Privacy Policy

We collect the following types of information to provide and improve our services:

• Personal Information: Name, email address, phone number, and date of birth provided during booking or consultation.
• Payment Information: Payment details processed securely through Stripe. We do not store your credit card numbers, CVV, or full card details on our servers — Stripe handles all payment data in compliance with PCI-DSS standards.
• Medical & Health Information: Allergies, medical conditions, medications, and other health-related information disclosed on your consent form. This information is critical for your safety during the tattooing process.
• Photos of Completed Work: We may photograph your completed tattoo for our portfolio and quality assurance records. Photos are only used publicly (website, social media) with your explicit permission.
• Communication Records: Emails, messages, and notes related to your bookings, consultations, and design preferences.
• Referral Program Data: If you participate in our referral program, we collect partner business information and referral tracking data to administer discounts and commissions.

Your information is used for the following purposes:

• Booking & Scheduling: To process appointments, manage deposits, and coordinate your tattoo sessions.
• Communication: To send appointment confirmations, reminders, aftercare instructions, and respond to your inquiries.
• Medical Safety: To review your health information before tattooing to ensure the process is safe for you.
• Portfolio & Marketing: With your written permission, to showcase completed work on our website and social media.
• Referral Program Administration: To track referrals, apply discounts, and process partner commissions.
• Legal Compliance: To meet health regulation record-keeping requirements and respond to legal obligations.

All payments — including deposits, consultation fees, and session balances — are processed through Stripe, a leading payment processor.

• We never store your full credit card number, CVV, or sensitive card data on our systems.
• Stripe is PCI-DSS Level 1 compliant, the highest level of certification in the payment industry.
• We may retain a Stripe customer ID and the last four digits of your card for reference purposes only.
• For details on how Stripe handles your data, visit Stripe's Privacy Policy.

We use minimal cookies and session storage. Specifically:

• Session cookies for admin authentication and role management within our booking system.
• Stripe session data temporarily stored during the checkout process.
• We do not use advertising cookies or third-party tracking pixels.
• We do not use analytics cookies that track individual behavior across sites.

Client records — including consent forms, health disclosures, and service records — are retained for a minimum of 7 years in compliance with health and safety regulations applicable to tattoo studios.

• Booking and payment records are retained for 7 years for tax and legal compliance.
• Communication records are retained for 3 years unless a longer period is required.
• Portfolio photos are retained indefinitely unless you request removal (see Section 7).
• Referral program data is retained for the duration of the partnership plus 2 years.

We share information with the following third-party services as necessary:

• Stripe: For secure payment processing. Stripe receives your payment details to process transactions.
• Vercel: Our website is hosted on Vercel. Vercel may process server logs that include IP addresses and basic request data.

We do not sell, rent, or trade your personal information to any third party for marketing or any other purpose.

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate information in your records.
• Request deletion of your personal data, subject to legal retention requirements (e.g., consent forms and health records must be retained for the required 7-year period).
• Withdraw consent for portfolio use of your photos at any time.

To exercise any of these rights, contact us at the information provided in Section 9 below. We will respond to all requests within 30 days.

Synergy Tattoo operates in Rexburg, Idaho, United States. Our data practices comply with applicable U.S. federal and Idaho state privacy laws.

• We comply with Idaho health and safety regulations for tattoo establishments regarding record-keeping.
• We do not knowingly collect personal data from individuals under the age of 16 without parental consent.
• If you are a resident of a state with specific consumer privacy rights (e.g., California, Colorado, Virginia), you may contact us to exercise your applicable rights.

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us:

We may update this Privacy Policy from time to time. When we make significant changes, we will update the "Last Updated" date at the top of this page. Continued use of our services after changes are posted constitutes acceptance of the updated policy.