Legal
Last updated: March 2026
InkSchedule (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and related services (collectively, the “Service”).
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access or use the Service.
When you create an account, we collect your name, email address, password (stored in hashed form), studio name, and other profile details you choose to provide. For artist profiles, this may include specialties, bio, and portfolio images.
We collect information related to bookings made through the Service, including client names, contact details (email, phone number), appointment dates and times, service descriptions, reference images, intake form responses, consent form signatures, and health information provided by clients.
Payment processing is handled by Stripe. We do not directly store credit card numbers or full payment account details on our servers. Stripe may collect and store payment information in accordance with its own privacy policy. We store transaction records, deposit amounts, and payment status for your records.
We collect usage data to improve the Service, including pages visited, features used, session duration, browser type, device type, IP address, and referring URLs. This data is collected in aggregate and is used to understand how the Service is used and to identify areas for improvement.
We use the information we collect to:
We do not sell your personal data. We share information with third-party service providers only as necessary to operate the Service:
Payment processing, deposit collection, and Stripe Connect payouts to studios. Stripe processes payment data in accordance with its own privacy policy and PCI DSS compliance standards.
Email delivery for booking confirmations, reminders, aftercare instructions, and system notifications. Resend processes recipient email addresses and message content on our behalf.
SMS notifications for booking reminders and waitlist alerts. Twilio processes recipient phone numbers and message content on our behalf.
Calendar synchronization, when enabled by the user. We access only the calendar data necessary to sync bookings and do not read or modify unrelated calendar events.
We retain your personal data for as long as your account is active or as needed to provide you with the Service. If you close your account, we will retain your data for up to 90 days to allow for account recovery, after which it will be permanently deleted from our systems.
Booking records, transaction data, and consent forms may be retained for longer periods as required by applicable law or for legitimate business purposes such as tax reporting and dispute resolution.
You have the right to:
To exercise any of these rights, please contact us at the address below. We will respond to your request within 30 days.
We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyze usage patterns. The cookies we use include:
You can control cookie settings through your browser. Disabling essential cookies may prevent you from using certain features of the Service.
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws apply to the processing of your personal data.
Our legal bases for processing personal data include: performance of a contract (providing the Service), legitimate interests (improving the Service, preventing fraud), compliance with legal obligations, and your consent (where applicable).
Your data is primarily stored on servers within the European Union. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
You have the right to lodge a complaint with your local data protection authority if you believe your data is being processed unlawfully.
We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), encryption at rest, secure authentication mechanisms, and regular security audits. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. We encourage you to review this policy periodically for any changes. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:
Email: privacy@inkschedule.app
Address: InkSchedule, Switzerland