Privacy Policy

Quadcores ("we", "us", or "our") operates the Quadcores platform — a studio management and booking solution for tattoo, barber, and body-art businesses. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website at quadcores.com and our web application.

By using Quadcores, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

1.1 Information you provide directly

• Account registration: name, email address, studio name, and password.
• Profile & studio details: logo, location, artists, operating hours, services offered.
• Payment information: billing details processed via Stripe. We never store raw card numbers.
• Communications: messages you send to our support team.
• Client records: data you enter about your clients (names, contact info, medical history, consent forms) as part of your studio's use of our platform.

1.2 Information collected automatically

• Log data: IP address, browser type, pages visited, time and date, referring URLs.
• Device data: device type, operating system, screen resolution.
• Usage data: features used, clicks, session duration, error events.
• Cookies & trackers: session tokens, preference cookies, and analytics identifiers (see Cookies section).

1.3 Third-party data

If you sign in via Google or another OAuth provider, we receive your name and email from that provider, subject to their own privacy policies.

We use the information we collect to:

• Provide, operate, and maintain the Quadcores platform.
• Process payments, manage subscriptions, and issue invoices.
• Send transactional communications (booking confirmations, receipts, password resets).
• Send product updates, feature announcements, and newsletters (you may opt out at any time).
• Analyse usage trends to improve the product.
• Detect, prevent, and investigate fraud, abuse, or security incidents.
• Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your client records data to train AI models or for purposes beyond providing the service.

We may share your information with:

• Stripe: payment processing. Your card details are handled entirely by Stripe and never reach our servers.
• Twilio / SMS providers: for sending SMS appointment reminders on your behalf.
• Analytics providers (e.g. PostHog): anonymised usage data to help us understand product performance.
• Cloud infrastructure (e.g. Google Cloud, Vercel): hosting and database services.
• Legal requirements: if required by law, court order, or to protect the rights and safety of Quadcores, our users, or the public.
• Business transfers: in the event of a merger, acquisition, or sale of assets, your data may transfer to the new entity subject to equivalent privacy protections.

All third-party processors are bound by data processing agreements requiring them to protect your information.

We use the following types of cookies:

• Essential cookies: session authentication, CSRF protection, and preference storage (e.g. theme). These cannot be disabled.
• Analytics cookies: anonymised usage tracking to improve our product. You may opt out via browser settings or our cookie banner.

We do not use advertising or cross-site tracking cookies. You can control cookie behaviour in your browser settings. Disabling essential cookies will prevent you from logging in.

We retain your account information for as long as your account is active. After account deletion, we delete or anonymise your personal data within 30 days, except where we are legally required to retain records for a longer period (e.g. financial records under tax laws — typically 7 years).

Client records you store in Quadcores are retained for as long as your studio account is active. Upon request or account deletion, we will export and then delete this data.

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Correction: request that inaccurate data be corrected.
• Deletion: request erasure of your personal data ("right to be forgotten").
• Portability: receive your data in a structured, machine-readable format.
• Objection / Restriction: object to or restrict certain processing activities.
• Opt-out of marketing: unsubscribe from marketing emails at any time via the link in any email.

If you are located in the EU/EEA, you also have the right to lodge a complaint with your local supervisory authority.

We implement industry-standard security measures including:

• TLS 1.2+ encryption for all data in transit.
• AES-256 encryption for sensitive data at rest.
• Role-based access control within Quadcores infrastructure.
• Regular security audits and dependency updates.
• Bcrypt hashing for all passwords.

Our servers are primarily located in the United States. If you are accessing Quadcores from outside the US, your information may be transferred to and processed in the US. We ensure appropriate safeguards are in place (such as Standard Contractual Clauses for EU data) to protect your information during international transfers.

Quadcores is intended for use by businesses and adults. We do not knowingly collect personal information from individuals under 18 years of age. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

Note: our platform includes features for studios that work with minor clients. In those cases, studios are responsible for obtaining appropriate parental consent before recording client information.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app notification at least 14 days before the changes take effect. The "Effective date" at the top of this page will also be updated.

Continued use of Quadcores after the effective date constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: