Privacy Policy
Last updated: July 4, 2026
Who we are
Collabo.ink is operated by Colabo Labs LLC, a Wyoming, USAlimited liability company (“Collabo”, “we”, “us”). Registered address: 30 N Gould St, Ste N, Sheridan, WY 82801, USA.
What we collect
- Artists: email, name, city, timezone, payout details via Stripe, Instagram handle if connected (Pro tier).
- Clients (booking on an artist’s mini-site): name, email, phone (optional), tattoo idea description, body placement, approximate size, reference image links.
- Operational data: bookings, payments, soft-holds, intake responses, internal artist notes.
What we don’t collect
- Date of birth (we use a self-attested 18+ checkbox).
- Medical history (we recommend artists collect this in-person on the day of the session).
- Government ID, social security number, or comparable identifiers.
- We don’t sell, rent, or share your data with advertisers.
How data flows
Client intake submissions are visible only to the Artist they were sent to. Artists’ public mini-site fields (name, city, bio, services, availability) are public by design — that’s the point of the link.
Payments use Stripe Connect Express. We never see card numbers; Stripe handles all PCI-compliant storage.
Third parties we use
- Supabase — database, authentication, file storage.
- Stripe — deposit payments and Connect payouts.
- Vercel — hosting + edge delivery.
- Resend — transactional email (booking confirmations, etc.).
- Google Calendar API — only for artists who opt in to Google Calendar integration. See below for full details.
- Meta Graph API — only for artists who opt in to Instagram DM integration.
- OpenAI — only for AI auto-reply; processes incoming DM text to generate replies; no DMs are used to train models.
Google Calendar integration
Artists may optionally connect their personal Google Calendar account. When connected, Collabo.ink accesses Google Calendar data solely to provide the following features:
- Booking events: confirmed bookings are written to the artist’s Google Calendar as events so sessions appear in their existing workflow.
- Availability blocking: existing Google Calendar events are read to identify unavailable time slots and prevent double-bookings on the artist’s public booking page.
The Google Calendar data we access (event titles, times, and descriptions) is used exclusively to provide the two features above. It is not shared with any third party, not used for advertising, and not used to develop, improve, or train any AI or machine learning model. Artists can disconnect Google Calendar at any time from their dashboard settings, at which point we delete the stored OAuth tokens immediately.
Cookies
Data retention
- Account data: kept while the account is active. Deleted immediately on account deletion. Payment records are retained per applicable financial regulations (~7 years).
- Intake reference images: kept in a private bucket; only the owning artist can read. Soft-holds that expire without intake submission are auto-cleaned.
Your rights
You can request access to, correction of, or deletion of your personal data by emailing hello@collabo.ink. Artists can also delete their account from Settings → Account & Security. Client data removal requests submitted via /data-deletion are fulfilled within 30 days.