Legal · Policy 01

Privacy Policy

What Pric'd collects when you book, get booked, and connect your Google account — and exactly what we do (and never do) with it.

Last updated · May 17, 2026

This Privacy Policy explains how Pric'd ("Pric'd", "we", "us", or "our") collects, uses, stores, and shares information when you use our website, applications, and related services (collectively, the "Service"). The Service helps tattoo studios and artists publish bookable profiles and helps clients discover artists, request appointments, and pay deposits.

By using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.

01

Information We Collect

We collect the following categories of information:

  • Account information. Name, email address, password (hashed), phone number, business or studio name, role (artist, studio, customer), and profile details you provide directly.

  • Booking information. Tattoo size, reference images you upload, preferred date and time, deposit amounts, and messages exchanged with artists or studios.

  • Payment information. Processed by our payment provider, Stripe. We do not store full card numbers on our servers; Stripe handles card data in accordance with PCI-DSS.

  • Google account data. Collected when you choose to sign in with Google or connect Google Calendar (see Section 3).

  • Usage and device data. IP address, browser type, pages viewed, and timestamps, collected automatically through standard server logs and cookies.

02

How We Use Information

  • To create and manage your account and authenticate sign-ins.

  • To enable the core booking flow: showing artist availability, taking deposits, confirming appointments, and notifying both parties.

  • To send transactional messages such as booking confirmations, payment receipts, password resets, and magic-link sign-in emails.

  • To operate, maintain, secure, and improve the Service, including debugging, analytics, and abuse prevention.

  • To comply with legal obligations and enforce our Terms and Conditions.

03

Google User Data

Pric'd offers two optional integrations with Google: Sign-in with Google and Google Calendar sync. We only request the minimum scopes needed for these features.

3.1 Sign-in with Google

When you sign in with Google, we request the profile and email scopes. We use this information solely to identify you and create or sign you into your Pric'd account. We store your name, email address, Google account ID, and (if provided) your profile picture URL.

3.2 Google Calendar Integration

If you connect Google Calendar, we request the https://www.googleapis.com/auth/calendar.events.owned scope. This scope only permits us to manage events on calendars you own (such as your primary Google Calendar). We use this access solely to create calendar events on your primary calendar that correspond to bookings made through Pric'd, and to update or delete those events if a booking is rescheduled or cancelled.

We store an encrypted OAuth refresh token so we can continue syncing Pric'd bookings to your calendar without asking you to sign in again. We do not read, modify, or store calendar events that were not created by Pric'd.

3.3 Limited Use Disclosure

Pric'd's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we do not:

  • Use Google user data to serve advertising of any kind.

  • Sell Google user data.

  • Transfer Google user data to third parties except as necessary to provide or improve the Service, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.

  • Allow humans to read Google user data, except (a) with your explicit consent, (b) for security purposes (such as investigating abuse), (c) to comply with applicable law, or (d) where the data has been aggregated and anonymized for internal operations.

3.4 Revoking Access

You can disconnect Google Calendar from within your Pric'd dashboard at any time. You can also revoke Pric'd's access directly at myaccount.google.com/permissions. When you revoke access, we stop syncing with Google and delete the stored refresh token.

04

How We Share Information

We share information only as needed to run the Service:

  • Between booking parties. When you book with an artist or studio, we share the booking details (name, contact email or phone, tattoo reference images, requested time, and notes) with the artist or studio so they can fulfil the appointment.

  • Service providers. Stripe (payments), our cloud hosting provider, transactional email provider, and analytics tooling help us operate the Service. These providers process data on our behalf under contractual confidentiality obligations.

  • Legal and safety. We may disclose information when required by law, subpoena, or to protect the rights, property, or safety of Pric'd, our users, or the public.

  • Business transfers. In connection with a merger, acquisition, or sale of assets, with notice to affected users.

We do not sell your personal information.

05

Data Retention

We retain personal information for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Booking and payment records may be kept longer for accounting and tax purposes. When you delete your account, we delete or anonymize personal data within a reasonable period, except where retention is required by law.

06

Security

We use industry-standard technical and organizational measures to protect personal data, including encrypted transport (HTTPS), encryption of OAuth tokens at rest, hashed passwords, role-based access controls, and audit logging. No system is perfectly secure; if we become aware of a breach affecting your data, we will notify you in accordance with applicable law.

07

Your Rights

Depending on your location, you may have rights to access, correct, export, or delete your personal information, to object to or restrict certain processing, and to lodge a complaint with a data protection authority. You can exercise most of these rights from your account settings, or by contacting us at the address below.

08

Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us so we can delete it.

09

International Transfers

We may process and store personal data in countries other than the one in which you live. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

10

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Last updated" date above and, where appropriate, by additional notice (such as email or an in-product banner).

11

Contact Us

Questions, requests, or complaints about this policy or your data can be sent to support@pricd.co.uk.