Affichr is committed to protecting your privacy. This policy explains what personal information we collect, why we collect it, who we share it with, and your rights regarding your data.
Affichr is operated by Nima Jolan, registered at 2065 Parthenais #293, Montreal, QC H2K 3T1, Quebec, Canada.
For the purpose of data protection law, Affichr is the data controller for the personal information described in this policy. Artists using Affichr to manage their client relationships are independent data controllers for the client data they access through the platform.
Questions about this policy: info@affichr.com
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Creating and managing your account | Name, email, password | Contract / Consent |
| Processing booking requests and appointments | Profile, booking data, payment data | Contract |
| Collecting deposits and processing payments | Payment data, Stripe token | Contract |
| Sending appointment confirmations and reminders | Email, phone number, push token, reminder preferences | Contract / Consent / Legitimate interest |
| Sending subscribed cancellation-list alerts by client availability or area | Cancellation-list preferences, selected alert channels, weekly windows, approximate client location, artist broadcast target area, and unsubscribe or STOP status | Consent / Legitimate interest |
| Rate limiting public booking, uploads, and abuse-prone workflows | Hashed IP address or email where applicable, user agent, outcome/reason code, timestamps, and limited upload metadata | Legitimate interest / Legal obligation |
| Health screening before tattoo services | Health questionnaire answers | Legal obligation (health regulations) / Vital interests |
| Generating and storing consent forms | Health data, signature, IP address | Legal obligation (provincial health regulations) |
| Video consultations | Meeting tokens, appointment data | Contract / Consent |
| Sending marketing emails (to opted-in users) | Email, name | Explicit consent (CASL) |
| Providing AI Assistant features | AI messages and enabled account context, excluding health questionnaire answers, processed by the configured AI provider or self-hosted model endpoint | Consent / Contract |
| Handling access, deletion, correction, and limitation requests | Hashed requester email and IP address, request type, verification status, retained-record reasons, and operator notes | Legal obligation / Legitimate interest |
| Monitoring reliability and resolving support issues | Redacted app or Edge Function event metadata, redacted errors, route/screen/platform, status, and hashed contact data where provided | Legitimate interest |
| Moderating uploaded images for safety and platform abuse | Uploaded image metadata and temporary image review data | Legitimate interest / Legal obligation |
| Preventing fraud and abuse | IP address, login events | Legitimate interest / Legal obligation |
| Complying with legal obligations (tax records, health records) | Transaction data, consent forms | Legal obligation |
| Improving the platform | Aggregated usage data, crash reports | Legitimate interest |
| Data Type | Retention Period | Reason |
|---|---|---|
| Account data (active account) | Until you delete your account | Service delivery |
| Account data (deleted account) | 30 days (then permanently deleted) | Account recovery window |
| Consent forms & health records | 7 years minimum | Legal requirement (provincial health regulations) |
| Payment and transaction records | 7 years | Tax law / CRA requirements |
| Appointment history | 3 years after last appointment | Dispute resolution / Legal claims |
| Communication logs (in-app messages) | 2 years after account closure | Dispute resolution |
| Uploaded design files | Until the artist deletes them or closes their account | Artist ownership of their files |
| Declined or deleted booking reference images | 30 days after declined or deleted request aging | Booking reference cleanup and PII minimization |
| AI conversations | 90 days unless deleted earlier | Assistant continuity, abuse prevention, and support |
| AI rate-limit and audit logs | 180 days | Security, abuse prevention, and troubleshooting |
| Public booking and upload abuse telemetry | 30 days | Rate limiting and abuse prevention |
| App monitoring events | 30 days for resolved or ignored events; 90 days for non-open events; open events require operator review | Reliability troubleshooting with PII minimization |
| Push notification tokens | Until disabled, expired, deleted, or account closure | Notification delivery |
| Push delivery logs | Up to 1 year | Delivery troubleshooting and abuse prevention |
| Client location used for cancellation-list broadcasts | Until the client removes the preference, the artist deletes/anonymizes the client record, or the account closes, subject to legal retention exceptions | Subscribed nearby-opening alerts and artist travel broadcasts |
| Marketing consent records | 3 years after consent (CASL requirement) | CASL compliance |
| Login security telemetry and device fingerprints | 180 days | Security, suspicious-login investigation, and user alerts |
| Privacy request workflow records | Request lifecycle plus legal audit policy | DSAR verification, review, retained-record documentation, and legal compliance |
| Admin audit logs | Operational/legal policy | Admin accountability and security investigations |
We share your data with the following third parties only to the extent necessary to operate Affichr. We do not sell your personal data.
