Privacy Policy

Last updated: September 30, 2025

This Privacy Policy describes how Child Actor 101 (“Company,” “we,” “us,” “our”) collects, uses, and shares information in connection with our websites and services, including childactor101.com and the Child Actor 101 Directory at directory.childactor101.com (collectively, the “Service”).

By using the Service, you agree to the practices described here.

1) What this covers

This policy applies to:

  • The main site (childactor101.com), the Directory (directory.childactor101.com), vendor dashboards, and related forms (including “Suggest a Vendor”).

  • Our newsletters and transactional emails (e.g., account, billing, review notifications).

This service is intended for adults (parents/guardians and professionals). We do not knowingly collect personal information from children under 13.

2) Information we collect

You provide:

  • Account data: name, email, password (or email for magic links), role (parent/vendor), profile details.

  • Vendor data: listing name, descriptions, categories, logo/images, location, contact info, promos; claim and upgrade submissions.

  • Reviews: star ratings and comments you post (public once approved).

  • Support/request data: messages, preferences.

Collected automatically:

  • Device/usage info (IP address, browser, pages viewed, timestamps, referral).

  • Cookies/pixels for session management, fraud prevention, and analytics.

From third parties:

  • Payments/subscriptions via Stripe (we receive status, plan, last 4/brand via Stripe; we do not store full card numbers).

  • Form submissions via Airtable for vendor suggestions (if enabled).

  • Hosting/analytics events from our infrastructure providers.

3) How we use information

  • Provide and secure the Service (auth, sessions, RLS access controls, fraud prevention).

  • Directory operations: publish vendor listings and approved reviews (public), search and filtering, claim/upgrade workflows.

  • Communications: transactional emails (account, billing, review status), optional newsletters (opt-in).

  • Billing: create/manage subscriptions and invoices via Stripe.

  • Improvement/analytics: diagnose issues, measure usage, improve features.

  • Legal/compliance: enforce terms, protect rights, respond to lawful requests.

4) Processing bases

We process information to perform a contract (your account/subscription), with your consent (marketing), for legitimate interests (security, product improvement), and to comply with law.

5) Disclosures (service providers & others)

We share personal information with:

  • Payment processing: Stripe (subscriptions, invoices).

  • Infrastructure: hosting/build/CDN/monitoring providers (e.g., Vercel or equivalent), email delivery, error logging.

  • Databases: Supabase (auth, profiles, RLS), Airtable (vendor suggestions, if enabled).

  • Email marketing: (e.g., Mailchimp) if you opt into newsletters.

  • Public content: vendor listings and approved reviews are publicly visible.

  • Legal/Transfer: if required by law, to protect rights, or during a merger/sale.

We require processors to handle data under confidentiality and only as instructed.

6) “Sell” or “Share” (CCPA/CPRA)

We do not sell or share personal information as defined by the California Consumer Privacy Act as amended by the CPRA. We also don’t use cross-context behavioral advertising. If this changes, we will update this policy and provide an opt-out mechanism.

7) Cookies & similar technologies

We use essential cookies (sessions, security) and non-essential cookies/pixels (analytics). You can control cookies via your browser. We do not use Flash cookies. The Service does not respond to DNT signals.

8) Data retention

  • Account/profile: for the life of your account and a reasonable period after closure.

  • Listings/reviews: retained while published or needed for moderation/records.

  • Billing/records: typically 7 years (tax and accounting).

  • We may anonymize or aggregate data for longer retention.

9) Security

We use reasonable administrative, technical, and organizational safeguards (encryption in transit, least-privilege access, Supabase Row Level Security, periodic access reviews). No system is 100% secure.

10) International transfers

Our providers may process data in the U.S. and other countries. We take steps to ensure appropriate protections for such transfers.

11) Your choices & rights

  • Email preferences: unsubscribe links in non-transactional emails.

  • Access, correction, deletion: email us to exercise rights (see “Contact”).

  • California (CCPA/CPRA): right to know, delete, correct, portability, and freedom from discrimination. Because we do not sell or share, opt-out of sale/share does not apply.

We will verify your request (and agent authority, if applicable) before acting. We aim to respond within 45 days (extendable as permitted).

12) Children’s privacy

The Service is not directed to children under 13, and we do not knowingly collect their personal information. If you believe a child provided personal information, contact us to delete it.

13) Third-party links

External sites have their own policies. We’re not responsible for their practices.

14) Changes

We may update this Policy. We’ll change the “Last updated” date and, when appropriate, notify you.

15) Contact

Privacy requests / questions: privacy@childactor101.com

If you prefer, you can also email Corey@childactor101.com