Tarhunna
Sign in

Privacy Policy

Effective date: April 18, 2026

1. Who We Are

Tarhunna, operated by Cesar Adolfo Menjivar Molina, provides CRM software designed for aesthetic clinics, med spas, and plastic surgery practices. Our platform helps clinics capture leads, manage contacts, book consultations, and send appointment reminders.

When we say “Tarhunna,” “we,” “us,” or “our” in this policy, we mean Tarhunna and its operator. “You” refers to clinic owners and staff who use Tarhunna. “Patients” or “contacts” refers to the individuals whose information clinic users manage within the platform.

2. Information We Collect

Account information

When you create a Tarhunna account, we collect your name, email address, and a hashed password. We also collect information about your clinic, including clinic name and time zone.

Clinic contact data

As a clinic user, you enter and store contact information for your patients and leads inside Tarhunna. This may include names, email addresses, phone numbers, notes, and treatment interests. You are responsible for ensuring you have the appropriate rights to store and use this information.

SMS consent

When a patient submits a consultation request through your clinic's intake form, they may check a box consenting to receive appointment reminders by SMS. We store this consent status and use it to determine whether SMS messages may be sent.

Usage and technical data

We collect basic usage data such as pages visited and features used in order to operate and improve the service. We use session cookies for authentication. We do not currently use third-party advertising or tracking cookies.

Billing information

Payments are handled by Stripe. We do not store your full credit card number. Stripe provides us with limited billing details such as your card type, last four digits, and billing status.

3. How We Use Information

  • To create and manage your account and provide access to the software
  • To operate clinic workflows including contact management, pipeline tracking, and consultation scheduling
  • To send transactional emails such as consultation confirmations and appointment reminders when enabled
  • To send appointment reminder SMS messages to patients who have provided explicit consent
  • To process subscription payments through Stripe
  • To maintain system logs and troubleshoot issues
  • To improve and develop the platform

We do not use your data or your patients' data for advertising purposes. We do not sell data to third parties.

4. SMS Communications

Tarhunna can send appointment reminder SMS messages to patients on behalf of clinics using our platform. The following applies to all SMS communication:

  • SMS messages are only sent to patients who have explicitly checked the SMS consent checkbox on the clinic's intake form
  • Messages are transactional in nature — appointment confirmations and reminders only, not marketing
  • Every message includes the clinic name and opt-out instructions
  • Patients can reply STOP at any time to opt out of further SMS messages
  • Message and data rates from the patient's carrier may apply

Clinics are responsible for ensuring that SMS consent is collected appropriately and in accordance with applicable laws, including the Telephone Consumer Protection Act (TCPA).

5. Data Sharing and Service Providers

We share data only with third-party service providers necessary to operate the platform. These providers are:

  • Supabase — cloud database and authentication infrastructure
  • Twilio — SMS delivery for appointment reminders
  • Resend — transactional email delivery
  • Stripe — subscription billing and payment processing
  • Vercel — application hosting and infrastructure

Each provider is bound by their own privacy policy and data processing agreements. We do not share your data with any other parties except as required by law.

6. Data Retention

We retain account and clinic data for as long as your account is active or as needed to provide the service. If you cancel your account, you may request deletion of your data by contacting us at hello@tarhunna.net. We will process deletion requests within a reasonable timeframe.

7. Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS), hashed passwords, and row-level security controls in our database. Access to data is scoped to your clinic — staff at one clinic cannot access data from another.

No system is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our reasonable control.

8. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. If you are a patient whose information was entered into Tarhunna by a clinic, please contact that clinic directly — they control that data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date at the top of this page. Continued use of Tarhunna after changes are posted constitutes acceptance of the updated policy.

10. Contact

Questions about this Privacy Policy? Contact us at hello@tarhunna.net.