| Provider | Purpose | Data Shared | Location | Privacy Link |
|---|---|---|---|---|
| Supabase | Database, authentication, private file storage, Edge Functions, and retention workflows (our backend) | All data stored on the platform | AWS (us-east-1 or your chosen region) | supabase.com/privacy |
| Stripe, Inc. | Payment processing, deposit collection | Name, email, tokenized card data, transaction amounts | USA | stripe.com/privacy |
| Twilio | SMS appointment reminders and notifications | Phone number, message content | USA | twilio.com/legal/privacy |
| Resend | Transactional and reminder emails | Email address, name, appointment details | USA | resend.com/privacy |
| Daily.co | Video consultations | Meeting tokens, session metadata (no video stored) | USA | daily.co/privacy |
| Google (Calendar API) | Google Calendar sync (artists who enable it) | Appointment dates, times, titles (no health data) | USA | policies.google.com/privacy |
| Google Firebase / FCM | Push notification delivery and mobile app infrastructure | Device push tokens, notification metadata, delivery status | USA / global infrastructure | policies.google.com/privacy |
| PostHog | Privacy-scoped product analytics and feature usage measurement | Account ID, role, plan, app version, platform, and non-sensitive workflow events | USA | posthog.com/privacy |
| Groq | Cloud AI Assistant model provider when selected | AI messages and enabled non-health account context | USA | groq.com/privacy-policy |
| Google Gemini API | Fallback AI model provider and image-safety moderation where enabled | AI messages, enabled non-health account context, uploaded image review data | USA / global infrastructure | policies.google.com/privacy |
| Self-hosted or OpenAI-compatible model endpoint | Optional AI Assistant model provider configured by the deployment | AI messages and enabled non-health account context | Deployment-controlled location | Controlled by the deployment operator |
| Browserless.io | PDF generation for consent forms | HTML content of consent forms (ephemeral, not stored) | USA | browserless.io/privacy |
The AI Assistant is optional and requires an in-app disclosure acceptance before use. You may turn off AI access in settings. If enabled, Affichr sends your prompt and enabled account context to the configured AI model provider to generate a response. Default context is conservative and focuses on appointments, availability, and aggregate deposit status. Additional context sources such as client names, tags, private client notes, consultation notes, booking requests, project information, and search results require additional selection or configuration. Health questionnaire answers, consent form health answers, full payment card data, and authentication secrets are not included in AI Assistant context.
Affichr may use a cloud model provider or a deployment-controlled self-hosted model endpoint. When self-hosted AI mode is configured, cloud fallback is disabled unless the deployment explicitly enables cloud fallback.
Some uploaded images may be reviewed by automated image-safety systems to detect unsafe, unlawful, or abusive content. Affichr stores moderation metadata and decisions, not additional copies of image bytes beyond the underlying uploaded file needed to provide the service.
Depending on where you live, you have the following rights regarding your personal data. To exercise any right, contact us at info@affichr.com. We will respond within 30 days where practical, or within the timeframe required by applicable law, including 45 days for verified CCPA-style requests where that timeframe applies. Some public booking pages may also offer a scoped access, deletion, correction, or limitation request flow for client records tied to a specific artist relationship.
Public privacy request flows return a neutral response and do not confirm whether a matching record exists. The workflow stores hashed requester email and IP information, may send an email verification challenge, and requires operator review before export, correction, limitation, anonymization, or deletion is completed. Records that must be retained for legal, financial, health, fraud-prevention, security, or dispute reasons may be preserved with the retained reason documented.
Client-facing exports are designed to include client-provided data, appointments, consent records, messages, shared designs, and shared consultation materials. They do not include internal artist notes by default. Where an access request legally requires review of internal notes that contain personal data, Affichr or the artist may provide the required information in a redacted or summarized form to protect the rights and privacy of others.
