Last Updated: April 28, 2026
This policy describes how Pinch Med, Inc. (“Pinch”) collects data, treats data, what we do, and what options you have regarding the collection and use of your data.
Information We Collect
We may collect different types of information during your interactions with our site and through our advertising and media across the Internet and our web and mobile apps. This information may include personal information (e.g., name, phone number, postal address, email address, and certain payment information), technical information (e.g., device identifier, IP address, browser type, operating system) and usage information (e.g., how you use and navigate to and from our site, and information about content). We may combine these types of information together, and collectively refer to all of this information in this Privacy Policy as “Information.”
Information may be collected as described below and through the use of cookies, web beacons, pixels, SDKs, and other similar technologies by us or by other companies on our behalf. Below we describe the types of Information we may collect:
We may collect, aggregate and anonymize non-personally identifiable information into statistics regarding user behavior such as overall patterns or demographic reports that do not describe or identify any individual user.
We may collect Information in the course of your use of, or registration with, our site. For example, when you create an account, register for or download an app, or sign up for a product or service, you may provide us with certain personal information. This type of personal information may include name, phone number, postal address, email address, or certain payment information (e.g., credit card and billing information). We may also collect Information about your interest in and use of various products, programs, services, and content available on or through our site.
When you interact with our site, you may share other information about yourself by, for example, creating a profile, or filling out a survey or application. We may collect this type of sensitive information if you participate in surveys, focus groups, or opportunities to test new products, programs, or services. We collect this sensitive information with your consent, if required by law, and we take steps to protect and limit any use of it to the purposes for which it is provided.
We may collect Information other people submit about you. For example, a friend might submit Information to invite you to participate in a joint service, make recommendations, or share content. By processing these requests, we may receive your Information, including a recipient’s name, postal address, email address, telephone number, or information about your interest in and use of various products, programs, and services. Some portions of our site may also allow users to invite friends to participate in activities by providing their friends’ contact details or importing contacts from your address book or from other sites.
We may combine Information we receive online with other information, including usage information from our online advertising and media. We may also supplement or combine Information with information from a variety of other sources or outside records, such as demographic, transaction history, or personal information, and we may use that combined information in accordance with this Privacy Policy.
You can engage with some of our content and offerings, such as videos, live feeds, apps, and other offerings on or through third party communities, forums, and social media sites, platforms, services, plug-ins, and applications (“Social Media Sites”). When you link to or interact with our site, content, or offerings through Social Media Sites, you may allow us to receive certain Information from your social media account (e.g., name, user ID, email address, profile photo, photos and videos, gender, birthday, location, your list of friends and their contact details, people you follow and/or who follow you, the posts or the ‘likes’ you make). We may also receive Information from your interaction with our content (e.g., content viewed, time spent on our site, etc.). By providing this Information or otherwise interacting with our site through Social Media Sites, you consent to our use of Information from the Social Media Sites in accordance with this Privacy Policy.
We may have access to certain Information about your location, such as your country or address, when you provide it either directly or via device information. If you access our site on your mobile device, we may collect Information about your device’s precise location. We also may derive a general location from device information (such as an IP address).
For some features, we will ask for permission to access your device’s camera. If you grant permission, you may be able to take pictures or video within the app experience. We may use camera-captured images for identity verification purposes, as described in the Biometric Information section below.
We also collect certain technical and usage information when you use our site, such as the type of device, browser, and operating system you are using, your Internet service provider or mobile carrier, unique device identifier, device and browser settings, the web pages and apps you use, and certain site usage information.
Biometric Information — Identity Verification
Pinch uses Stripe Identity, a third-party identity verification service provided by Stripe, Inc., to verify the identity of clients who book appointments through our platform. This verification process involves the collection and processing of biometric information as described below. This section constitutes Pinch’s publicly available written policy regarding the collection, use, retention, and destruction of biometric identifiers and biometric information, as required by the Illinois Biometric Information Privacy Act (740 ILCS 14) and other applicable state laws.
When you complete identity verification through our platform, Stripe collects a photograph of your government-issued identification document and a selfie image. Stripe’s systems generate a scan of your facial geometry (a “biometric identifier”) from both images and perform a face-match comparison to verify that the person submitting the selfie is the same person depicted on the identification document. The facial geometry scan and any information derived from it constitute “biometric information” as defined under applicable law.
Pinch does not collect, receive, store, or have access to biometric identifiers (facial geometry scans) at any point. The biometric comparison is performed entirely within Stripe’s systems. Pinch never possesses, transmits, or retains your facial geometry data. The information Pinch receives from the verification process is limited to: (1) the verification result (e.g., verified, not verified, or flagged); (2) captured images of the identification document and selfie (photographs only — not biometric scans); and (3) extracted text data such as legal name and date of birth. None of this information constitutes a biometric identifier.
