Trust and Security
How we protect your data and your clients' data.
Compliance
YKO Labs operates in compliance with major global privacy and payment standards. We focus on what is legally required to serve beauty, salon, barber, and personal care businesses worldwide.
Infrastructure
We build on infrastructure providers that hold their own SOC 2 Type II and ISO/IEC 27001 certifications. Your data inherits the physical, network, and operational security of these providers.
Our security practices
Daily controls implemented within the YKO Labs platform:
Your privacy rights
Under GDPR, UK GDPR, and CCPA/CPRA, you have the right to access, correct, export, and delete your personal data, and the right to withdraw your consent. To exercise these rights, contact us at privacy@ykolabs.com, and we will respond within 30 days.
California residents: we do not sell or share your personal information for cross-context behavioral advertising.
Sub-processors and DPA
A complete and up-to-date list of sub-processors is published above. We will notify customers at least 30 days in advance of any additions or material changes. Enterprise customers may request a countersigned Data Processing Agreement (DPA) by contacting privacy@ykolabs.com.
Reporting a security issue
We welcome responsible disclosures from security researchers. Please email security@ykolabs.com with reproduction steps. We respond within 2 business days and, upon resolution of the issue, credit researchers (with their permission) on this page.
Last updated: 30 June 2026