1. Who we are

OG.DICE Warehouse (“OG.DICE”, “we”, “us”) is a barber and tattoo studio located at Antelias, Mount Lebanon, Lebanon. The website at https://ogdice.com is the studio’s official booking app and is operated directly by us. For any data or privacy question, write to og.dicewarehouse@outlook.com.

2. What we collect

When you use the website or book a service we may collect:

• Contact details you give us: first name, last name, email address, and phone number — entered into the booking form or your profile.
• Booking details: the service, artist, date, time, and any notes you add to your appointment.
• Account information from Google Sign-In (only if you choose this option): your email address, your basic Google profile (name and profile picture), and a stable Google account identifier. We request these via the OAuth scopes openid, email, and profile.
• Photos you upload yourself: haircut photos that you choose to submit after a completed booking, used to confirm the visit and award loyalty points.
• Loyalty & usage data: the points you earn, the bookings you complete, the notifications we send you in-app.

We do not run third-party advertising trackers. The site uses only essential first-party cookies needed to keep you signed in.

3. How we use your information

• Create and manage your bookings (confirmation, reschedule, cancellation, reminder).
• Maintain your account and personalize your profile (display name, avatar).
• Award and track loyalty points and tier status from your visits.
• Communicate with you about your appointments via in-app notifications and, when configured, email.
• Operate, secure, and improve the website (basic operational logs, error tracking).
• Comply with legal obligations.

We do not sell your personal data, we do not share it with advertisers, and we do not use it to train machine-learning or AI models.

4. Google user data — Limited Use disclosure

OG.DICE’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We use the Google profile and email data only to create and authenticate your OG.DICE account, to display your name and avatar inside the app, and to send you booking-related notifications.
• We do not transfer Google user data to third parties except as necessary to provide or improve the service, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you.
• We do not use Google user data for serving advertising, including retargeted or personalized ads.
• We do not allow humans to read your Google user data unless we have your specific consent, the data is necessary for security purposes (such as investigating abuse), to comply with applicable law, or where the data is aggregated and used for internal operations in a way that does not allow individual users to be identified.

5. Service providers we use

We rely on a small number of vendors to operate the platform. Each is contractually bound to use your data only to provide the service to us:

• Supabase — managed Postgres database, file storage for haircut photos, and email/Google authentication backend.
• Google — only when you choose “Continue with Google” on our sign-in page (returns the email + profile data described above).
• Vercel — website hosting and edge runtime.
• Resend (optional, when configured) — transactional email delivery for booking confirmations.

6. Data retention

• Bookings: retained for our business records. If you delete your account we anonymize the booking rows (replace your name, email, and phone with placeholders) but keep the appointment and price for accounting.
• Account & profile: deleted when you use the “Delete Account” control on your profile page (Settings).
• Haircut photos: deleted when you delete your account. Approved photos may be displayed back to you on your profile until then.
• Notifications & points ledger: deleted with your account.
• Operational logs: retained for up to 90 days for debugging and abuse prevention.

7. Your rights and how to exercise them

You have the right to:

• Access your data — use the “Export My Data” button on your profile to download a JSON copy of your bookings, points history, photos, and notifications.
• Correct your data — edit your name, phone, or avatar from the Profile tab.
• Delete your account — use the “Delete Account” control on your profile (anonymizes past bookings, deletes everything else).
• Withdraw Google access — visit myaccount.google.com/permissions and remove OG.DICE from the list of connected apps. After revocation, you can keep using your account by signing in with email instead.
• Object to processing or restrict it — email us at the address below.

8. Security

All traffic to and from the site uses HTTPS. Passwords for the email-based sign-in path are never stored by us; authentication is delegated to Supabase Auth. Database rows are isolated per user via row-level-security policies. Service-role access is kept on the server only and never exposed to the browser. Despite our efforts, no method of electronic storage is 100% secure.

9. Children

The website is not directed at children under 13. We do not knowingly collect information from children. Tattoo services additionally require government-issued ID confirming you are 18 or older.

10. International transfers

Our service providers may store your data on servers located outside Lebanon (typically the EU and the US) under standard contractual clauses or equivalent safeguards.

11. Changes to this policy

We may update this policy. Material changes will be reflected by a new “Last updated” date at the top of this page. Continued use of the site after the change constitutes acceptance of the updated policy.

12. Contact

Privacy questions, data requests, or anything else: og.dicewarehouse@outlook.com.