Privacy Policy
Effective Date: 7/2/26
Owner & Data Controller: Queen Beauté, LLC
Brand: Queendom by Queen Beauté™
Contact us here.
Registered in: The Commonwealth of Virginia, United States
1. Introduction
This Privacy Policy (“Policy”) explains how Queen Beauté, LLC (“Company,” “we,” “our,” or “us”) collects, uses, stores, and protects your information when you interact with any products, services, websites, or digital experiences under Queendom by Queen Beauté™ (“Brand”).
This Policy applies to:
- Websites and online platforms we operate
- Mobile and web applications operated by us and any future apps within the Queendom by Queen Beauté™ brand, including but not limited to The Queendom™, The Queendom Compass™, Queendom Meditations™, Decision Architecture™, and Identity Alchemy™
- Digital downloads and streaming content
- Courses, workshops, and memberships
- Speaking and keynote inquiries
- Retreats, events, or programs (current or future)
- Email newsletters and communications
- Purchases or inquiries through third-party partners or vendors (e.g., Stripe, Resend, Flodesk, Supabase, Plausible Analytics, Netlify, and others listed in Section 5)
By using our website, our applications, or purchasing any product or service, you consent to the practices described in this Policy. Throughout this Policy, “you” and “your” refer to any individual who interacts with our brand — whether by visiting our websites, using our applications, subscribing to our email lists, purchasing our products or services, or participating in our programs.
2. Information We Collect
We may collect the following types of information:
A. Personal Information You Provide
- Name
- Email address
- Billing address (if required for payment)
- Payment details (processed securely by third parties; we do not store full card numbers)
- Messages or inquiries
- Account login information (email and password)
- Reflections, journal entries, decisions, poll or prompt responses, and other written content you create within any of our applications
- Support ticket messages and replies you send through our in-app Help system
- Two-Factor Authentication factors (TOTP) if you choose to enroll one
B. Automatically Collected Data
- IP address (used for rate limiting and abuse prevention; not associated with individual identities in logs)
- Browser type and device information
- Access times and pages viewed
- Cookies and tracking technologies (where applicable)
C. Transactional Information
- Purchases
- Downloads
- Subscriptions
- Session/usage data from courses or streaming portals
- Entitlement records tracking which offerings you have access to across the brand
D. Program or Coaching Interactions
If you participate in workshops, coaching, or retreats, we may collect insights you voluntarily share for purposes of program delivery.
E. Information Stored Locally on Your Device or on Our Servers
Our applications store your account information (name, email, hashed password) and written or uploaded responses on Supabase’s secure, SOC 2 compliant servers, allowing you to access your account and reflections across multiple devices.
Your signed-in session (a JSON Web Token, or “JWT”) is stored in your browser’s local storage (queendom_session) so that when you move between chambers of The Queendom™, you don’t have to sign in again. This session identifier is issued by our authentication provider and expires automatically. Clearing your browser’s local storage or explicitly signing out invalidates this session. Your password is never stored in your browser.
Your password is never stored in plain text. It is protected using industry-standard secure password hashing (bcrypt), managed by our authentication provider Supabase.
3. How We Use Your Information
We use information to:
- Process and deliver digital products
- Provide access to courses, workshops, memberships, and applications across the Brand’s ecosystem
- Maintain user accounts, including written entries within the apps
- Respond to customer service requests through our in-app Help system and by email
- Manage transactions and third-party payment processing
- Improve website and application experiences and optimize performance
- Provide updates, announcements, or promotional messages
- Comply with legal obligations
- Maintain the integrity and security of all offerings, including detecting and preventing abuse
4. How We Protect Your Information
We use industry-standard security measures, including:
- Encrypted payment processing through Stripe. Payment details are entered directly into a Stripe-hosted checkout iframe and never touch our servers.