Badges: CA Canada (PIPEDA) · EU EU/UK (GDPR) · CA-US California (CCPA)
The Affichr mobile app does not use browser cookies. Affichr may use privacy-scoped product analytics in the mobile and web app to understand feature usage and improve workflows. Analytics collection can be disabled in app settings where available. If you access Affichr via a web browser, we may use:
Operational monitoring events are filtered before storage to reduce collection of emails, phone numbers, IP addresses, health data, payment details, tokens, signed URLs, storage paths, screenshots, and free-form notes. We do not use advertising cookies or share data with advertising networks. We do not use session replay.
If you believe a minor has registered on Affichr, please notify us immediately at info@affichr.com.
Affichr implements industry-standard security measures including:
No system is 100% secure. If you believe your account has been compromised, contact us immediately at info@affichr.com.
In the event of a personal data breach that poses a risk to individuals, Affichr will:
Affichr is based in Canada. Your data may be processed by our service providers, including Supabase, Stripe, Twilio, Resend, Daily.co, Google, PostHog, Groq, Gemini, Browserless.io, or a deployment-controlled self-hosted model endpoint, in the United States or other countries where their infrastructure operates. A self-hosted model endpoint may process AI context in the location chosen by that deployment operator. The US does not have an adequacy decision from the EU. Where required by GDPR, we rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards for data transfers to the US and other non-adequate jurisdictions.
By using Affichr, you consent to this transfer, subject to the safeguards described above.
Affichr may collect consumer health data when clients submit health questionnaires, contraindication information, pregnancy status, medication information, allergies, skin condition information, consent forms, or other information connected to tattoo, salon, consultation, or body-service safety. Depending on your location, this information may be protected by state consumer health data laws, including Washington's My Health My Data Act.
Consumer health data is collected directly from the client, from the artist or studio when they document a consent or service record, and from service activity needed to create appointments, consent PDFs, reminders, and records.
We use consumer health data to provide the requested booking and consent-form service, help the artist assess whether the service can be performed safely, comply with health-record retention requirements, prevent fraud or abuse, and respond to lawful requests. We share consumer health data only with the artist or studio connected to the appointment, our infrastructure processors, and legal or safety recipients where required or permitted by law. We do not sell consumer health data.
Where applicable, you may request access, deletion, withdrawal of consent for future collection or sharing, and information about how your consumer health data is used. Some records, including signed consent forms and legally required health or transaction records, may be retained for the required period even after a deletion request.
Affichr does not use geofencing around health care facilities to identify, track, or target consumers based on consumer health data.
Affichr complies with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
Privacy Officer: Nima Jolan, info@affichr.com
You may also file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.
If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) or UK GDPR applies to the processing of your personal data.
Our legal bases for processing are:
To exercise your GDPR rights, contact our Data Protection Officer (DPO) at info@affichr.com. You also have the right to lodge a complaint with your local data protection authority (e.g., the CNIL in France, the ICO in the UK).
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the CPRA gives you additional rights.
Identifiers (name, email, phone, IP address, hashed identifiers used for privacy requests and abuse prevention), commercial information (booking and payment history), internet or electronic network activity (app usage, device data, public booking telemetry, login security telemetry, and redacted monitoring metadata), geolocation at the city or region level where inferred from IP address or supplied in profile settings, audio/visual information you upload, professional or business information for artists and studios, sensitive personal information (health questionnaire answers, account login credentials, precise service-related information where supplied), and inferences drawn from the above.
We also do not use or disclose sensitive personal information for purposes other than providing requested services, security, fraud prevention, legal compliance, service improvement, or other purposes permitted by law without a separate right to limit.
California residents may exercise the following rights by contacting us at info@affichr.com:
We will respond to verified CCPA requests within 45 days (extendable by an additional 45 days with notice).
Residents of certain US states may have rights to access, correct, delete, or obtain a copy of personal information, opt out of certain targeted advertising or sales, limit or opt out of certain sensitive data processing, and appeal a denied request. Affichr does not sell personal information and does not share personal information for cross-context behavioral advertising. If a state-specific right applies to you, contact us at info@affichr.com and identify your state of residence.
Because Affichr serves artists, studios, salons, and clients across North America, state-specific requirements may apply differently depending on your role, location, the artist's location, and the type of data involved.
We may update this Privacy Policy from time to time. When we do, we will update the "Effective" date at the top and notify registered users by email at least 30 days before material changes take effect. Continued use of Affichr constitutes acceptance of the updated policy.
For any privacy-related questions, requests, or complaints:
If you are not satisfied with our response, you may escalate to the relevant authority: