Effective Date: September 2025

Last Updated: September 2025

Inkarnate, Inc provides the map-making platform at https://inkarnate.com. This Privacy Policy explains what information we collect, why we collect it, how we use it, and your choices.

If you ever have questions or concerns, feel free to reach out at support@inkarnate.com.

Quick Summary

Here’s a simplified overview of the personal data we collect, why we collect it, and when it happens, to help you quickly understand how we handle your information when you use Inkarnate. For full details, see the sections below.

• Email, password, and social login: Used to create and manage your account, collected when you register or sign in.
• Purchase & payment info (Stripe/PayPal): Used to process orders securely, collected during checkout.
• Website usage data (PostHog): Used to improve our product and measure performance, collected when you browse (with consent).
• Marketing tracking data (Meta, Google, Reddit): Used to see how our ads perform and improve them, collected only if you give consent.

Information We Collect

We collect personal information in a few different ways: Directly from you, automatically through your use of Inkarnate, and via third-party tools that help us operate and improve our services.

1. Account and Contact Information

We collect your email and password, or account info from Google/Facebook if you use social login, to create and authenticate your account.

If you contact support, we use Intercom to handle your messages and account details so we can reply.

If you leave product feedback, we use Canny. Via Single Sign-On (SSO), we share only your email, name, and user ID.

2. Email Communications

We use third-party providers to send essential account emails (e.g., confirmations, password resets) and, if you consent, marketing messages such as newsletters. These services handle your email address and may track things like whether you opened or clicked an email, so we know messages are delivered and useful.

3. Payment and Purchase Information

When you make a purchase, your payment is processed by Stripe or PayPal. We do not store your full payment details ourselves. These processors handle your data in accordance with their own privacy policies.

We may receive confirmation of your payment, transaction amount, and purchase details for record-keeping and account entitlements.

4. Usage and Analytics Data

We collect data on how you interact with the Inkarnate platform, such as page visits, clicks, and feature usage to help us understand how our product is used.

We use PostHog to collect this data, stored on servers in the U.S. If you consent, it’s linked to your Inkarnate account. If not, it’s anonymous and only tied to your current session.

5. Marketing and Advertising Data

If you allow marketing, we share limited user-provided data with platforms like Meta (Facebook/Instagram), Google Ads, and Reddit. This helps us see when people sign up or buy after seeing an ad, so we know if our ads work. Sometimes, when you complete actions like a signup or purchase, we may securely send hashed versions of details you provided (such as email or IP address) (e.g. using SHA-256) so these platforms can better match conversions.

6. Technical and Diagnostic Information

We collect basic technical data to keep Inkarnate secure and running well. This includes your:

• IP address
• Browser and device type
• Operating system
• Language and time zone settings
• Crash reports or error messages
• Interactions with features and pages

We use this data to monitor performance, fix bugs, and detect abuse.

7. Location Information

We do not collect precise location data like GPS. However, we may infer your approximate location (such as country or region) from your IP address to localize your experience and ensure compliance with privacy laws.

8. Cookies and Similar Technologies

We use cookies to make Inkarnate work properly. They let you log in, keep your session active, remember your settings, and help us see how people use the site so we can improve it. See our Cookie Policy for details. We use Cookiebot to save your cookie choices so we can follow privacy laws.

• For visitors from the US, all cookies (including analytics and marketing) are enabled by default. You may opt out anytime via our Cookie Settings.
• For visitors from the EU/EEA and other regions, only the cookies needed for Inkarnate to work are active by default. We will only load extra cookies (like analytics or ads) if you say yes. Features like enhanced conversions or advanced matching are only enabled if you consent to marketing cookies, and are turned off if you decline or withdraw consent.

