Privacy Policy

1. Overview

Cora is committed to protecting your privacy and the privacy of the individuals whose data you manage through our platform. This policy covers what we collect, how we use it, and your rights under GDPR and CCPA.

2. Data We Collect

Account Data

• Email address and name
• Studio/organization name
• Authentication credentials (passwords stored hashed)

Recital Data

• Dancer names and ages (entered by you for lineup planning)
• Dance assignments and class groupings
• Show schedules and lineup configurations
• Recital history and exported lineups

Usage Data

• Log data: IP addresses, browser type, pages visited, timestamps
• Application performance and error logs

3. How We Use Your Data

• Authenticate you and provide access to the Service
• Generate and optimize recital lineups based on your input
• Send transactional emails (account confirmations, notifications you configure)
• Improve the Service through aggregated, anonymized analytics
• Comply with legal obligations

4. Data About Minors

Cora may be used to manage data about minor dancers. This data is entered by studio professionals and used solely for recital planning purposes. We treat this data with heightened care:

• We do not share dancer data with third parties for marketing
• We do not use dancer data to build profiles or for any purpose beyond lineup optimization
• We recommend entering only first names and ages — no last names, contact info, or sensitive data

5. Third Parties

We share data with third parties only as necessary to operate the Service:

• Cloud hosting providers — Infrastructure and database hosting
• Email delivery services — Transactional email delivery

We do not sell your data or dancer data to third parties.

6. Data Retention

We retain your account and recital data while your account is active. You may delete recitals, shows, or dancer records at any time from within the app.

After account deletion, all data is removed within 30 days.

7. Your Rights

Depending on your location, you may have the right to:

• Access a copy of your personal data
• Correct inaccurate data
• Request deletion of your data and dancer records
• Data portability
• Lodge a complaint with your local supervisory authority (GDPR)

Contact privacy@heycora.net to exercise these rights.

8. Security

We use TLS for data in transit and store passwords hashed. In the event of a breach affecting your data, we will notify you as required by law.

9. Cookies

We use session cookies necessary for authentication. We do not use advertising or tracking cookies.

10. Contact

Privacy requests: privacy@heycora.net