TatTool is operated by Bilfi ApS. This Privacy Policy explains how Bilfi ApS collects, uses, stores, and shares personal information when you visit our website, use TatTool, communicate with us, receive a TatTool-powered message, sign a consent form, complete a payment, or otherwise interact with TatTool.

TatTool is a studio management platform for tattoo artists and studios. It supports bookings and consultations, client records, payments, digital consent forms, ink documentation, team access, messaging, automation, reporting, and related support workflows.

Who We Are

The controller for personal information described in this Privacy Policy is:

Bilfi ApS
CVR 41643838
Vindingvej 34
7100 Vejle
Denmark
info@tattool.io

We have not appointed a formal data protection officer. Privacy and data protection questions should be sent to info@tattool.io.

Our Role and Customer Roles

The privacy role we play depends on the data and the context in which it is processed.

• Bilfi ApS acts as controller for our website, account registration, authentication, billing, subscriptions, security, support, product operations, service analytics, legal compliance, and our direct business communications.
• TatTool customers usually act as controllers for studio data they enter or manage in TatTool, including client records, bookings, consultations, consent forms, payment records, ink documentation, message templates, and communication workflows.
• Bilfi ApS may act as processor or service provider when we host, transmit, store, or otherwise process studio data on behalf of a customer. If you are a client of a studio using TatTool, the studio may be primarily responsible for telling you how and why your information is used.

Data Processing Agreement

When Bilfi ApS processes customer-controlled studio data as processor, that processing must be governed by a data processing agreement or other written terms that meet applicable data protection requirements. Those terms cover processing instructions, confidentiality, security, subprocessors, international transfers, assistance with data subject requests, and deletion or return of customer data.

Customers that need a signed data processing agreement can contact info@tattool.io. The public TatTool data processing agreement is available at tattool.io/dpa.

Information We Collect

The information we collect depends on how you use TatTool and which features a studio enables. It may include:

• Account and profile data: name, email address, avatar, phone number, language, password or authentication credentials, two-factor authentication settings, verification data, session data, and account preferences.
• Organization and membership data: organization names, handles, locations, opening hours, member roles, permissions, invitations, team settings, tags, payment settings, communication settings, and extension configuration.
• Client and booking data: client names, contact details, appointment details, consultations, booking notes, participants, organizers, location, date and time, status, reminders, history, and related operational records.
• Consent form data: templates, form fields, sent links, signing status, approval status, timestamps, metadata, and locked signed PDFs. Signed consent PDFs are stored encrypted when the Digital Consent Forms extension is used.
• Ink and compliance workflow data: ink inventory records, brands, colors, batch or bottle details, open and expiration dates, retailers, booking-level ink usage, data sheets, and client-facing ink information links.
• Payment and billing data: plans, seats, subscription state, invoices, billing contacts, payment records, payment requests, amounts, currencies, refunds, verification state, Stripe customer, account, checkout, charge, refund, payout, and webhook identifiers. Card details are processed by Stripe and are not stored by TatTool.
• Communication data: message templates, email and SMS recipients, message content, delivery logs, provider selection, webhook events, bounce or delivery status, and related flow logs.
• Files and uploaded content: avatars, logos, public images, booking images, ink data sheets, consent PDFs, and other files uploaded to TatTool or generated by TatTool features.
• Usage, device, and security data: IP address, device and browser information, user agent, approximate location inferred from network data, URLs visited, actions taken, audit events, authentication activity, error logs, diagnostics, and operational telemetry.
• Website and cookie data: essential cookie data, cookie preference records, and optional analytics or marketing data where those technologies are enabled and accepted.
• AI and documentation assistant data: questions you submit to TatTool's documentation assistant, retrieved documentation context, generated answers, and related technical logs.
• Support, sales, and feedback data: messages you send us, contact details, demo requests, support context, attachments, and our responses.

Special Category and Sensitive Data

Tattoo studio workflows can involve sensitive information. Depending on how a studio configures TatTool, client records, booking notes, consultations, consent forms, or uploaded files may include health information, allergy information, medication details, pregnancy-related information, age or identity checks, accessibility needs, or other information that may be treated as special category or sensitive data under applicable law.

Studios and organizations are responsible for deciding whether to collect that information, limiting it to what they need, giving clients the required notice, and establishing the required legal basis and any special-category condition. When Bilfi ApS processes this information only to provide TatTool to the studio, we do so as processor under the customer's instructions, except where we must process limited information as controller for security, support, legal compliance, or service operations.

