Privacy Policy

1. INFORMATION WE COLLECT

1.1 Information You Provide

Account Registration

• Full name and email address
• Password (encrypted)
• Account type (Artist/Client)
• Phone number (optional)
• Date of birth (for age verification)

Profile Information

• Profile photos and avatars
• Bio and professional descriptions
• Location (city/state for matching)
• Precise location (if location services enabled)
• Portfolio images (artists)
• Tattoo preferences (clients)
• Work experience and specialties
• Pricing information
• Social media links

Health-Related Information

• Allergies (voluntarily disclosed)
• Medical conditions affecting tattoo safety
• Skin conditions or sensitivities
• Medications that affect healing

Communications

• Messages between users
• Job postings and applications
• Reviews and ratings
• Support tickets and inquiries
• Email communications

1.2 Information Collected Automatically

Device & Usage Data

• IP address and approximate location
• Device type, OS, and browser information
• Unique device identifiers
• Pages viewed and features used
• Time spent on Platform
• Referring websites
• Search queries on our Platform
• Click-through rates

Cookies & Tracking

• Essential Cookies: For authentication and security
• Functional Cookies: To remember preferences
• Analytics Cookies: To improve our services
• Marketing Cookies: For relevant advertising (optional)

2. HOW WE USE YOUR INFORMATION

2.1 Primary Uses

• Service Delivery: Connect artists with clients
• Account Management: Maintain and secure accounts
• Communication: Enable messaging between users
• Matching: Show relevant artists/jobs based on location and preferences
• Safety: Verify users and prevent fraud
• Payments: Process transactions (if applicable)

2.2 Secondary Uses

• Improve Platform features and user experience
• Send service updates and notifications
• Provide customer support
• Conduct research and analytics
• Comply with legal obligations
• Enforce Terms of Service
• Marketing (with consent)

3. INFORMATION SHARING

3.1 With Other Users

The following information is visible to other users:

• Public Profiles: Name, bio, portfolio, reviews
• Location: City/state (precise location only with permission)
• Availability: For artists accepting bookings
• Messages: Only with conversation participants

3.2 With Service Providers

We share data with trusted providers who assist us:

• Cloud hosting services (AWS/Google Cloud)
• Email service providers
• Analytics providers
• Payment processors
• Customer support tools
• Security and fraud prevention services

3.3 Legal Requirements

We may disclose information when required by:

• Court orders or subpoenas
• Law enforcement requests
• National security requirements
• Protection of our legal rights
• Prevention of fraud or harm

3.4 Business Transfers

In case of merger, acquisition, or sale of assets, user information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4. DATA SECURITY

4.1 Security Measures

• Encryption: TLS/SSL for data in transit
• Encryption at Rest: Database encryption
• Access Controls: Role-based permissions
• Password Security: Bcrypt hashing
• Regular Audits: Security assessments
• Incident Response: Breach notification procedures

4.2 Data Breach Notification

In case of a data breach affecting your personal information, we will notify you within 72 hours via email and provide information about the breach and steps to protect yourself.

5. YOUR PRIVACY RIGHTS

5.1 Rights for All Users

• Access: Request a copy of your data
• Correction: Update inaccurate information
• Deletion: Request account and data deletion
• Portability: Export your data
• Opt-out: Unsubscribe from marketing

5.2 GDPR Rights (EU Users)

• Right to be informed about data processing
• Right to restrict processing
• Right to object to processing
• Rights related to automated decision-making
• Right to lodge a complaint with supervisory authority

5.3 CCPA Rights (California Users)

• Right to know what information is collected
• Right to know if information is sold or disclosed
• Right to opt-out of sale (we don't sell data)
• Right to non-discrimination
• Right to authorized agent representation

6. DATA RETENTION

6.1 Retention Periods

• Active Accounts: Data retained while account is active
• Inactive Accounts: Deleted after 2 years of inactivity
• Deleted Accounts: Most data removed within 30 days
• Legal Requirements: Some data retained as required by law
• Backup Systems: Deleted data may persist up to 90 days in backups

6.2 Exceptions

We may retain certain information for:

• Legal compliance and dispute resolution
• Fraud prevention and security
• Aggregated analytics (anonymized)
• Contractual obligations

7. CHILDREN'S PRIVACY

If we discover we have collected information from someone under 18, we will delete that information immediately. Parents who believe we have information about their child should contact us immediately.

8. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses (EU)
• Privacy Shield principles (where applicable)
• Adequate security measures
• Compliance with local data protection laws

9. COOKIES & TRACKING

9.1 Cookie Management

You can control cookies through:

• Browser settings
• Cookie consent banner preferences
• Third-party opt-out tools

9.2 Do Not Track

We currently do not respond to Do Not Track signals. However, you can opt-out of analytics and marketing cookies through our cookie preferences.

10. THIRD-PARTY LINKS

Our Platform may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. We will notify you of material changes via email or Platform notification at least 30 days before they take effect.

12. CONTACT US