Pinch retains the selfie photograph and identification document image received from the verification process for the following purposes, which are separate from and unrelated to biometric processing:
These photographs are standard images and are not processed by Pinch to extract biometric identifiers. Pinch retains these images for as long as you maintain an active account with Pinch, or for three (3) years following your last interaction with Pinch, whichever occurs first, unless a longer retention period is required by applicable law. You may request deletion of these images at any time by contacting us using the information in the Contact Us section below.
Pinch directs the collection of biometric information by Stripe solely for the following purposes:
Biometric identifiers and biometric information are collected and processed exclusively by Stripe, Inc. Stripe acts as both a data processor (performing the verification at Pinch’s direction) and a data controller (for its own fraud prevention and security purposes, and for improving its verification technology where you separately consent to Stripe).
Pinch will not sell, lease, trade, or otherwise profit from your biometric identifiers or biometric information. Pinch will not direct or authorize the disclosure of your biometric identifiers or biometric information to any party other than Stripe and its sub-processors, except as required by law, legal process, or court order, or with your written consent.
Because Pinch does not possess biometric identifiers, retention and destruction of biometric data is governed by Stripe’s practices. Stripe permanently destroys biometric identifiers (facial geometry scans) within one (1) year of collection. Stripe retains non-biometric verification data (captured images, extracted data, and verification results) for up to three (3) years, unless a longer retention period is required by applicable law. To the extent Pinch is deemed to have directed the collection of biometric information, Pinch will ensure that biometric identifiers and biometric information are destroyed when the initial purpose for collecting them has been satisfied or within three (3) years of the individual’s last interaction with Pinch, whichever occurs first, unless retention for a longer period is required by applicable law.
Before initiating identity verification, Pinch will present you with a clear disclosure summarizing what biometric information is collected, the purpose, the retention and destruction practices, how Pinch retains and uses the selfie and ID photographs, and the identity of the third-party processor (Stripe). You will be asked to provide your affirmative, informed consent (electronic signature) before the Stripe Identity verification flow begins. If you decline to provide consent, you will not be required to complete biometric verification, but your verification status will reflect that verification was not completed, and this status will be visible to providers.
Depending on your state of residence, you may have the following rights with respect to your biometric information:
To exercise any of these rights, to request deletion of your biometric information or photographs, or to revoke your consent, please contact us using the information in the Contact Us section below. For requests related to biometric data held by Stripe, you may also contact Stripe directly at privacy@stripe.com or visit Stripe’s Privacy Center.
If you do not consent to biometric identity verification, you may decline the verification process. Your booking will not be cancelled solely because you declined verification; however, your provider will be informed that your identity has not been verified. Pinch may offer alternative verification methods in the future. To inquire about alternative verification options, please contact us using the information in the Contact Us section below.
Biometric information processed by Stripe is protected using industry-standard security measures, including encryption in transit and at rest. Pinch protects the photographs, verification results, and associated data it receives using commercially reasonable security controls that are the same as, or more protective than, the measures Pinch uses to protect other confidential and sensitive information.
Information Use
We use Information for the purposes described in this policy or disclosed at the time of collection or with your consent.
We may use the Information we collect about you through our site to fulfill your requests for, and otherwise provide or analyze your use of our products, programs, and content, to facilitate sharing and other interactions with Social Media Sites, and to provide, develop, maintain, personalize, protect, and improve your experience and our offerings.
We may use Information about you to communicate with you, such as (i) to notify you when we make changes to our policies or user agreements, (ii) to respond to your inquiries and provide you with customer service, (iii) to communicate with you about your purchases or transactions, (iv) to contact you about your account, or (v) to send you information about promotions, offerings, and site features.
We may use technical and usage information to improve the design, functionality and content of our site and to enable us to personalize your experience with our site and offerings.
We may use Information we collect to detect, investigate, and prevent activities on our site that may violate our terms of use, could be fraudulent, violate copyright, or other rules or that may be otherwise illegal, to comply with legal requirements, and to protect our rights and the rights and safety of our users and others.
No Sale or Sharing of Personal Information
We do not sell, rent, lease, or trade your personal information for monetary compensation.
We also do not “share” personal information for cross-context behavioral advertising as defined under the California Consumer Privacy Act (CCPA), except where you have provided consent through our cookie preference tools.
To the extent any analytics or advertising technologies could be interpreted as a “sale” or “sharing” under certain state privacy laws, you may opt out at any time by using our “Do Not Sell or Share My Personal Information” link available in the footer of our website.
Disclosure and Sharing of Information
In certain circumstances, we may disclose your Information to third parties for a business purpose. We do not sell, rent, lease, or “share” your Information, and will not disclose your Information to third parties for purposes of their direct marketing without providing notice to you.
We may disclose Information when you provide us with your consent to do so.
We may disclose Information in response to a legal process, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request. We also may disclose such Information to third parties: (i) in connection with fraud prevention activities, (ii) where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, (iii) in situations that may involve violations of our terms of use or other rules, (iv) to protect our rights and the rights and safety of others, and (v) as otherwise required by law.
We may transfer Information in the event of a business transaction, such as if we or one of our business units or our relevant assets are acquired by, sold to, or merged with another company or as part of a bankruptcy proceeding or a business reorganization.
