Privacy Policy for InkLink

Last updated: 02.September 2025

InkLink (“we,” “our,” “us”) is committed to protecting your privacy and ensuring that your personal data is handled responsibly, transparently, and in compliance with applicable laws, including the EU General Data Protection Regulation (GDPR), the UK Data Protection Act, and other relevant privacy laws.

This Privacy Policy explains how we collect, use, share, and safeguard your information when you use the InkLink mobile app, web platform, or related services (collectively, the “Services”).

1. Who We Are

InkLink is a digital platform connecting customers, tattoo artists, and tattoo shops. We provide booking, payment, portfolio, and community features to simplify the tattoo experience.

• Data Controller: InkLink ApS
• Registered Address: Regenburgsplads 1, 8000 Aarhus C
• Contact Email : privacy@inklinkup.com
• CVR/Registration No: DK41677333

2. Information We Collect

We collect information to provide and improve our Services. This may include:

a) Information You Provide

• Account Information: Name, email address, phone number, username, password.
• Profile Data: Profile picture, gender, pronouns, portfolio images (artists/shops), bios.
• Booking Data: Appointment requests, confirmations, deposits, cancellation details.
• Payment Data: Billing address, transaction details, payment method (processed securely via Stripe; we never store card details).
• Communication Data: Messages sent via our app (customer 㲗 artist/shop), feedback, support requests.
• Identity Verification (for artists/shops): Government ID, business license, certifications (if required for onboarding).

b) Information We Collect Automatically

• Device Data: IP address, browser type, operating system, device identifiers.
• Usage Data: App interactions, clicks, features used, log files, crash reports.
• Location Data (optional): If enabled, we may collect your location to show nearby tattoo shops/artists.

c) Information From Third Parties

• Payment Providers (Stripe): Transaction confirmations
• Social Media (if you link): Public profile information.
• Business Partners: Marketing referrals or promotions.

3. How We Use Your Information

We process your data for the following purposes:

• To create and manage your account.
• To enable bookings, counter-bookings, and schedule management.
• To facilitate secure payments and deposits.
• To provide portfolio hosting for artists and shops.
• To send confirmations, reminders, and relevant notifications.
• To improve and personalize your experience (recommendations, UX).
• To enforce our Terms of Service and prevent fraud or abuse.
• To comply with legal obligations (e.g., tax, accounting, record keeping).
• For marketing (only with your consent).

Legal bases: Performance of contract, consent, legal obligation, and legitimate interests (e.g., service improvement, fraud prevention).

4. How We Share Your Information

We never sell your personal data. We may share data in the following circumstances:

• With Artists/Shops: To complete bookings and provide requested services.
• With Payment Providers (Stripe): For payment processing.
• With Service Providers: IT hosting, analytics, customer support, and cloud storage.
• With Legal Authorities: If required by law, court order, or government request.
• In Business Transfers: If InkLink merges, sells assets, or is acquired.

5. Data Retention

We retain personal data only as long as necessary:

• Account data: Until you delete your account.
• Booking and transaction records: Up to 6 years (for tax/legal compliance).
• Communications: For as long as needed to provide support and services.

When data is no longer required, it will be securely deleted or anonymized.

6. Your Rights

Under GDPR and other laws, you have the following rights:

• Access: Request a copy of your personal data.
• Correction: Update inaccurate or incomplete data.
• Deletion: Request erasure of your data (“right to be forgotten”).
• Restriction: Limit how we process your data.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Opt-out of processing for marketing or legitimate interest purposes.
• Withdraw Consent: If processing is based on consent, you may withdraw it at any time.

To exercise your rights, contact us at privacy@inklinkup.com

7. Data Security

We implement technical and organizational measures to protect your data, including:

• Encrypted storage and transmission (SSL/TLS).
• Access controls and authentication.
• Regular security testing and monitoring.
• Stripe-certified PCI-DSS compliance for payments.

No system is 100% secure, but we take reasonable steps to protect your data.

8. International Data Transfers

If data is transferred outside the EU/EEA (e.g., cloud providers in the US), we ensure safeguards such as Standard Contractual Clauses (SCCs) or equivalent measures are in place.

9. Cookies and Tracking

InkLink uses cookies and similar technologies to:

• Remember your preferences.
• Enable secure login sessions.
• Measure usage and analytics.
• Deliver personalized content and ads.

You can manage or disable cookies in your device/browser settings.

10. Children's Privacy

InkLink is not intended for individuals under 16 years of age. We do not knowingly collect personal data from minors. If we learn that data has been collected from a child without parental consent, we will delete it promptly.

11. Marketing Communications

With your consent, we may send you promotional emails, push notifications, or in-app offers. You can opt out anytime via:

• The unsubscribe link in emails.
• Your app notification settings.
• Contacting privacy@inklinkup.com

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are significant, we will notify you via email or app notification before they take effect.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy, contact:

InkLink ApS

Regenburgsplads 1, 8000 Aarhus C

Email: privacy@inklinkup.com

If you are in the EU/EEA, you also have the right to lodge a complaint with your local Data Protection Authority.