TatTool is not designed to be a medical record system, emergency system, or clinical diagnosis tool. Studios should avoid entering health or other sensitive information unless it is genuinely needed for the studio's lawful tattoo workflow.

Required and Optional Information

Some information is required to provide TatTool, such as account credentials, organization settings, authentication data, billing data for paid plans, and the operational records needed for selected product features. Other information is optional or customer-configured, such as profile details, booking notes, custom consent form questions, uploaded files, message templates, ink data sheets, optional communication extensions, and optional analytics or marketing cookies.

If required information is not provided, some parts of TatTool may not work. If optional information is not provided, the related optional feature may be unavailable or less useful.

Sources of Information

We collect personal information from several sources:

• Directly from you when you create an account, configure a workspace, contact us, submit a form, sign a consent form, or complete a payment.
• From studios, organizations, and authorized users who enter or manage client, booking, payment, consent, ink, or communication data in TatTool.
• Automatically from your browser, device, and network when you use the website, app, client portals, payment links, consent links, or shared ink links.
• From integrated services such as Stripe, Resend, Twilio, configured email providers, hosting and storage providers, analytics tools, error monitoring tools, and AI providers.

How We Use Information

We use personal information to:

• Provide, operate, maintain, and improve TatTool.
• Create accounts, authenticate users, manage sessions, and protect account access.
• Support organizations, roles, permissions, locations, members, invites, settings, extensions, and team workflows.
• Manage bookings, consultations, client records, participants, schedules, reminders, consent forms, ink records, and related history.
• Process subscriptions, maintain billing records, support payment requests, record offline payments, synchronize Stripe payment status, and support refunds, verification, reporting, and audit trails.
• Send transactional, operational, email, and SMS messages, including invitations, password resets, verification emails, reminders, payment links, consent links, and service notices.
• Run communication-only automations through flows, apply trigger and condition logic, execute message actions, and keep flow logs.
• Generate reports, insights, utilization views, revenue views, and operational dashboards.
• Provide documentation search, AI-assisted documentation answers, and related support experiences.
• Respond to support, sales, security, and administrative requests.
• Monitor, troubleshoot, secure, and debug the website, app, APIs, webhooks, storage, and infrastructure.
• Detect abuse, prevent fraud, enforce our terms, and protect users, customers, clients, and the service.
• Comply with legal, tax, accounting, regulatory, and contractual obligations.

Legal Bases

Where GDPR or similar privacy law applies, we rely on these legal bases:

• Providing the website, accounts, app, and selected features: contract where the processing is needed to provide TatTool to you or the organization you represent; legitimate interests where we provide business-to-business services, maintain the website, or support a customer relationship.
• Customer-controlled studio data: processed as processor under the customer's instructions where a studio uses TatTool for clients, bookings, consent forms, ink records, payments, messages, reports, and related workflows. The customer determines the legal basis and any special-category condition for that processing.
• Billing, subscriptions, tax, and accounting: contract to administer paid plans and payment status; legal obligation where we must keep accounting, tax, invoice, consumer, or compliance records.
• Security, fraud prevention, audit logs, and reliability: legitimate interests in protecting TatTool, customers, clients, and the public; legal obligation where security or incident handling is required by law.
• Support, sales, and service communications: contract where support relates to your account or service use; legitimate interests for business communications, demos, troubleshooting, and customer success; consent where required for optional marketing.
• Cookies, analytics, and marketing technologies: consent where required for non-essential cookies or similar technologies; legitimate interests for strictly necessary storage and security-related measurements.
• AI-assisted documentation and support: contract or legitimate interests to answer product questions, improve support, and maintain documentation tools, depending on the user and context.
• Legal claims, compliance, and lawful requests: legal obligation where applicable law requires processing; legitimate interests where processing is needed to establish, exercise, or defend legal claims.

Where a customer is the controller, that customer is responsible for identifying the legal basis for its use of client, employee, contractor, guest artist, booking, consent, ink, payment, and messaging data in TatTool.

Cookies and Similar Technologies

We use essential cookies and similar technologies to run the website and product, keep sessions secure, remember preferences, and maintain core functionality. We ask for consent before using optional analytics or marketing technologies where consent is required.

