Privacy Policy

Last updated: Sep 14, 2025

Privacy Policy

Please read this document to understand how we collect, use, disclose, and safeguard your information when you use www.tattooed.co and any related mobile experiences (collectively, the “Service”). By using the Service, you agree to this Privacy Policy.

Note: Pricing and plan terms are covered in our Terms & Conditions.

Information We Collect

1) Information You Provide
  • Account details (e.g., name, username, email, password hash).
  • Profile and listing info (e.g., tattoo shop/artist details, hours, location, descriptions, links, photos).
  • Communications (e.g., messages sent via site forms, support requests).
  • Payment-related information for paid features handled by our payment processor (see “Payments” below). We do not store full card numbers.
2) Information Collected Automatically

When you use the Service, we may automatically collect:

  • Usage data (pages viewed, time on page, referring URLs).
  • Device/technical data (IP address, browser type, OS, approximate location derived from IP).
  • Cookies and similar technologies (see “Cookies & Analytics”).
3) Information from Third Parties
  • Social Sign-In: If you sign in with Google or Apple, we receive basic account information necessary to create or authenticate your account (e.g., name, email, provider ID).
  • Analytics/Advertising Partners: We receive aggregated insights to improve the Service (see below).

Authentication Methods

You can create an account and sign in using either (a) email and password or (b) Google or Apple. When you register with email and password, your password is stored as a one-way cryptographic hash and is never stored in plaintext.

Cookies & Analytics

We use cookies and similar technologies to operate and improve the Service. You can adjust your browser settings to block cookies, but some features may not work properly if cookies are disabled.

  • Essential: Required for the Service to function (e.g., session/authentication cookies).
  • Analytics: To understand usage and improve the Service (e.g., Google Analytics / Firebase Analytics).
  • Advertising/Performance: To measure performance and, where applicable, show or measure relevance of ads.

Consent: Where required by law, we will request your consent for non-essential cookies. You can revisit your preferences via your browser settings at any time.

How We Use Your Information

  • Provide, maintain, and improve the Service.
  • Create and manage accounts and profiles (shops, artists, lovers).
  • Authenticate users (email/password and social sign-in) and secure sessions.
  • Process transactions and deliver paid features (see “Payments”).
  • Communicate with you (account notices, transactional emails, support). Marketing emails are optional and include an unsubscribe link.
  • Monitor safety, prevent abuse, enforce our Terms.
  • Comply with legal obligations.

Legal Bases for Processing (EEA/UK Visitors)

  • Contract: To provide the Service you request.
  • Consent: For optional cookies/marketing.
  • Legitimate Interests: To improve and protect the Service.
  • Legal Obligation: To meet compliance requirements.

How We Share Information

We do not sell personal information. We may share information with:

  • Service Providers (Processors) who help us operate the Service (hosting, analytics, email delivery, payments, authentication). They are contractually bound to use data only as instructed by us.
  • Payment Processor (Stripe): We use Stripe to process payments. Stripe may collect and process payment method details (e.g., card brand, last 4) and billing info. We do not store full card numbers on our servers. See Stripe’s privacy practices for details.
  • Authentication Providers: Google and Apple for social sign-in authorization. (Email/password authentication is handled directly by us; passwords are stored as one-way hashes.)
  • Legal/Compliance: To comply with law, enforce our Terms, or protect rights/safety.

Payments

When you purchase paid features, payments are processed by Stripe. We receive limited payment metadata (e.g., successful/failed status, card brand/last 4 via tokens) to manage your access. We do not store full payment card numbers. For recurring plans, Stripe stores your payment method on their PCI-compliant systems so we can bill monthly until you cancel. See our Terms for plan types and billing rules.

Data Retention

We keep information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion of your account data (see “Your Rights & Choices”). Some data (e.g., transaction records) may be retained where required by law.

Your Rights & Choices

  • Access/Update: View and edit your account/profile information in your dashboard.
  • Delete: You may delete your account in the dashboard or by contacting us. This removes your profile data from active systems, subject to legal/operational retention requirements (e.g., billing records).
  • Marketing Opt-Out: Unsubscribe using the link in any marketing email.
  • Cookies: Manage via your browser settings (note that some features may not work without cookies).

California/CPRA Notice: California residents may have additional rights, including to know, delete, and correct certain personal information. We do not sell personal information. To submit a request, contact us using the details below.

Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information. Passwords are stored using one-way hashing and are never stored in plaintext. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us so we can delete it.

International Transfers

We may process and store information in the United States and other countries. By using the Service, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules. Where required, we implement appropriate safeguards.

Third-Party Vendors

We use Google products (e.g., Google Analytics, Firebase Analytics) to help us understand and improve the Service. These tools may collect IP addresses, device information, and usage data. Data retention settings (e.g., 14-month minimum for Analytics) may apply. For more information about Google’s practices, visit their Privacy & Terms.

Email Communication

We may email you for account, transactional, support, and—if you opt in—marketing purposes. You can unsubscribe from marketing emails at any time using the link in those emails. Transactional and important account/security notices (e.g., email verification, password reset) are required to operate the Service.

Your Website Activity

Information you choose to publish (e.g., shop or artist listings, photos, descriptions, hours, links) is intended for public display and may be indexed by search engines. Contact forms are used for general communication and are not sold to third parties.

Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date above reflects the current version. Your continued use of the Service after changes indicates acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us via the Contact page.