InkPro ("we," "our," or "InkPro") is committed to protecting the privacy and personal data of its users ("you"). This policy explains what information we collect, how we use, share, and secure it, in accordance with the General Data Protection Regulation (GDPR) of the European Union and the French Data Protection Act.
1. Information We Collect
We collect different types of information as part of your use of the InkPro platform:
1.1 Information You Provide to Us Directly:
Identification and Contact Data: Salon name, display name, SIRET/company number, full address, main phone, contact email, website, social media.
User Account Information: Full name, email address, password.
Tattoo Artist Profile Information: Profile photo, display name of the AI, location, practiced styles, years of experience, specializations, training.
Billing and Payment Data: Information necessary for managing subscriptions and payments through Stripe (we do not directly store your full bank details, they are managed by Stripe).
Custom Content: Custom prompts for the AI, pricing grids, descriptions of specialized services, personal notes regarding clients, contraindications, preferences.
1.2 Information Collected Automatically:
Platform Usage Data: History of AI actions, escalation rate, estimated satisfaction.
Technical Data: Information related to your browser, operating system, IP address.
Instagram Connection Data: Instagram access token (stored securely and encrypted), Instagram profile information of your clients (photo, name, nickname).
Communication Data: Complete history of Instagram conversations via webhooks.
1.3 Information from Third Parties:
Instagram Graph API: Direct messages, public profile information of clients.
Stripe: Payment confirmations, subscription management.
2. How we use your information
We use the information collected for the following purposes:
Provide and manage the InkPro service: Creating and managing your account, accessing platform features, managing roles and permissions.
Automate Instagram communication: Allowing the AI agent to respond to questions, manage appointments, and analyze images.
Centralize the management of your activity: Managing messages, calendar, clients, and pricing.
Personalize the AI experience: Using your prompts, styles, pricing, and availability so that the AI respects the tone and specifics of your salon.
Manage subscriptions and payments: Processing transactions via Stripe, managing subscription plans, and billing.
Improve our services: Analyzing platform usage to optimize performance, develop new features, and fix bugs.
Ensure platform security: Protecting against fraud, abuse, and unauthorized access.
Communicate with you: Sending notifications related to your account, service updates, AI escalation alerts.
Meet our legal and regulatory obligations: Complying with applicable laws, including GDPR.
3. Sharing your information
We only share your personal information with the following third parties and only when necessary for the purposes described above:
Third-party service providers:
Meta (Instagram Graph API): For integrating messages and connecting your Instagram account.
OpenAI: For the artificial intelligence engine that manages conversations.
Stripe: For managing payments and subscriptions.
Cloud hosts (Azure): For hosting the application and the PostgreSQL database.
As part of the multi-user salon: Salon administrators have a consolidated view of all clients in the salon and can assign/reassign clients between tattooers. Tattooers only have access to their assigned conversations and clients. InkPro Super Admins do not have access to internal salon data (conversations, clients).
Legal authorities: If required by law or if we believe in good faith that this disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.
4. Data Storage and Security
Data Location: Your data is hosted in Europe to ensure GDPR compliance.
Security: We implement robust security measures to protect your data:
Secure JWT authentication with automatic refreshing.
Multi-tenant isolation to prevent cross-access between rooms.
HTTPS required for the encryption of all communications.
Daily database backups with a 30-day retention period.
Secure and encrypted storage of Instagram access tokens.
5. Your rights regarding data protection (GDPR)
In accordance with the GDPR, you have the following rights concerning your personal data:
Right of access: Obtain confirmation that your data is being processed and request a copy of it.
Right of rectification: Request the correction of inaccurate or incomplete data.
Right to erasure ("right to be forgotten"): Request the deletion of your data, under certain conditions.
Right to restrict processing: Request the suspension of processing your data in certain cases.
Right to data portability: Receive the data you have provided to us in a structured, commonly used, and machine-readable format, and transmit it to another data controller.
Right to object: Object to the processing of your data for legitimate reasons.
Right to withdraw consent: Withdraw your consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
Right to lodge a complaint: File a complaint with a competent supervisory authority.
To exercise these rights, please contact us at tech.inkpro@gmail.com.
6. Modifications to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Any changes will be posted on this page with a revised "last updated" date. We encourage you to review this page regularly to stay informed about how we protect your information.
7. Contact Us
If you have any questions regarding this Privacy Policy or our data practices, please contact us at:
InkPro / titouan@inkpro.io