• Essential storage: required for site behavior, authentication, security, and remembering cookie preferences. The marketing site stores the cookie preference in local storage for up to 180 days.
• Analytics storage: used only if accepted, to understand which pages visitors use and how the marketing site can be improved.
• Marketing storage: used only if accepted, to measure website performance and avoid repeatedly showing the same marketing messages.

You can accept all, decline optional cookies, or save custom preferences in the cookie dialog. After saving, you can reopen cookie settings from the cookie button on the website. You can also control cookies and local storage through your browser settings.

Disabling essential cookies or clearing essential storage may prevent parts of TatTool from working properly.

How We Share Information

We may share personal information with:

• Authorized organization members according to the roles, permissions, and settings configured by the relevant organization.
• Studios and customers where information relates to their workspace, clients, bookings, consent forms, payments, ink records, communications, or support requests.
• Clients and message recipients when a studio uses TatTool to send payment links, consent links, reminders, ink information, receipts, or other communications.
• Service providers that help us provide hosting, database, storage, security, authentication, email, SMS, analytics, error monitoring, customer support, and operational services.
• Stripe for subscriptions, billing, Stripe Connect, Checkout, payment requests, payment status, refunds, account status, and related payment processing.
• Communication providers such as Resend, Twilio, and other configured email providers when a studio sends email or SMS through TatTool.
• Storage and infrastructure providers such as secure object storage providers used for files, signed consent PDFs, avatars, images, and data sheets.
• AI providers where needed to provide AI-assisted documentation answers or related product support features.
• Authorities, courts, regulators, or other parties when required by law, legal process, or to protect rights, safety, security, and service integrity.
• Transaction parties in connection with a merger, acquisition, financing, restructuring, sale of assets, or similar business transaction.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising where doing so would be treated as a sale or share under applicable law without providing any required choice.

Subprocessors and Integrations

TatTool uses service providers and integrations to provide the service. The exact providers involved can depend on the feature, environment, and customer configuration, but the main categories include:

• Hosting, database, and authentication providers for the app, APIs, accounts, sessions, database storage, and operational infrastructure.
• Object storage providers for uploaded files, avatars, public images, ink data sheets, and encrypted consent PDFs.
• Stripe for subscription billing, Stripe Connect, Checkout, payment requests, refunds, account status, and payment events.
• Resend, Twilio, and other configured communication providers for transactional email, organization email, SMS messages, and delivery webhooks.
• Error monitoring, logging, and security providers for service diagnostics, incident response, reliability, and abuse prevention.
• AI providers for documentation assistant and support features when those features are used.

Some integrations are chosen and configured by customers. For example, a studio may connect its own Stripe account, Twilio account, Resend account, or another communication provider. In those cases, the studio is responsible for its relationship with that provider, including provider terms, compliance, and client notices.

Customers can contact info@tattool.io to request current subprocessor information for their use of TatTool. Current public subprocessor information is also available at tattool.io/subprocessors.

Customer Responsibilities

Studios and organizations using TatTool are responsible for how they collect and use personal information in their workspace. This includes:

• Providing appropriate privacy notices to clients, staff, contractors, guest artists, and other people whose data they enter into TatTool.
• Obtaining required permissions or consent for client records, consent forms, SMS messages, email messages, payment requests, ink information sharing, and other workflows.
• Configuring roles and permissions so workspace users only access the information they need.
• Exporting and storing downloaded PDFs, reports, data sheets, and other files securely after they leave TatTool.
• Complying with local tattoo, health, consumer, recordkeeping, marketing, communications, employment, and privacy rules that apply to their studio.
• Avoiding unnecessary sensitive client data in support requests, AI documentation questions, message templates, and free-text notes unless the studio has authority to process and share that information.

International Transfers

TatTool and our service providers may process information in countries other than your own, including countries outside the European Economic Area. Transfers may happen when we use international hosting, infrastructure, payment, communication, storage, support, security, or AI providers, or when a customer configures an integration with a provider outside its own country.

Where applicable law requires safeguards for international transfers, we use appropriate contractual, technical, and organizational safeguards, such as adequacy decisions, data processing agreements, the European Commission's Standard Contractual Clauses, transfer impact assessments, and supplementary measures where relevant. Customers can contact info@tattool.io to request more information about transfer safeguards that apply to their use of TatTool.

