Our Role and the Studio’s Role

Types of Information Processed in DSM

Depending on the studio’s settings and how it uses DSM, the platform may process personal information such as:

• Names, usernames, email addresses, phone numbers, mailing addresses, and account login details
• Student, parent, guardian, family, and staff records
• Birthdates, gender, class enrollment, attendance, scheduling, and status information
• Notes, custom fields, waiver or agreement records, and uploaded photos
• Medical instructions or medication notes, when enabled or entered by the studio
• Purchases, charges, payments, account balances, invoices, scheduled payments, and transaction history
• Payment tokens, payment profile identifiers, last four digits, card type, expiration date, and related payment metadata
• Email, SMS, in-app message, push notification, and communication history
• IP addresses, login records, browser or device data, security logs, and technical diagnostic information

The exact information collected depends on each studio’s configuration and business practices.

How DSM Uses Personal Information

We process personal information to provide and support the DSM service, including to:

• Create and manage accounts
• Allow studios to manage students, families, classes, schedules, attendance, billing, and communications
• Process payments and support recurring billing through third-party payment processors
• Send operational emails, SMS messages, app messages, and push notifications
• Provide technical support and customer service
• Maintain security, prevent abuse, troubleshoot errors, and monitor system performance
• Preserve backups, logs, and business records
• Comply with legal obligations and enforce our agreements

When we process data on behalf of a studio, the studio is responsible for determining the lawful basis for collecting and using that information.

GDPR Legal Bases

When Dance Studio Manager acts as a controller for its own business data, we may rely on one or more legal bases, including:

• Contractual necessity, such as providing DSM services to a studio
• Legitimate interests, such as securing, improving, and supporting our software
• Consent, such as for certain marketing communications or optional features
• Legal obligations, such as maintaining tax, accounting, security, or compliance records

When DSM processes data on behalf of a studio, the studio is responsible for identifying the applicable legal basis for its own use of the data.

Privacy Requests from Students, Parents, Guardians, or Staff

If you are a student, parent, guardian, staff member, or customer of a dance studio that uses DSM, privacy requests should usually be directed to the studio first. The studio controls the account and determines whether information should be accessed, corrected, exported, deleted, restricted, or retained.

If you contact Dance Studio Manager directly about information controlled by a studio, we may need to refer your request to that studio or coordinate with the studio before taking action.

Studios can contact us for assistance with reasonable requests involving data access, correction, export, deletion, or anonymization.

Correcting, Deleting, or Anonymizing Information

DSM includes tools that allow studios to manage customer and student information. Depending on the situation, a studio may choose to correct information, delete records, deactivate accounts, or anonymize personally identifying fields while preserving certain financial or operational records.

In some cases, a studio may need to keep certain records for legal, accounting, tax, contract, dispute-resolution, chargeback, safeguarding, or legitimate business reasons.

Deleted or anonymized information may remain in backups, security logs, or system archives for a limited period until those systems are rotated or no longer needed.

Data Retention and Backups

Dance Studio Manager retains information as needed to provide the DSM service, maintain security, support studios, comply with legal obligations, resolve disputes, and preserve business records.

We maintain backups and system logs to protect against accidental loss, technical failure, security incidents, and service interruptions. Backup copies are retained for a limited period and then overwritten or removed according to our operational practices.

Studios are responsible for determining how long they keep their own customer, student, billing, and attendance records inside DSM.

Payment Information

Payment processors have their own security, privacy, and compliance responsibilities.

Subprocessors and Service Providers

We may use trusted service providers to help operate DSM, including hosting providers, data centers, payment processors, email providers, SMS providers, push notification services, security tools, support tools, and technical contractors.

These providers may process personal information only as needed to provide their services to us or to support the DSM platform.

Studios that need more information about subprocessors or data processing terms may contact us.

Security Measures

We use administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, loss, misuse, alteration, or disclosure.

These safeguards may include access controls, secure connections, backups, monitoring, logging, restricted administrative access, and internal security practices.

No software platform or hosting environment can be guaranteed to be completely secure. Studios should also use strong passwords, limit staff access to appropriate users, train their employees, keep their own devices secure, and notify us promptly if they suspect unauthorized access.

Data Breach Notification

If Dance Studio Manager becomes aware of a security incident that affects personal information processed through DSM, we will investigate and take appropriate action.

When required, we will notify affected studios without undue delay so they can evaluate their own legal obligations, including any obligation to notify individuals, regulators, or other parties.

Studios should notify us promptly if they believe their DSM account, staff login, exported files, downloaded backups, or local devices may have been compromised.

International Data Transfers

Dance Studio Manager is based in the United States. Personal information processed through DSM may be stored or accessed in the United States or other locations where our service providers operate.

Where required by applicable privacy laws, studios and DSM may need appropriate safeguards for international transfers of personal information.

Studio Responsibilities

Studios using DSM should take reasonable steps to protect the personal information they manage, including:

• Collecting only information they need
• Informing students, parents, guardians, staff, and customers how their information is used
• Obtaining consent where required
• Managing staff permissions carefully
• Keeping passwords and devices secure
• Reviewing downloaded reports, exports, and backups
• Responding to privacy requests from their own customers
• Consulting legal counsel about GDPR, UK GDPR, state privacy laws, children’s privacy laws, SMS rules, payment rules, and other applicable requirements

Questions

If you have questions about Dance Studio Manager’s data protection practices, or if your studio needs help with a privacy or data request, please contact us.

This page may be updated from time to time as our software, practices, or legal obligations change.

Related Articles

Signs Your Dance Studio Has Outgrown Spreadsheets

Moneris Payment Processing

Paystri Payment Processing