Why We Process Your Data

We use your personal data to operate and improve Inkarnate. Below is an overview of what we process, why, and which service providers help us:

• Account access: Authenticating your login, providing access to features based on your subscription, storing your maps and custom assets, and maintaining your session state so you stay logged in while navigating the site.
• Customer support: Processing your messages and account details through Intercom when you contact us for help.
• Product feedback: Collecting your feedback via Canny. When you log in, we share only your email, name, and user ID via Single Sign-On (SSO) so your feedback is linked to your account.
• Payments and purchases: Processing payments securely through Stripe and PayPal, and recording successful transactions to activate your subscription or purchased content.
• Hosting and security: Hosting and storing data with Amazon Web Services (AWS) and delivering content and protecting the site with Cloudflare.
• Analytics: Using PostHog to collect usage data (linked to your account with consent, anonymized otherwise) to identify popular features, areas of friction, and opportunities to improve the platform. With marketing consent, we also process event data like ad clicks, purchases, or signups to measure and optimize campaigns.
• Marketing (with consent): Sharing limited event data with Meta, Google Ads (Enhanced Conversions), and Reddit Ads (Conversions API / Advanced Matching) to match your conversion events with their own user records to better measure and improve advertising performance and accuracy of attribution, prevent fraud and deliver more relevant ads.
• Email communications: We use SendGrid to send account emails (like confirmations and password resets). If you consent, we also send marketing newsletters.
• Cookiebot (consent management): We use Cookiebot to collect and store your cookie preferences.
• Billing localization: We use ipinfo.io to detect your country code from your IP address so we can autofill billing information.

We process your personal data only when a valid legal basis applies, as required under GDPR and similar laws. Specifically:

• Consent: for analytics and marketing cookies or communications.
• Contract: to create and manage your account, process payments, and provide access to purchased services.
• Legal obligation: to comply with tax, accounting, and regulatory requirements.
• Legitimate interest: to secure our platform, prevent fraud, improve services, and ensure proper functionality.

If you are located in the European Union, United Kingdom, or another region with similar data protection laws, these same legal bases apply.

We never sell your personal data.

Where and How Long We Store Your Data

We store your personal data in the United States using trusted third-party providers for hosting, analytics, customer support, payments, and email delivery.

Where personal data is transferred outside your region (for example, from the EU/UK to the United States), we rely on safeguards such as the EU Standard Contractual Clauses and/or the EU–U.S. Data Privacy Framework. These transfers primarily involve service providers that support hosting (AWS), analytics (PostHog), customer support (Intercom), and payment processing (Stripe, PayPal).

We retain your personal data only as long as necessary for the purposes described. Specifically:

• Account data: kept until you delete your account or request removal.
• Payment records: retained as required by tax and financial regulations (up to 10 years in some jurisdictions).
• Support communications: stored for up to 3 years for reference and dispute resolution.
• Analytics data: stored up to 2 years, unless anonymized for long-term trends.
• Enhanced conversions data: identifiers such as email, phone, or address are securely hashed before sending to ad platforms (e.g., Google, Reddit). We keep this data only as long as needed to measure conversions and then delete or anonymize it.

You may request access to, or deletion of, your personal data at any time by contacting support@inkarnate.com.

Your Privacy Rights

Depending on where you live (e.g., EU/EEA, UK, or similar jurisdictions), you may have the following rights under data protection laws:

• Right of access to your personal data.
• Right to rectification of inaccurate data.
• Right to erasure (“right to be forgotten”).
• Right to restrict processing in certain cases.
• Right to data portability.
• Right to object to processing, including marketing.
• Right not to be subject to automated decision-making or profiling that significantly affects you.
• Right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise your rights, please contact us at support@inkarnate.com.

California Residents (CCPA/CPRA)

If you live in California, you have rights under the CCPA/CPRA, including the right to know what personal information we collect, request correction or deletion, opt out of the sale or sharing of personal data, and limit the use of sensitive information. You can exercise these rights here.

You can exercise your rights at https://inkarnate.com/contact.

Children’s Privacy

Inkarnate is for adults and older teens. Children under 16 in the EU/UK (or under 13 in the U.S. and other regions) should not use Inkarnate. If we learn we have collected data from a child, we will delete it quickly.

Contact

If you have any questions, concerns, or requests related to this policy or your personal data, please contact us at: support@inkarnate.com