These Privacy Terms (“Privacy Policy”) are issued by Sky Holdings 2030 Inc. d/b/a Tellory
(“Company,” “Tellory,” “we,” or “us”) and govern the collection, use, and disclosure of personal
information related to your use of Tellory’s digital platform.
‍
This Privacy Policy, together with our Terms of Service and Photo Submission Terms, sets forth
our practices regarding the collection, use, disclosure, and safeguarding of personal information,
when you access or use Tellory’s digital ecosystem, including its website (https://tellory.com),
related mobile or desktop applications, newsletters, and affiliated or successor media channels
(collectively, the “Platform”).
‍
By accessing or using the Platform, you acknowledge that you have read, understood, and agree
to the practices described herein. If you do not agree, you must not use the Platform or provide
us with your personal information.
‍
1. GENERAL PRINCIPLES
‍
Tellory respects your privacy and processes personal information in compliance with applicable
U.S. and international data-protection laws.
‍
Tellory is operated by Sky Holdings 2030 Inc., a Delaware corporation with its principal office
at 54 West 21st Street, New York, NY 10010, USA. Tellory acts as the data controller of
information collected through the Platform.For any privacy-related inquiries, you may contact
our Privacy Team at hello@tellory.com
‍
We may update this Privacy Policy at any time. Material changes will be announced by updating
the effective date or, where legally required, by direct notice. Your continued use of the Platform
constitutes acceptance of the revised version.
‍
Tellory has designated a Privacy Officer responsible for overseeing compliance with this Policy
and applicable data-protection laws. The Privacy Officer may be reached at hello@tellory.com
‍
2. INFORMATION WE COLLECT
‍
Tellory collects and processes the following categories of data, either provided directly by you or
automatically collected through your use of the Platform:
‍
● Identifiers: name, email address, phone number, account credentials, IP address, and
device identifiers.
● Commercial Information: records of products or services purchased, booked, or
considered.
● Internet / Device Information: device type, operating system, browser type, language,
referring URLs, usage activity, cookies, and similar technologies.
● Demographic and Wellness-Related Data: voluntarily shared preferences or goals related
to wellness or aesthetics (non-medical).
● Geolocation Data: approximate location derived from your IP address or device settings.
● User-Generated Content: photos, reviews, messages, or other materials you upload under
the Photo Submission Terms.
● Professional Data (for verified providers): licenses, credentials, and business contact
information.
‍
Tellory does not collect or process “Protected Health Information” (“PHI”) as defined under
HIPAA. Any wellness-related data you provide is handled confidentially but is not medical data
and should never be used for diagnosis or treatment.
‍
3. HOW WE USE PERSONAL INFORMATION
‍
Tellory processes personal information for the following lawful purposes:
● To operate, maintain, and improve the Platform;
● To facilitate support;
● To personalize user experience and provide relevant content;
● To send administrative, transactional, and marketing communications;
● To verify identity and maintain account security;
● To analyze usage patterns and perform analytics;
● To detect, prevent, and investigate fraud or abuse;
● To comply with legal obligations and enforce our Terms of Service; and
● To protect the rights, property, and safety of Tellory and its users.
Processing occurs only where a lawful basis exists, including consent, contract performance,
legal obligation, or legitimate interest.
‍
4. MARKETING AND COMMUNICATIONS
‍
Tellory may send marketing emails, push notifications, or messages regarding products, updates,
and events. You may opt out at any time by using the unsubscribe link in our emails or
contacting hello@tellory.com
‍
Opting out does not affect transactional or security messages essential to your account.
Marketing preferences are stored system-wide within 30 days of request. Marketing communications are sent based on your consent or Tellory’s legitimate interest, as permitted by law.
‍
5. COLLECTION FROM THIRD PARTIES
‍
Tellory may receive limited information from third-party providers such as payment processors,
analytics partners, or verification vendors. All vendors are bound by confidentiality agreements
and process data solely under Tellory’s instructions and applicable law.
