TikLynx

Privacy Policy

SimmTech Software LLC, DBA TikLynx

Effective Date: April 23, 2026

Last Updated: May 5, 2026

1. Who We Are

SimmTech Software LLC, doing business as TikLynx ("TikLynx," "we," "us," or "our"), operates a multi-tenant event ticketing and management platform. We provide technology services that enable event organizers ("Organizations") to sell and manage tickets, and enable individuals ("Buyers" or "you") to purchase tickets to events.

This Privacy Policy explains how we collect, use, share, and protect your personal information when you interact with our platform, whether through our website, mobile application, or embedded ticketing widgets on Organization websites.

2. Information We Collect

2.1 Information You Provide Directly

When you purchase tickets or create an account, we may collect:

  • Contact information: name, email address, phone number
  • Mailing address (when required by the Organization for the event)
  • Account credentials: email and password (passwords are stored in hashed form and are never accessible in plaintext)
  • Custom responses: answers to event-specific questions configured by the Organization (e.g., dietary preferences, accessibility needs, t-shirt size)
  • Order notes: any free-text notes you provide during checkout
  • Support inquiries: information you provide when contacting us or submitting feedback

2.2 Information Collected Automatically

When you use our platform, we may automatically collect:

  • Device and browser information: IP address, browser type, operating system
  • Usage data: pages visited, features used, timestamps
  • Cookies and similar technologies: session identifiers for authentication and platform functionality

2.3 Payment Information

We do not store credit card numbers, CVVs, or bank account details. All payment processing is handled by our third-party payment processor, Stripe, Inc. Payment card data is entered directly into Stripe's secure, PCI-compliant embedded forms and is transmitted directly to Stripe's servers. We receive only a limited token, the card brand (e.g., Visa), and the last four digits of the card number for display and receipt purposes.

For more information on how Stripe handles your data, please review Stripe's Privacy Policy.

2.4 Information From Organizations

Organizations using our platform may import or enter information about their customers, including names, email addresses, phone numbers, and general notes. We do not control or validate the content that Organizations enter into their accounts, including free-text fields. It is possible that an Organization may manually enter sensitive information (such as financial details) into notes or other unstructured fields. We advise Organizations not to do so, but we cannot prevent it.

3. How We Use Your Information

We use your personal information for the following purposes:

  • Processing transactions: completing ticket purchases, issuing tickets (digital and/or print), processing refunds
  • Communicating with you: sending order confirmations, ticket delivery, event updates, and password reset emails
  • Providing customer support: responding to inquiries and resolving issues
  • Platform operations: maintaining account security, preventing fraud, enforcing our Terms of Service
  • Improving our services: analyzing usage patterns and platform performance (in aggregate, non-identifying form)

We do not use your personal information for third-party advertising. We do not sell your personal information.

4. How We Share Your Information

4.1 With Event Organizations

When you purchase a ticket, the Organization hosting the event receives your personal information as necessary to fulfill the event, including your name, email address, phone number (if provided), mailing address (if collected), responses to custom questions, and order details.

Important: Once your information is shared with an Organization, that Organization becomes an independent controller of your data. Their use of your information is governed by their own privacy policies and practices, which are outside of TikLynx's control. We encourage you to review the privacy practices of any Organization whose events you attend.

4.2 With Service Providers

We share information with third-party service providers who assist us in operating our platform, including:

Provider Purpose Data Shared
Stripe, Inc. Payment processing Payment card data (entered directly), transaction amounts
Amazon Web Services (AWS) Cloud hosting, email delivery (SES), file storage (S3), message queuing (SQS) All platform data (encrypted at rest and in transit)

These providers are contractually obligated to use your information only for the purposes of providing services to us. All service providers listed above are required to protect personal information at a level equal to or greater than that described in this Privacy Policy, and to use the data only for the purposes for which it was disclosed.

4.3 As Required by Law

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, the safety of our users, or the integrity of our platform.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

5. Data Retention

We retain your personal information for as long as necessary to:

  • Fulfill the purposes described in this policy
  • Comply with legal and regulatory obligations
  • Resolve disputes and enforce our agreements

Ticket order records, including buyer name, email, and transaction details, are retained for the duration of the Organization's account and as required for financial record-keeping and dispute resolution. Organizations may delete customer records through their dashboard, subject to our soft-deletion and audit retention policies.

6. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest (AWS infrastructure)
  • Hashed password storage
  • Role-based access controls
  • Audit logging of data access and modifications
  • PCI-compliant payment processing through Stripe (we never handle raw card data)

No system is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Opt-out of communications: Unsubscribe from non-transactional emails (transactional emails such as order confirmations cannot be opted out of)

To exercise any of these rights, please contact us at the address below. We will respond within 30 days.

Account deletion from the mobile app: If you have a TikLynx account, you may delete it directly from the mobile app under Profile → Account Settings → Delete Account, or by contacting us at the address below. Account deletion is final; we will retain only the records required for tax, financial, or legal compliance.

Note: Because Organizations independently receive and may retain your information, a deletion request to TikLynx does not automatically delete your information from an Organization's records. You should contact the Organization directly regarding their data practices.

8. Cookies

We use cookies and similar technologies strictly for platform functionality:

  • Session cookies: to maintain your login state and shopping cart
  • Security cookies: to prevent cross-site request forgery and other attacks

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Children's Privacy

Our platform is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

10. Multi-Tenant Architecture

TikLynx is a multi-tenant platform. Each Organization operates within an isolated account environment. Organization account administrators can access buyer information only for transactions associated with their own events. Organizations cannot access buyer data belonging to other Organizations.

