Neocut← Back to home

Privacy Policy

Last updated: 11 June 2026

This Privacy Policy explains how Neocut ("Neocut", "we", "us") collects, uses and protects personal data when you use our website, web app and booking tools (the "Service"). We are committed to handling your data in line with the UK GDPR and the Data Protection Act 2018.

1. Who we are

Neocut provides booking and business-management software for barbershops. For questions about this policy or your data, contact us at hello@neocut.net.

Business name: The Marketing Madmen Ltd. Registered address: 25 High Street, Edwinstowe, Mansfield, NG21 9QP. If you are in the UK, you also have the right to contact the Information Commissioner's Office (ICO) at ico.org.uk.

2. Controller and processor roles

When you sign up as a barbershop owner, we act as the data controller for your account information.

For the personal data a barbershop stores about its own clients (such as client names, phone numbers, emails and appointment history), the barbershop is the data controller and Neocut acts as a data processor, processing that data on the shop's behalf and on its instructions.

3. Data we collect

  • Account data — name, email, password (stored encrypted), shop details and profile photo.
  • Shop & business data — services, staff, working hours, prices and settings you enter.
  • Client data — names, phone numbers, emails, appointment and visit history entered by the shop or submitted by clients booking online.
  • Booking & account data for clients — when a client creates an account to manage their bookings, we store their name, contact details and booking history.
  • Payment data — handled by our payment provider (Stripe). We do not store full card details.
  • Usage & technical data — log data, device/browser information and cookies needed to run and secure the Service.

4. How we use data

  • To provide and operate the Service (bookings, calendar, reminders, client management).
  • To send transactional messages on a shop's behalf (e.g. booking confirmations, reminders, rescheduling) by SMS and/or email.
  • To process subscriptions and payments.
  • To secure, maintain, debug and improve the Service.
  • To communicate with you about your account and support requests.

5. Legal bases (UK GDPR)

We rely on: performance of a contract (to provide the Service); legitimate interests (to secure and improve the Service); consent (where required, e.g. certain marketing); and legal obligation (e.g. tax and accounting).

6. Sharing & sub-processors

We do not sell personal data. We share data with trusted providers who help us run the Service, including:

  • Supabase — database, authentication and hosting.
  • Stripe — subscription and payment processing.
  • Voodoo SMS — sending text messages.
  • Resend — sending emails (where enabled).
  • Google — optional "Sign in with Google" authentication.
  • OpenAI — optional AI assistant features (where enabled).

Each provider only receives the data needed for its function and is bound by its own data-protection obligations.

7. Text messages & communications

Shops use Neocut to message their own clients. Shops are responsible for having a lawful basis (such as consent) to contact their clients. Recipients can opt out of non-essential messages at any time, and shops must honour opt-out requests.

8. Data retention

We keep personal data for as long as an account is active and as needed to provide the Service, then delete or anonymise it within a reasonable period, unless we must keep it to meet legal obligations.

9. Security

We use industry-standard measures including encryption in transit, encrypted passwords, access controls and row-level security so each shop can only access its own data. No system is perfectly secure, but we work to protect your data.

10. Your rights

Subject to law, you may have the right to access, correct, delete, restrict or object to processing of your data, and to data portability. To exercise these rights, contact us. If Neocut processes data on behalf of a shop, we will direct such requests to that shop (the controller).

11. International transfers

Some providers may process data outside the UK/EEA. Where they do, appropriate safeguards (such as Standard Contractual Clauses) are used.

12. Cookies

We use essential cookies to keep you signed in and to run the Service securely. We do not use them for advertising.

13. Children

The Service is intended for businesses and adults. It is not directed at children.

14. Changes

We may update this policy from time to time. We will post the new version here with an updated date.

15. Contact

Questions? Email hello@neocut.net.