‍
6. DISCLOSURE OF PERSONAL INFORMATION
‍
Tellory may share personal information only as follows:
● Service Providers: hosting, analytics, marketing, customer support, and payment
processors;
● Affiliates and Partners: entities under common control or contractual collaboration;
● Professional Users: to facilitate user-initiated inquiries;
● Legal and Regulatory Authorities: when required to comply with law or enforce our
rights;
● Corporate Transactions: as part of a merger, acquisition, or reorganization with
appropriate confidentiality safeguards; and
● With Your Consent: in any circumstances where you have explicitly authorized
disclosure.
‍
When you view content on the Platform and navigate to the profile of the professional or
provider associated with that content, you may choose to indicate interest by clicking “I’m
Interested.” By selecting this option, you explicitly authorize Tellory to share your name and
email address with that provider as a potential lead so that the provider may contact you directly.
‍
Once the information has been shared, the provider acts as an independent data controller,
meaning that the provider independently determines the purposes and means of processing your
information and is solely responsible for its own communications, data-handling practices, and
compliance with applicable privacy laws.
‍
Third parties must process such data securely and only for authorized purposes. Tellory does not
engage in automated decision-making or profiling that produces legal or similarly significant
effects for users.
‍
7. DATA SECURITY AND BREACH NOTIFICATION
‍
Tellory employs administrative, technical, and physical measures to protect personal information
against unauthorized access, loss, or misuse, including encryption, firewalls, and access controls.If a data breach occurs that poses a risk to individual rights, Tellory will promptly investigate,
mitigate, and, where required by law, notify affected individuals and data-protection authorities
within statutory time limits.
No online system is completely secure; use the Platform at your own risk and maintain strong
password protection.
‍
8. INTERNATIONAL DATA TRANSFERS
‍
Your data may be transferred to and processed in countries outside your jurisdiction, including
the United States. Such transfers may involve countries that do not offer the same level of data
protection as your home jurisdiction.
‍
Tellory implements appropriate safeguards such as Standard Contractual Clauses and vendor
due-diligence procedures to ensure lawful transfers.
‍
9. DATA RETENTION AND DELETION
‍
Tellory retains personal data only for as long as necessary to fulfill the purposes outlined herein
or as required by law. After these periods, data is securely deleted or irreversibly anonymized.
Tellory may retain aggregated non-identifiable data for research and product improvement.
Tellory maintains an internal Data Retention Schedule that defines maximum storage periods for
each data category in accordance with legal, regulatory, and operational requirements.
‍
10. COOKIES AND TRACKING TECHNOLOGIES
‍
Tellory uses cookies, pixels, and third-party SDKs (such as Google Analytics and Meta Pixel) to:
● enable core functionality;
● remember preferences;
● analyze performance and usage patterns; and
● measure marketing effectiveness.
Third-party analytics tools may collect IP addresses, device identifiers, and usage data subject to
their own privacy policies.

11. YOUR RIGHTS
‍
Tellory respects data-subject rights under applicable laws. We will not discriminate against you
for exercising any privacy rights. To exercise rights or submit privacy questions, contact:hello@tellory.com
Requests will be acknowledged within ten (10) business days and processed within applicable
statutory deadlines (typically up to 45 days for U.S. requests and up to 30 days for EU requests),
unless an extension is legally permitted.
‍
11.1 United States (General)
‍
You may request to:
● Access or receive a copy of personal data we hold;
● Correct inaccurate or incomplete information;
● Delete personal information (subject to legal exceptions);
● Opt out of marketing communications; and
● Receive an explanation of how we process your data.
‍
To exercise these rights, contact hello@tellory.com. Tellory may verify identity before acting on
requests. Requests will be acknowledged within a reasonable time and processed in accordance
with applicable U.S. privacy laws.
‍
11.2 California (California Consumer Privacy Act / CPRA)
‍
If you are a California resident, you have the following rights under the CCPA/CPRA:
‍
● The right to know the categories of personal data we collect, use, disclose, or share;
● The right to request access, deletion, or correction of your personal data;
● The right to opt out of the sale or sharing of your personal data; and
● The right to limit the use and disclosure of sensitive personal information.
‍
Tellory does not sell personal data for monetary consideration or share it for cross-
context behavioral advertising, as those terms are defined under the CCPA/CPRA.