11. Mobile Application

The TikLynx mobile application (available on Google Play and the Apple App Store under the package identifier com.tiklynx.app) provides the same core ticketing functionality as our website, with additional capabilities specific to mobile devices. This section describes the data practices that are unique to the mobile app.

11.1 Device Permissions

The app requests the following device permissions only when needed to deliver the corresponding feature. You may decline or revoke any permission through your device's settings; declining a permission will disable only the related feature and will not prevent you from otherwise using the app.

  • Camera (Android android.permission.CAMERA / iOS NSCameraUsageDescription): used solely to scan ticket QR codes and barcodes during check-in. Camera frames are processed on-device by an embedded barcode scanner and are not transmitted to TikLynx servers, recorded, or stored. Only the decoded ticket identifier is sent to our servers for validation.
  • Photos and media storage (Android READ_MEDIA_IMAGES, READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE): used to save ticket images or PDFs to your device when you choose to download them. We do not scan, upload, or read other files on your device.
  • Network access (Android INTERNET, ACCESS_NETWORK_STATE): required for the app to communicate with TikLynx servers and to detect connectivity changes.

11.2 Authentication and Sign-In

The mobile app supports the following sign-in methods: email and password, Google Sign-In (via Google Play Services), and Sign in with Apple (on iOS).

When you sign in with Google, we receive your name, email address, and Google account identifier solely to create or match your TikLynx account. We do not access your Google contacts, calendar, files, or any other Google data.

When you sign in with Apple, we receive a private relay email address (if you choose to hide your email) or your Apple ID email, your name (if you choose to share it), and a unique Apple-issued identifier solely to create or match your TikLynx account. We do not receive your underlying Apple ID, and we do not request any other Apple data.

After successful sign-in, the app stores authentication tokens (a JWT access token and a refresh token) in the device's secure local storage. These tokens are used to authenticate your subsequent requests to TikLynx servers and are not shared with third parties. You can clear them at any time by signing out of the app or uninstalling it.

11.3 On-Device Data and Caching

To support faster load times and limited offline viewing of tickets you have already purchased, the app may cache the following on your device: your account profile, event and ticket details for upcoming events, and recently viewed pages. This cached data is stored only on your device and is removed when you sign out or uninstall the app.

11.4 Network Security

All communication between the mobile app and TikLynx servers is transmitted over HTTPS/TLS. In production builds, the app additionally pins the server's TLS certificate (certificate pinning) and signs each request with an HMAC signature to prevent tampering and request replay.

11.5 Analytics, Advertising, and Tracking

The TikLynx mobile app does not include third-party analytics SDKs, third-party crash-reporting SDKs, advertising SDKs, or behavioral tracking technologies. We do not collect Android Advertising IDs (AAID) or Apple Identifiers for Advertisers (IDFA), and we do not share device data with advertising networks.

11.6 Push Notifications

The current version of the TikLynx mobile app does not send push notifications. If push notifications are added in a future release, this Privacy Policy will be updated to describe what is sent and how to opt out, and the app will request your permission before enrolling your device.

11.7 Children

The mobile app is rated for general audiences and is not directed to children under 13. See Section 9 (Children's Privacy) for details.

12. EU/UK Residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and the UK GDPR, including:

  • Right of access to the personal data we hold about you
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure ("right to be forgotten"), subject to legal retention requirements
  • Right to data portability in a commonly used, machine-readable format
  • Right to restrict or object to processing
  • Right to withdraw consent at any time, where processing is based on consent
  • Right to lodge a complaint with your local supervisory authority

Our legal bases for processing your personal data are: (a) performance of a contract (creating your account, fulfilling ticket purchases, providing customer support), (b) legitimate interests (preventing fraud, securing the platform, improving our services), (c) compliance with legal obligations (tax records, financial reporting), and (d) your consent where applicable (e.g., optional marketing communications).

Personal data processed by TikLynx is transferred to and stored in the United States, where our infrastructure is hosted. For transfers from the EEA, the UK, or Switzerland to the United States, we rely on the European Commission's Standard Contractual Clauses (or the UK Addendum / Swiss equivalent, as applicable) as the legal mechanism for international transfer.

13. California Residents

California residents have rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including:

  • The right to know what categories of personal information we collect, the sources, the business purposes for collection, and the third parties with whom we share it
  • The right to delete personal information we have collected, subject to legal retention requirements
  • The right to correct inaccurate personal information
  • The right to limit the use and disclosure of sensitive personal information
  • The right to opt out of the sale or sharing of personal information for cross-context behavioral advertising
  • The right to non-discrimination for exercising any of these rights

We do not sell or share personal information for cross-context behavioral advertising, and we have not done so in the preceding 12 months. We do not knowingly sell or share the personal information of any consumer under 16 years of age.

To exercise any of these rights, contact us at privacy@tiklynx.com. We may need to verify your identity before fulfilling certain requests. You may also designate an authorized agent to make a request on your behalf.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this policy. Continued use of our platform after changes are posted constitutes your acceptance of the updated policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

SimmTech Software LLC
DBA TikLynx

Email: privacy@tiklynx.com

TikLynx

© 2026 SimmTech Software LLC. All rights reserved. Terms Privacy Support
An error has occurred. This application may no longer respond until reloaded. Reload 🗙