Privacy Policy for ERAS Headshot

Effective date: August 2025

This Privacy Policy explains how ERAS Headshot (“we”, “our”, “us”) collects, uses, and protects information in connection with our website erasheadshot.com and related services that generate your ERAS-formatted headshot. We are not affiliated with AAMC, ERAS, or NRMP.

1) Information We Collect

  • Account Data: name, email, authentication identifiers.
  • Uploads: photos you submit to create your ERAS headshot.
  • Output: your generated ERAS headshot and basic metadata (time created, file size, format).
  • Payments: processed by Stripe; we do not store full card details.
  • Usage & Device Data: logs, IP, browser/OS, pages viewed, cookies or similar technologies.
  • Support: messages you send to our support team.

2) How We Use Information

  • To provide and operate the service (process uploads, generate and deliver your ERAS headshot).
  • To authenticate users, prevent abuse, and secure the platform.
  • To process payments and send purchase/transaction emails.
  • To provide customer support and service notifications.
  • To improve performance, quality, and reliability of the service.
  • To comply with legal obligations and enforce our Terms.

3) Data Retention & Deletion

  • Uploads: stored securely for processing and support.
  • Generated ERAS headshot: retained for up to 30 days for your convenience, then deleted automatically.
  • Early deletion: you may request deletion of your uploads and ERAS headshot at any time; we will remove active copies and schedule deletion from backups/logs within a reasonable period.
  • Billing records: retained as required by law (e.g., tax/audit).

4) Sharing & Processors

We do not sell your personal information. We share data only with service providers that help us run the service, under contracts that require confidentiality and appropriate security. Typical processors include:

  • Cloud hosting & storage (e.g., AWS S3) for secure file handling.
  • Payment processing (e.g., Stripe) for purchases.
  • Email & support tools for account and support communications.
  • Analytics & error monitoring to improve reliability and performance.

We do not use your photos or your ERAS headshot to train AI models or for marketing without your explicit consent.

5) Cookies & Similar Technologies

We use necessary cookies for authentication and security, and may use analytics cookies to understand usage and improve the service. You can control cookies through your browser settings.

6) Security

We implement technical and organizational measures designed to protect your information. No system is 100% secure; you are responsible for safeguarding your account credentials.

7) International Transfers

We may process information in the United States and other countries. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.

8) Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your data, and to object to or restrict certain processing. To exercise rights, contact us at the email below. We may need to verify your identity.

9) Children’s Privacy

ERAS Headshot is not intended for individuals under 18. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided data, contact us and we will delete it.

10) Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new effective date. Your continued use after changes constitutes acceptance.

11) Contact

Questions or requests: support@erasheadshot.com

Last Updated: August 2025