California residents may submit privacy-related requests at any time by contacting
hello@tellory.com
‍
11.3 Other U.S. States (VA, CO, CT, UT)
‍
Residents of Virginia, Colorado, Connecticut, and Utah may exercise similar privacy rights, including the right to:
● Access and obtain a copy of personal data we hold about them;
● Correct inaccuracies in their personal information;
● Request deletion of personal data (subject to legal exceptions);
● Obtain data portability; and
● Opt out of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects.
‍
Requests will be processed within the timelines required by applicable law. Tellory will provide an appeal process if any request is denied, and users will be informed of how to submit an appeal in such cases.
‍
11.4 European Union / EEA (GDPR)
‍
EU and EEA residents have the right to: access, rectify, erase, restrict, or object to processing; request data portability; withdraw consent without affecting prior processing; and lodge a complaint with their local Data Protection Authority. Tellory’s lawful bases for processing include consent, contract performance, legal obligation, and legitimate interest.
‍
11.5 Brazil (LGPD)
‍
Brazilian users may exercise rights of confirmation, access, correction, anonymization, portability, deletion, and information about data sharing under Lei Geral de Proteção de Dados.
‍
12. HIPAA AND SENSITIVE HEALTH INFORMATION
‍
Tellory is not a “Covered Entity” or “Business Associate” under the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Platform is not intended to store or transmit PHI.
‍
Users and professionals who upload materials that could contain health information (e.g., before- and-after images, treatment details, testimonials) are solely responsible for obtaining valid consents and complying with HIPAA and similar laws. Tellory disclaims all liability for unauthorized disclosures of PHI arising from user conduct.
‍
13. PROFESSIONAL AND BUSINESS USERS
‍
Professionals, clinics, and brands using Tellory for educational or promotional purposes act as independent data controllers for any personal data they collect off-platform. Tellory remains the data controller solely for information collected directly through the Platform as described in this Policy. Such entities must maintain their own compliant privacy policies and adhere to applicable frameworks (GDPR, UK GDPR, CCPA/CPRA, LGPD, etc.).
‍
Tellory does not control or process patient or client data collected directly by professionals outside the Platform.

14. CHILDREN’S PRIVACY
‍
Tellory does not target or intend to attract individuals under the age of eighteen (18). The
Platform is for adults only. We discourage access by minors and do not knowingly collect
personal information from them. If we become aware of a user under 18, we may delete such
information and restrict account access.
‍
15. THIRD-PARTY LINKS AND INTEGRATIONS
‍
The Platform may contain links or integrations with third-party sites, apps, or services (such as social-media widgets or affiliate links). Those third parties have independent privacy policies and data handling practices beyond Tellory’s control. Tellory is not responsible for their actions and encourages you to review their policies before engaging.
‍
16. GOVERNING LAW AND DISPUTE RESOLUTION
‍
This Privacy Policy shall be governed by and construed in accordance with the laws of the State of New York, and where applicable, the federal laws of the United States.
Any dispute arising hereunder shall be resolved through binding arbitration as set forth in Section 13 of the Tellory Terms of Service, administered by JAMS in New York County, New York, USA.
‍
17. ORDER OF PRECEDENCE
‍
In the event of any inconsistency between this Privacy Policy and other Tellory documents:
● This Privacy Policy shall govern matters of data protection and privacy;
● The Terms of Service shall govern general use of the Platform; and
● The Photo Submission Terms shall govern rights over uploaded content and media.
‍
18. ACKNOWLEDGMENT
‍
By using the Platform or submitting personal information, you confirm that you have read, understood, and agreed to this Privacy Policy and to the collection, use, and disclosure of your personal data as described herein.
‍
19. SURVIVAL AND INTERPRETATION
‍
All provisions of this Privacy Policy that by their nature should survive termination, expiration, or suspension of your account shall remain in effect, including those relating to data retention, legal compliance, and dispute resolution.

In the event of any inconsistency between this Privacy Policy and prior versions, the most recent published version shall prevail. This Policy shall be interpreted consistently with the Tellory Terms of Service and governed by the laws of the State of New York.

This Privacy Policy does not create any contractual rights or obligations beyond those expressly
set forth in the Tellory Terms of Service.