pink.shopTerms
Privacy

Privacy Policy

Last updated: April 23, 2026

1. Who we are

Pink Shop ("we," "us," "our") is operated by Rindos Labs, a digital agency helping international brands launch on TikTok Shop in the United States. This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and the choices available to you.

2. Information we collect

We collect information in three categories:

  • Account information — email address, name, role, and authentication tokens issued by our auth provider (Supabase).
  • Brand and intake information — information you provide via the intake form or in conversation with Rindos Labs, including brand name, country, website, contact details, revenue range, product category, compliance status (US entity, EIN, bank accounts, business representative), and any notes you share.
  • TikTok Shop data — when you authorize us to connect to your TikTok Shop, we access shop identifiers, products, orders, order status, promotions, settlement summaries, and creator partnership data from the TikTok Shop Partner APIs. We store refresh tokens (encrypted) to keep the integration active.

We also collect standard technical information (IP addresses, browser metadata, pages viewed) via our hosting and analytics providers.

3. How we use information

We use the information to:

  • Operate Pink Shop and deliver the services described in your engagement.
  • Communicate with you about your application, onboarding, and ongoing shop operations.
  • Authorize and maintain the TikTok Shop integration on your behalf.
  • Monitor service health, prevent abuse, and debug errors.
  • Meet legal obligations.

We do not sell your personal information, and we do not use it for advertising.

4. Sensitive information

Some onboarding flows require sensitive identifiers — most notably the US Social Security Number of a nominated business representative, required by TikTok Shop for verification. We store these fields encrypted at rest and use them solely for the purpose of completing the verification required by TikTok or the US IRS. You can request deletion of this data after verification is complete.

5. Who we share information with

We share information only with service providers that help us operate Pink Shop, including:

  • Supabase (hosted Postgres + authentication).
  • Vercel (application hosting).
  • TikTok Shop (Partner API provider).
  • Resend (transactional email, when configured).
  • Compliance partners (e.g., Doola) that we use to facilitate US entity formation, banking introductions, or business representative services — only with your knowledge and consent.

Each provider is bound by contract to handle the data securely and only for the purposes we direct. We may also disclose information if required by law, to protect rights, or in connection with a business transfer.

6. Data retention

We retain account, brand, and intake data for the duration of your engagement and for a reasonable period afterwards to meet legal and operational obligations (typically up to 7 years for records related to compliance, tax filings, or banking introductions). You can request earlier deletion of non-required records by contacting us.

7. Security

We use reasonable administrative, technical, and physical safeguards to protect your information. OAuth tokens and sensitive identifiers (including SSN) are encrypted at rest. Access is role-gated — only authorized Rindos Labs admins can see a brand's full record. We review access logs periodically. No system is perfectly secure; please let us know at once if you suspect unauthorized access.

8. International transfers

Rindos Labs is a US-incorporated entity, and our hosting and service providers store and process data on US-based infrastructure. Some authorized team members access the platform from Australia for support purposes. By using Pink Shop you agree to the transfer of your information to the United States, which may have different data protection laws than your country.

9. Your rights

Subject to applicable law, you may have rights to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate data.
  • Request deletion or restriction of processing.
  • Object to certain processing.
  • Port your data to another service.
  • Withdraw consent where processing is based on consent.

Contact us at hello@pinkdigital.agency to exercise any of these rights. We'll respond within 30 days.

10. Cookies

Pink Shop uses essential cookies for authentication and session management. We do not use third-party advertising cookies. Your browser lets you block or clear cookies, though some parts of the Service may not work without them.

11. Children

Pink Shop is not intended for anyone under 18. We do not knowingly collect information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we'll post the new version here with an updated "Last updated" date. Material changes will be communicated to active clients by email.

13. Contact

Questions, requests, or complaints about this Privacy Policy can be sent to hello@pinkdigital.agency.