Organizations that perform services for us may have access to Information to help carry out the services they are performing for us, such as, but not limited to, creation, maintenance, hosting, and delivery of our site, products, and services, conduct marketing, handle payments, email and order fulfillment, administer promotions, conduct research and analytics, or customer service.
We share your Information with our affiliates, subsidiaries, and other companies under common control and require them to honor this Privacy Policy as well.
We share your Information with our third-party payment processor and identity verification provider, Stripe. When you complete identity verification, Stripe processes biometric information as described in the Biometric Information section above. Pinch does not receive or store biometric identifiers from this process. Pinch does receive and retain the selfie and ID photographs as described in that section.
We may share Information about you with our data analytics and advertising service providers, such as Google Analytics, to help us measure traffic and usage trends.
We use third-party analytics and advertising service providers to help us understand how visitors use our website and to measure the effectiveness of our marketing efforts. These providers may include, but are not limited to: Google Analytics, Google Ads services, Meta (Facebook) advertising services, Customer.io, and content delivery networks such as Amazon CloudFront.
These providers may collect certain information from your browser or device, including IP address, device and browser identifiers, referring URLs, pages visited, date and time of access, and interaction information. Where required by applicable law, such technologies are not activated until you provide your consent. We configure analytics tools, where available, to support data minimization measures such as IP anonymization.
Our site may contain links to other sites, including Social Media Sites, whose information practices may be different from ours. Information you submit to other sites will be governed by the other sites’ privacy policies and terms.
We may disclose your Information to third parties when we believe in good faith that disclosure is necessary to protect our rights, our property, personal safety, or the interests of you or any other person, and to detect, prevent and/or otherwise address fraud, risk management, security or technical issues.
Your Options and Control
We provide you with an opportunity to express your preferences with respect to receiving certain marketing communications from us. If you ever decide in the future that you would like to update these preferences, you may contact us. To opt out of receiving our email marketing communications, you can also follow the “unsubscribe” instructions provided in any marketing email you receive from us.
On our own or working with affiliates or third parties, we may present advertisements and engage in data collection, reporting, ad delivery and response measurement, and site analytics on our site and on third party websites across the Internet and applications over time.
For more information about interest-based advertising on your desktop or mobile browser, and to opt out of this type of advertising by third parties that participate in self-regulatory programs, please visit the Network Advertising Initiative website and/or the Digital Advertising Alliance (DAA) Self-Regulatory Program for Online Behavioral Advertising website.
To disable the collection of precise location information from your mobile device through our mobile apps, you can access your mobile device settings and choose to limit that collection.
Cookies and Associated Technologies
We, and our affiliates, vendors, and business partners may send cookies to your computer or use similar technologies to understand and enhance your online experience at our site and through our advertising and media across the Internet and mobile apps.
Cookies are small text files placed in your browser. We may also use pixels or web beacons that monitor your use of our site.
By visiting our site, strictly necessary cookies may be placed on your device to enable core site functionality. All other cookies and tracking technologies are subject to your preferences and are only deployed after you provide affirmative consent, where required by law.
We use a consent management platform that allows you to control the use of non-essential cookies and tracking technologies on our website.
Except for cookies and technologies that are strictly necessary to operate the website (such as security, fraud prevention, and basic functionality), we do not deploy analytics, advertising, marketing, or similar tracking technologies on your device unless and until you provide your affirmative consent through our cookie banner or preference center.
You may update your preferences at any time by clicking the “Cookie Preferences” link in the footer of our website.
We do not rely on implied consent, pre-checked boxes, passive browsing, or continued use of the website as consent for non-essential tracking technologies.
Cookies can either be persistent (i.e., they remain on your computer until you delete them) or temporary (i.e., they last only until you close your browser). Check your browser settings to learn how to delete cookies.
You may adjust your browser to reject cookies from us or from any other website. Controlling cookies via browser controls may not limit our use of other technologies. Please consult your browser’s settings for more information. However, blocking cookies or similar technology might prevent you from accessing some of our content or site features.
California Privacy Rights
If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the right to: request access to the personal information we collect about you; request deletion of your personal information; request correction of inaccurate personal information; opt out of the sale or sharing of personal information; and limit the use of certain sensitive personal information.
To exercise these rights, please contact us using the information in the Contact Us section below.
We will not discriminate against you for exercising any applicable privacy rights.
Information Security
We have put in place commercially reasonable controls designed to help safeguard the personal information we collect via our site. However, no security measures are perfect, and we cannot assure you that personal information that we collect will never be accessed or used in an unauthorized way.
We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Privacy Policy Updates
From time to time, we may update this Privacy Policy. We will notify you about material changes to this Privacy Policy by placing a notice on our site. We encourage you to periodically check back and review this policy so that you always know our current privacy practices.
Contact Us
If you have any questions about this Privacy Policy you may Contact Us on our website or at Pinch Med, 909 Davis Street, Suite 500, Evanston, Illinois 60201.