The AI preview image generated from that photo
Marketing/contact consent flags
Time you joined the queue, IP address (for abuse prevention only)

3. How we use it

To run the service: show you the queue, save cut cards, generate AI previews, send the shop your selected style.
To improve the product: aggregate, de-identified usage analytics. We do not train AI models on customer photos.
To bill and support: manage subscriptions, respond to support requests.
To comply with the law: respond to legal process, enforce our Terms.

We do not sell or rent personal information. We do not use your photo or any information you give a barbershop to advertise other products to you.

4. AI haircut previews

If you (or the shop on your behalf) request an AI preview, your front photo and the chosen haircut style are sent to OpenAI via OpenAI's API to generate a preview image. OpenAI processes the image under its own API privacy and data-usage terms and returns the generated image to Taper. Taper does not retain the image with OpenAI for training or fine-tuning, in line with OpenAI's standard API data-usage policy.

AI previews are illustrative only. They are not a guarantee of how a haircut will actually look on you. Variations in lighting, hair growth pattern, scalp visibility, and barber technique mean the real-world result will differ. The preview is a visualisation aid, not a contractual outcome.

The shop owner can delete a saved preview from their dashboard at any time. If you want yours deleted immediately, ask the shop, or email us at privacy@taper.style.

5. Marketing & SMS / email contact

A shop will only send you SMS reminders or marketing if you tick the consent box on the iPad or queue page (Spam Act 2003 — express consent). You can withdraw consent at any time by replying STOP to an SMS, clicking unsubscribe in an email, or telling the shop. Taper itself only emails you about your Taper account, security alerts, and changes to this policy or our Terms.

6. How long we keep things

Customer photos and AI previews: retained for 90 days by default, then automatically purged unless the shop has saved them as part of a cut card portfolio with your consent.
Cut cards and client records: retained while the shop is an active Taper customer, plus 12 months. The shop can delete individual records at any time.
Account & billing records: kept for 7 years to comply with Australian tax law.
Server logs: 90 days.

7. Where it's stored

Taper hosts the application on DigitalOcean infrastructure in Sydney, Australia. Stripe processes payments globally. OpenAI processes AI previews on OpenAI's infrastructure (United States). Where data is sent overseas, we take reasonable steps to ensure it's handled to a standard equivalent to the APPs (APP 8.1).

8. Security

We use HTTPS for all connections, hash passwords with bcrypt, and store API keys server-side only. No system is perfectly secure; if we discover a breach that's likely to result in serious harm to you, we'll notify you and the OAIC under the Notifiable Data Breaches scheme.

9. Your rights

You can ask us to:

See the personal information we hold about you
Correct anything that's wrong
Delete your data ("right to be forgotten")
Export a copy of your data
Stop marketing contact

Email privacy@taper.style from the address linked to your account, or contact your barbershop. We respond within 30 days. If you're not satisfied, you can complain to the Office of the Australian Information Commissioner.

10. Cookies

Taper uses only the minimum cookies needed to keep you logged in and to remember your shop. We don't run third-party advertising trackers. The marketing site at taper.style does not set tracking cookies for visitors who don't sign in.

11. Children

Taper isn't designed for under-16s. If a customer under 16 wants to try the iPad preview, the shop should obtain parental consent first.

12. Changes

We'll post material changes here and notify shop owners by email at least 14 days before they take effect.

13. Contact

Privacy questions: privacy@taper.style
General contact: hello@taper.style
Operator: Taper, Melbourne, Australia.

Note for barbershop owners. When you use Taper, you commit to obtaining proper consent from your customers before collecting their photo, mobile, or email, and to honouring requests they make about their data. Our Data Processing Addendum (available on request) sets this out in full.