- HTTPS/TLS encryption for all data transmitted between your device and our servers, with HTTP Strict Transport Security preloaded
- Secure servers and access-controlled systems
- Industry-standard secure password hashing (bcrypt) managed by our authentication provider, with passwords never stored in plain text
- Two-Factor Authentication (TOTP) available to all members and strongly encouraged
- Content Security Policy applied to every page load, including per-request cryptographic nonces to defend against injected code
- Origin allowlisting on every authenticated server endpoint
- Per-IP and per-user rate limiting stored in a shared database, applied consistently across all instances of our infrastructure
- Cryptographic verification of caller identity (JWT signature verification) on every authenticated server request
- Redaction of personal information (including full email addresses) in our server logs
- Routine monitoring for unauthorized access
No method is 100% secure, but we take all commercially reasonable steps to protect your information.
5. Sharing Your Information
We may share your data with trusted third-party vendors who help us operate our brand, websites, and applications. These vendors only access your information to perform specific tasks and must protect it according to industry standards. We do not sell your information.
Specific vendors we currently use include:
- Stripe — payment processing for purchases and subscriptions. When you complete a purchase, your payment details are entered directly into Stripe’s checkout iframe embedded in our app. Your card number is never received or stored by us
- Flodesk — our email marketing platform. When you create an account in any of our apps, your name and email are added to The Sovereign Circle, our email list, with your explicit consent given via the consent checkbox at sign-up. You may unsubscribe at any time using the unsubscribe link in any email we send.
- Resend — transactional email delivery, including support ticket notifications, verification codes, and account-related emails. These emails are not marketing communications
- Supabase — secure database, authentication, and edge function infrastructure for our applications. SOC 2 compliant.
- Netlify — hosting infrastructure for our websites and applications, including edge functions that run on every page load to enforce security headers.
- jsdelivr (cdn.jsdelivr.net) — a public content delivery network from which we load pinned, integrity-checked versions of the client-side libraries our apps depend on (e.g., the Supabase client library).
- Google Fonts — the Cormorant Garamond typeface used across our brand is loaded from fonts.googleapis.com and fonts.gstatic.com.
- Plausible Analytics — privacy-friendly anonymous web traffic analytics. Plausible does not use cookies, does not track individuals across sites, and does not collect personally identifiable information.
We may disclose information if required by law, for fraud prevention, or to protect our rights.
6. Cookies & Tracking
We may use cookies or similar technologies on our websites for:
- Analytics
- Functionality
- Content personalization
- Shopping or product access
You can adjust cookie preferences in your browser.
Our applications do not use cookies. They store your signed-in session token in your browser’s local storage as described in Section 2E, and your account information and reflections on secure cloud servers. You may clear your browser’s local storage at any time through your browser’s settings.
7. Email Communications
By subscribing or making a purchase, you may receive:
- Product delivery emails
- Transaction receipts
- Support ticket replies and updates
- Updates about offerings
- Occasional news or announcements
Members who create an account in any of our apps are automatically enrolled in The Sovereign Circle email list with their explicit consent given at sign-up. You may unsubscribe from these emails at any time, except for transactional emails. Account deletion does not automatically remove you from the email list, and email-list removal does not delete your app account; the two systems are managed independently.
8. Data Retention
We retain your information for as long as needed to:
- Provide services
- Fulfill legal obligations
- Maintain business records
You may request deletion at any time unless restricted by law. Deleting your account removes your sign-in credential across every chamber of The Queendom™; purchases you made outright remain on record by email so that signing back up later with the same email restores access to them.
9. Your Rights (U.S. & International Visitors)
Depending on your location, you may have rights to:
- Access your data
- Correct inaccurate data
- Request deletion
- Limit processing
- Withdraw consent
- Receive a copy of your data in a portable format
- Lodge a complaint with a supervisory authority
Members in the European Union, the United Kingdom, or the European Economic Area are protected by the General Data Protection Regulation (GDPR) and have additional rights, including the right to data portability and the right to object to processing.
California residents are protected by the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), and have rights including the right to know what personal information we have collected, the right to request deletion, and the right to opt out of any sale of personal information. We do not sell personal information.
To exercise any of these rights, please contact us here.
10. Children’s Privacy
We do not knowingly collect data from individuals under 18. All offerings are intended for adults.
11. Updates to This Policy
We may update this Policy at any time. The effective date will reflect the latest revision. Material changes will be communicated via email or in-app notification when applicable.