Privacy Policy

Last updated: March 15, 2026

Overview
Data We Collect
How We Use Your Data
Third-Party Services
Data Storage & Security
Your Rights & Choices
Data Deletion
Children's Privacy
Changes to This Policy
Contact Us

1. Overview

FreshInked ("FreshInked," "we," "us," or "our") operates the FreshInked mobile application, a marketplace that connects tattoo artists with clients. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the choices you have regarding your information.

By using FreshInked, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

We do not sell your personal data to advertisers or data brokers. Ever.

2. Data We Collect

Account Data (all users)

When you create an account, we collect:

Name — your display name as entered during registration.
Email address — used for authentication and transactional communications.
Username — your unique public handle on the platform.
Profile picture — an optional photo you upload to personalize your profile.
Account role — whether you are registered as a client or an artist.

Artist-Only Data

If you register as an artist, we additionally collect:

Phone number — for client contact and booking coordination.
Studio name and address — your tattooing location, displayed publicly on your profile.
Portfolio images — photos of your tattoo work, stored in Cloudflare R2 and reviewed by AI content moderation before publication.
Tattoo styles and bio — descriptive information you provide about your work.
Deposit information — your booking deposit requirements as set in your artist settings.
Booking availability — whether you are currently accepting bookings.

Location Data

FreshInked uses your device's approximate location to show you artists near you. Location is processed locally on your device and is not transmitted to or stored on our servers. We only use location for the in-app distance calculation; we never log your coordinates.

Messages

Chat messages sent between clients and artists through FreshInked's in-app messaging are stored in Firebase Firestore. These messages are used to facilitate bookings and support dispute resolution. Messages are not used for advertising purposes.

Push Notification Token

If you allow push notifications, we store your Expo push notification token in Firebase Firestore so we can send you booking updates and messages. You can revoke this permission at any time through your device's notification settings.

Analytics & Usage Data

We collect anonymized usage data to understand how the app is used and to improve the Service:

Firebase Analytics — collects a pseudonymous user identifier, app interactions (screens viewed, buttons tapped), and session durations.
PostHog — session replay and event tracking to understand user flows and identify usability issues. Session replays are captured on an opt-in basis and may record screen interactions but do not record passwords or payment details.

Error & Crash Data

Sentry — we use Sentry to capture crash logs, error stack traces, and diagnostic information including a device identifier and operating system version. This data is used solely for debugging and improving app stability.

Data We Do NOT Collect

Payment card numbers or banking information (payments are handled directly between artists and clients).
Precise GPS coordinates stored server-side.
Contacts from your device's address book.

3. How We Use Your Data

Purpose	Data Used	Legal Basis
Provide and operate the Service	Account data, messages, push tokens	Contract performance
Display artist profiles and portfolios	Artist profile, portfolio images	Contract performance / Legitimate interest
Send booking notifications	Push token, email, messages	Contract performance
Moderate portfolio content	Portfolio images (AI-reviewed)	Legitimate interest (platform safety)
Improve the app	Analytics, crash logs	Legitimate interest
Customer support	Account data, messages	Contract performance / Legal obligation
Fraud prevention & safety	Account data, usage patterns	Legitimate interest / Legal obligation

We do not use your data for targeted advertising.

4. Third-Party Services

FreshInked uses the following third-party services that may process your data. Each provider has their own privacy policy governing their data practices:

Google Firebase

We use Firebase Authentication, Firestore (database), and Firebase Cloud Messaging for core app functionality including authentication, real-time messaging, and push notifications. Firebase is operated by Google LLC. Google Privacy Policy

Cloudflare

We use Cloudflare R2 (object storage) and Cloudflare Workers (serverless compute) to store portfolio images and handle backend operations including AI content moderation. Cloudflare Privacy Policy

PostHog

PostHog provides product analytics and session replay. Data processed by PostHog is pseudonymous and governed by their privacy policy. PostHog Privacy Policy

Sentry

Sentry provides error monitoring and crash reporting. Error reports may include device identifiers and stack traces. Sentry Privacy Policy

Expo (by Expo.dev / Meta Platforms)

FreshInked is built on the Expo platform, which provides the push notification infrastructure. Expo stores push tokens to deliver notifications on our behalf. Expo Privacy Policy

We require all third-party providers to implement appropriate safeguards for your data and to use it only for the purposes we have specified.

5. Data Storage & Security

Your data is stored on servers located in the United States. We implement industry-standard security measures including:

Encryption in transit using TLS for all network communications.
Encryption at rest for data stored in Firebase and Cloudflare R2.
Access controls limiting data access to authorized personnel only.
Firebase security rules to prevent unauthorized data access.
Server-side validation for all data writes.

While we take reasonable measures to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

We retain your account data for as long as your account is active. Analytics and crash data are retained for up to 24 months. Chat messages are retained until you or the other party deletes the conversation.

6. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Correction: Update or correct inaccurate data through the app's profile settings.
Deletion: Delete your account and associated data (see Section 7).
Objection: Object to processing of your data for legitimate interests.
Portability: Request an export of your data in a machine-readable format.
Withdraw consent: Where processing is based on consent (e.g., push notifications), withdraw that consent at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Notification Preferences

You can manage push notification permissions through your device settings at any time. Disabling notifications will not affect your ability to use the core features of the app.

Analytics Opt-Out

Firebase Analytics can be disabled on Android via your Google account's ads settings. On iOS, limiting ad tracking via device settings also limits Firebase Analytics data collection.

7. Data Deletion

You can request deletion of your FreshInked account and associated personal data at any time. To do so:

Open the FreshInked app.
Go to Settings → Account.
Tap Delete Account and confirm.

Upon deletion, we will:

Permanently delete your account credentials and profile information.
Remove your portfolio images from Cloudflare R2 storage.
Anonymize or delete your chat message history.
Remove your push notification token from our systems.

Some data may be retained for up to 90 days in backup systems before being fully purged. Aggregated, anonymized analytics data that cannot be linked to you may be retained indefinitely.

If you are unable to access the app to request deletion, email us at [email protected] with the subject line "Account Deletion Request."

To request data deletion without app access, email [email protected] with your registered email address and the subject "Account Deletion Request."

8. Children's Privacy

FreshInked is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a user is under 18, we will promptly delete their account and associated data. If you believe a minor has created an account, please contact us at [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via in-app notification or email prior to the change taking effect. The "Last updated" date at the top of this policy reflects the most recent revision. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out:

Email: [email protected]
Website: www.freshinked.com

We aim to respond to all privacy-related inquiries within 30 days.