Data Retention

We retain personal information for as long as necessary for the purpose for which it was collected, including to provide the service, maintain security, resolve disputes, comply with legal obligations, and support customer instructions. Retention varies by category:

• Account, profile, membership, and organization records are generally kept while the account or organization remains active and for a period afterward to support account recovery, security, disputes, and legal obligations. Unless a longer period is required, we aim to delete or anonymize inactive account records after the customer relationship has ended and deletion is no longer blocked by billing, security, support, or legal needs.
• Customer-controlled studio data, including client, booking, consent, ink, payment, and communication data, is retained according to the customer's use of TatTool, product settings, legal needs, and any applicable agreement. Customers are responsible for deciding whether particular client, consent, ink, health, or recordkeeping data must be retained for local tattoo, health, or consumer law purposes.
• Deactivating or uninstalling some extensions may permanently delete extension-specific data. For example, uninstalling Digital Consent Forms may delete templates and collected consent form data for the organization, so studios should export records they need before deactivation.
• Billing, payment, accounting, and tax records may be kept for the period required by law or needed to document transactions. Danish accounting material is generally retained for at least five years after the end of the relevant financial year.
• Security logs, audit records, webhook logs, diagnostics, and error logs are kept for the period reasonably needed to secure the service, investigate incidents, maintain reliability, and defend legal claims. Where feasible, routine operational logs are reviewed for deletion or anonymization when they are no longer needed for those purposes.
• Backups and disaster recovery copies may retain information for a limited period after deletion from active systems. We protect backup copies and do not use them for ordinary processing unless restoration is needed for recovery, security, legal, or continuity purposes.
• Cookie preference records on the marketing site are kept in local storage for up to 180 days unless you clear them sooner.
• Support, sales, and business communication records are kept for the period needed to handle requests, maintain continuity, and document business interactions.

When information is no longer needed, we may delete it, de-identify it, or retain it only where continued storage is required or permitted by law.

Security

We use administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, misuse, loss, alteration, and disclosure. These safeguards include role-based access controls, authentication controls, encrypted secrets for connected extensions, secure storage practices, monitoring, and encryption for signed consent PDFs.

No method of transmission or storage is completely secure. If you believe your account, workspace, or data has been compromised, contact us promptly at info@tattool.io.

Your Rights

Depending on where you live and the role we play for the data involved, you may have rights to:

• Access personal information we hold about you.
• Correct inaccurate or incomplete personal information.
• Request deletion of personal information.
• Request restriction of processing.
• Object to certain processing.
• Request portability of personal information where applicable.
• Withdraw consent where processing relies on consent.
• Opt out of certain marketing communications or optional cookies.
• Lodge a complaint with a competent supervisory authority.

If your request relates to information controlled by a studio or organization using TatTool, we may direct you to that customer or work with that customer to respond. To exercise rights for information where Bilfi ApS is controller, contact info@tattool.io. We may ask you to verify your identity before fulfilling a request. Withdrawing consent does not affect processing that happened before the withdrawal.

Additional Regional Rights

Some regions provide additional privacy rights, such as rights to know more about categories of personal information, request correction or deletion, receive a copy of information, limit certain sensitive-data uses, opt out of certain targeted advertising or sale/share activities, or appeal a privacy request decision. Where those laws apply to Bilfi ApS, we will honor those rights as required.

We do not sell personal information. If our use of optional marketing technologies is treated as targeted advertising, selling, or sharing under a law that applies to you, you can decline optional cookies in the cookie dialog or contact us at info@tattool.io.

Automated Processing

TatTool uses operational logic to provide the service, such as role and permission checks, payment status updates, flow triggers, message conditions, delivery webhooks, reporting calculations, and security checks. Flows are designed for communication workflows and do not change bookings, payments, or studio records automatically. We do not describe these features in this policy as solely automated decision-making that produces legal or similarly significant effects about individuals.

Children and Minors

TatTool is a business product for studios and is not directed to children. If a studio uses TatTool to process information about a minor, the studio is responsible for having the required authority, consent, and legal basis under applicable law. If you believe a child has provided information to Bilfi ApS directly without proper authority, contact us so we can review the request.

Complaints

If you have concerns about how Bilfi ApS handles personal information, we encourage you to contact us first at info@tattool.io. You may also lodge a complaint with the Danish Data Protection Agency, Datatilsynet, or with your local supervisory authority where applicable.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date on this page. If a change is material, we may provide additional notice through the website, product, email, or another appropriate channel.

Contact

If you have questions about this Privacy Policy or TatTool's data practices, contact Bilfi ApS at info@tattool.io or write to Vindingvej 34, 7100 Vejle, Denmark.