![Make [Her]Story](/manus-storage/logo-arch_d5fcce77.png){kind=logo}
Legal
Privacy Policy
Effective: April 21, 2025 ยท Last Updated: April 21, 2025
Make [Her]Story ("we," "us," or "our") operates the website make-herstory.com and the related member portal, shop, and services. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and what rights you have. By using our website or services, you agree to the practices described here.
1. Personal Data We Collect
We collect the following categories of personal data:
| Category | Examples | How Collected |
|---|---|---|
| Identity | Full name, business name, business age | Account registration, contact forms, newsletter signup |
| Contact | Email address, phone number | Account registration, contact forms, newsletter signup |
| Account credentials | Email address, hashed password (never stored in plain text) | Account registration |
| Payment information | Billing name, card last 4 digits, transaction ID (processed by Stripe โ we never see full card numbers) | Shop checkout, VIP/coaching purchases |
| Usage data | Pages visited, clicks, session duration, browser type, IP address | Automatically via analytics tools |
| Communications | Messages sent via contact form, coaching inquiry content | Contact form, coaching booking |
| Community content | Profile bio, profile photo, business description (optional, shown in member directory) | Member portal profile settings |
2. How We Use Your Data
We use personal data for the following purposes:
- Account creation and authentication โ to create and manage your member portal account.
- Order fulfillment โ to process payments, deliver digital products, and handle physical shipments.
- Service delivery โ to provide access to coaching sessions, VIP membership benefits, and community resources.
- Marketing communications โ to send newsletters, promotional emails, and product announcements (only with your consent; you may unsubscribe at any time).
- Customer support โ to respond to inquiries submitted via the contact form or email.
- Analytics and improvement โ to understand how visitors use our site and improve our content and offerings.
- Legal compliance โ to meet our obligations under applicable law.
3. Third-Party Services We Use
We share data with the following third-party service providers only as necessary to operate our business. Each provider is contractually required to protect your data.
| Service | Provider | Purpose | Privacy Policy |
|---|---|---|---|
| Payment processing | Stripe, Inc. | Handles all card payments; we never store full card numbers | stripe.com/privacy |
| Web hosting & infrastructure | Manus AI | Hosts the website, database, and file storage | manus.im/privacy |
| CRM & marketing automation | GoHighLevel (GHL) | Stores contact records, sends marketing emails and SMS | gohighlevel.com/privacy |
| Calendar / booking | Boutiqly | Handles coaching session scheduling | boutiqly.io/privacy |
| Analytics | Manus Analytics (self-hosted) | Tracks page views and session data; no cross-site tracking | manus.im/privacy |
| Podcast hosting | She Makes a Podcast (external) | Embeds podcast player on our site | shemakesapodcast.com |
| Spotify embed | Spotify AB | Embeds podcast episodes | spotify.com/privacy |
We do not sell your personal data to third parties.
4. Cookies and Tracking Technologies
We use the following types of cookies and similar technologies:
| Type | Purpose | Required? |
|---|---|---|
| Essential / Functional | Session authentication, login state, cookie consent preference | Yes โ cannot be disabled |
| Analytics | Aggregate page view and session data to improve site performance | No โ requires consent |
| Marketing | Tracking for email marketing and retargeting (via GoHighLevel) | No โ requires consent |
You can manage your cookie preferences at any time using the link in the footer.
5. Data Retention
We retain personal data for as long as your account is active or as needed to provide services. If you request deletion of your account, we will remove your personal data within 30 days, except where retention is required by law (for example, financial records required for tax purposes).
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data ("right to be forgotten").
- Opt-out of marketing: Unsubscribe from marketing emails at any time using the unsubscribe link in any email, or by contacting us directly.
California Residents (CCPA / CPRA)
Under the California Consumer Privacy Act, California residents have the right to know what personal information we collect, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising these rights. To submit a verifiable consumer request, contact us at [email protected].
EU / UK Residents (GDPR / UK GDPR)
If you are located in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation, including the right to data portability, the right to restrict processing, and the right to object to processing. Our legal basis for processing your data is typically your consent (for marketing), contract performance (for account and order management), or legitimate interests (for analytics and security). You also have the right to lodge a complaint with your local supervisory authority.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days.
7. Children's Privacy
Our website and services are not directed to children under the age of 13. We do not knowingly collect personal data from anyone under 13. If you believe we have inadvertently collected data from a child, please contact us immediately at [email protected] and we will delete it promptly.
8. Data Security
We implement industry-standard security measures to protect your personal data, including HTTPS encryption for all data in transit, bcrypt hashing for passwords, and access controls limiting who can view personal data. Payment card data is processed exclusively by Stripe within their PCI-DSS compliant environment โ we never receive or store full card numbers, CVV codes, or card expiration dates.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For material changes, we will notify registered users by email. Continued use of our services after changes are posted constitutes acceptance of the updated policy.
10. Contact Us
For privacy-related questions, requests, or complaints, please contact us at: