Strop — Haircut photo management
Last updated: May 22, 2026
This Privacy Policy describes how the Strop application (hereinafter “Application” or “Strop”) handles the personal data of its users, in compliance with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and other applicable legislation.
Strop is a haircut photo management application designed for barbers and hairdressing professionals. It allows you to photograph haircuts, associate photos with clients, and view the visual history of each client.
Core principle: All data is stored on your device. Strop does not have its own servers and does not collect any information about application usage. Cloud backup is an optional, opt-in feature — when enabled, data is sent exclusively to the user's personal account (Google Drive or iCloud), never to Strop's servers.
The data controller is:
Strop may access the following types of data, always with your explicit authorisation through operating system permissions:
| Data type | Description | Required |
|---|---|---|
| Captured photographs | Haircut photos taken with the device camera | Yes |
| Gallery photographs | Photos selected by the user from the photo library | No |
| Contact data | Name and identification of existing contacts on the device, for association with clients | No |
| Contact creation | On Android, Strop can create new contacts when the user adds a new client | No |
| Internal metadata | Haircut dates, notes, and associations between photos and clients, created within the application | Yes |
| Phone number | Optional. Asked during onboarding. Stored locally on the device. If the user enables cloud backup (granting marketing consent), the phone number is also transmitted to Strop's Firebase backend so Glie can contact the user about Strop and related products. | No |
| Email address | Captured when the user enables cloud backup, via Sign in with Apple (iOS) or Google Sign-In (Android). On iOS, the email may be a private-relay proxy (xxx@privaterelay.appleid.com) if the user picked "Hide my email". Stored locally and transmitted to Strop's Firebase backend for the same marketing-contact purpose as the phone number. | No |
Strop does not collect: location, device identifiers other than the Firebase Analytics per-install ID, diagnostic data beyond Firebase Crashlytics crash reports, IP addresses retained beyond network delivery, financial data, authentication credentials, browsing history, or any other data beyond those listed above.
The Application requests the following operating system permissions. Each permission is requested when the corresponding feature is used for the first time, and can be revoked at any time in the device settings.
Used to capture haircut photographs. Without this permission, it is not possible to take photos within the application (you can alternatively import photos from the gallery).
Used to save photographs on the device and to import existing photos. Photos always remain in the device's local storage.
Used to display the list of existing contacts on the device, allowing the user to associate existing clients. Strop only reads the names of the contacts selected by the user.
On Android, when the user chooses to create a new client that does not yet exist in the device's contacts, Strop can create a new contact entry. This action is always explicitly initiated by the user.
The data accessed by Strop is used exclusively for:
No data is used for advertising purposes, behavioural analysis, profiling, or any other purpose not described above.
The processing of personal data in Strop is based on the user's consent (Article 6(1)(a) of the GDPR), expressed through the explicit granting of operating system permissions and the active use of the Application's features.
The user may withdraw consent at any time by revoking permissions in the device settings or by deleting their data through the options provided in the Application.
100% local storage. All data is stored exclusively on the user's device. Strop does not have servers, remote databases, or any cloud infrastructure.
This means that:
Photographs are saved in the application's storage area and/or in the device's photo gallery, depending on the user's action.
Strop offers an optional feature to back up your data to the cloud:
Explicit consent: Cloud backup is only enabled after the user gives explicit consent within the application. It is never enabled automatically.
What is sent:
Where to: Data is sent exclusively to the user's personal account (Google Drive or iCloud). Strop does not have servers and does not have access to the data stored in the user's cloud.
Encryption: The transfer is encrypted in transit (HTTPS/TLS). Cloud storage benefits from the native encryption of Google Drive and iCloud.
User control: The user can disable backup at any time in the Application's Settings. Cloud data can be deleted by the user directly in Google Drive or iCloud.
Strop integrates the following third-party services from Google (Firebase), subject to user consent on the first launch of the Application:
Used to collect anonymous application usage data and error reports (crashes), with prior user consent. Collection is disabled by default and is only enabled if the user accepts on the consent screen presented on first launch.
Used to manage application configurations remotely (for example, forcing an update in case of a version with critical errors). Does not collect personal data.
When the user enables cloud backup, Strop transmits the user's phone number
(when provided) and email address (returned by Sign in with Apple or Google
Sign-In) to a Firestore collection (strop_leads) hosted on
Strop's Firebase project. Enabling backup constitutes consent for Glie to
contact the user about Strop and related products.
Strop does not integrate:
Work data (clients, haircuts, photos, notes) remains on the device for as long as the user keeps it. There is no automatic retention, data expiration, or forced deletion policy.
Local data is deleted when:
Under the GDPR, users have the following rights regarding their personal data:
Since all data resides exclusively on your device, the exercise of most of these rights is done directly by the user, without the need to contact us. However, we are available for any clarification at privacidade@strop.app.
Strop provides the following data deletion options:
Important note: Photographs that have been saved separately to the device's gallery or shared to other applications (such as Instagram) are not affected by data deletion within Strop and must be managed separately.
Strop is intended for barbering and hairdressing professionals. The Application is not directed at minors under 16 years of age, does not intentionally collect data from minors, and does not present content targeted at minors.
If you become aware that a minor under 16 years of age is using the Application without parental consent, please contact us at privacidade@strop.app.
The security of your data benefits directly from the Application's local architecture:
We recommend that you keep your device protected with a screen lock and that you keep the operating system up to date.
This Privacy Policy may be updated periodically to reflect changes in the Application or in legal requirements. Any changes will be published on this page, with the updated date revised at the top of the document.
In the event of significant changes, users will be notified through the Application before the activation of new features involving data transfer, and explicit consent will be requested.
For questions, clarifications, or to exercise your rights under this Privacy Policy or regarding the processing of your personal data, please contact us:
We are committed to responding to all requests within a maximum of 30 days, as provided for by the GDPR.