Skip to content

Privacy Policy

Last updated: July 8, 2026

Draft, pending attorney review. This document is a plain-language draft prepared for The M to describe how the studio and app work today. It is not final legal advice and must be reviewed by a licensed attorney before it is relied on.

This Privacy Policy explains how The M, Las Vegas Dancesport Club ("The M," "we," "us") collects, uses, and protects information when you use our website and app at the-m.club and our studio services (the "Services"). We run a youth and adult dance studio, so we handle information about children with particular care: it comes to us from parents, and parents stay in control of it.

Effective date: [EFFECTIVE DATE, to be set at launch]. Until then this policy is a draft and describes how the app works today.

What we collect, and from whom

From you (the account-holding adult). Your name, email address, and optionally your phone number when you create an account; your typed signature and the version of each consent document you accept or decline, with the date, IP address, and device, kept as an audit trail; messages you send us; and your payment activity (see Payments below).

About your dancers, provided by you.You, not the dancer, tell us each dancer's name and birthdate. Dancers under 18 never have their own login. As your dancers participate, we build studio records about them: bookings, QR check-in and check-out attendance, lesson history, coach lesson notes, syllabus progress and mastery, routines, event reservations, and rewards activity. If you accept the optional Photo and Video Release, photos and videos of your dancers taken at the studio are also covered records; if you decline, we make reasonable efforts not to feature your family (see Photos and media).

Collected automatically.Sign-in and security logs; first-party product analytics events (for example "lesson booked"), stored in our own database and never shared with advertisers; a cookie remembering your language; and, on your first visit, a cookie recording how you found us (for example a flyer code or the referring site), which stores marketing-source labels only, no personal details. We use no third-party ad trackers, no advertising pixels, and no cross-site tracking.

Payments. Card payments are processed by Stripe. Your card number never touches our servers: Stripe stores the card and gives us a secure token plus the card brand and last four digits. We keep our own records of charges, your weekly tab, studio balance, and gift-card activity.

Why we use it

  • To run the studio: classes, private lessons, events, scheduling, and check-in.
  • To bill accurately: the weekly tab, membership dues, balance, and receipts.
  • To track each dancer's progress and help coaches plan lessons.
  • To send service messages: reminders, confirmations, receipts, and account notices.
  • To run participation features: points, rewards, badges, and the member feed.
  • To keep the Services secure and comply with legal obligations.

We do notsell personal information, and we do not share it with third parties for their own marketing. That includes children's information and phone numbers.

Who processes data for us

We use a small set of service providers. Each processes data only on our behalf, to provide its service:

  • Clerk (authentication): your login email, name, and sign-in security.
  • Stripe (payments): card details and payment processing. Card numbers are held by Stripe, never by us.
  • Supabase (database): hosts our application database, where studio records live.
  • Vercel (hosting): runs the website and app.
  • Resend (email): delivers the emails we send you.
  • Twilio (text messaging): delivers texts, only if you opt in to SMS.
  • Printify (merchandise fulfillment): if you order merch shipped to you, we share the ship-to name and address needed to print and deliver it.
  • AI drafting providers(Anthropic or OpenAI): when a staff member uses the app's drafting assistant to compose a reply to you, the relevant conversation text is sent to the provider to generate a suggested draft, which a human reviews and edits before anything is sent. We do not use your data to train models, and we do not send payment details to these providers.

Beyond these providers, we disclose information only when required by law, to protect the rights and safety of members, staff, and the public, or as part of a business transfer (merger, acquisition, or sale of assets), in which case this policy continues to apply to it.

Children's privacy

We serve families with children, and the design follows from that. Children do not create accounts, do not have logins, and do not submit information to us directly; everything we hold about a dancer under 18 is provided by their parent or legal guardian, under that parent's consent, or generated by the studio in the course of teaching (attendance, progress, lesson notes, and, with consent, photos). We use children's information only to operate the studio, we never sell it, and we never use it for advertising. Where other families can see a dancer in the app (rosters, leaderboards, the feed), a minor appears as first name and last initial only. A parent or guardian can review, correct, or ask us to delete their dancer's information at any time (see Your choices).

Photos and media

Whether we may use photos and video of your family to promote the studio is controlled by the Photo and Video Release, which you accept or decline per dancer at signup. It is optional, and declining does not affect membership. You can change each dancer's choice at any time in your account settings (Account, then the photo permission control for each dancer). If you revoke consent, we stop using new images of that dancer and make a reasonable effort to remove existing ones from channels we control. The studio also has security cameras in public areas for safety; that footage is used for security, not marketing, and is covered by the Terms.

Text messaging (SMS)

Texting is strictly opt-in: the box is unchecked by default, and we never text a number without it. If you opt in, we send at most around 4 messages per month, honor nighttime quiet hours, and honor STOP (opt out) and HELP replies immediately. You can also turn texting off in your account settings. We never sell or share your mobile number or your opt-in status with third parties for their marketing; Twilio processes messages solely to deliver them. Full program terms are at the-m.club/sms.html.

Cookies and push notifications

We use a short list of first-party cookies: sign-in session cookies (Clerk), a language preference cookie, and a first-visit attribution cookie that remembers how you found us (marketing source only, no personal details). We do not use advertising cookies. If you install the app and turn on push notifications, your device gives us a push subscription we use to deliver them; you can turn push off in your device or browser settings at any time.

How long we keep information

We keep information for as long as your account is active. After an account closes, we retain what we must: financial records (charges, payments, tax records) and signed consent and waiver records are kept as required for legal, accounting, and liability purposes; most other records are deleted or de-identified once no longer needed. Attendance and progress history may be retained in de-identified form for studio statistics.

Your choices

  • Photo and video consent: change it per dancer, any time, in account settings.
  • Texts: reply STOP, or turn texting off in account settings.
  • Push notifications: control them in your device or browser settings.
  • Non-essential email: unsubscribe links in marketing emails, honored immediately. Service emails (receipts, account notices) continue while you have an account.
  • Access and correction: most records are visible and editable in your account; for anything else, email us.
  • Account deletion: request deletion from your account settings or by email. We record the request and a person completes it, because records about minors and money need careful handling: we delete what we can and tell you what we must retain (see How long we keep information).

Nevada residents may direct businesses not to sell covered information; we do not sell personal information, and we will honor any such request. We verify identity before acting on privacy requests.

Security, honestly stated

Sign-in is handled by Clerk with modern authentication. Card numbers never touch our servers. All traffic is encrypted in transit (HTTPS). Staff access to member records is role-based: coaches and staff see what their job requires, and money-related admin actions are permission-gated and logged to an audit trail. Our database is hosted by Supabase with access restricted to the application. No system is perfectly secure, and we will not pretend otherwise: if a breach affecting your personal information occurs, we will notify you as required by law.

Changes to this policy

We may update this policy as the Services evolve. For material changes, we will notify you by email or in the app before the change takes effect. The "Last updated" date above always reflects the current version.

Contact us

The M, Las Vegas Dancesport Club (Las Vegas, Nevada). For any privacy question or request, email hello@the-m.club or the founder directly at robert.mcshinsky@gmail.com. See also our Terms and Conditions and Refund and Cancellation Policy.