Privacy Policy

Introduction

This Privacy Policy explains how Shapiful ("we," "our," or "us") collects, uses, and protects personal data when you access or use our Service. It also describes your rights under the General Data Protection Regulation (GDPR) and Swedish/EU law.

By using Shapiful, you agree to this Privacy Policy. If you do not agree, you must stop using our Service.

Data We Collect

We may collect the following categories of personal data:

  • Account Information - name, email, login credentials, and authentication provider (e.g., Google).
  • Design & Usage Data - uploaded STL files, generated models, user activity within the Service.
  • Payment Information - processed securely via third-party providers; we do not store credit card details.
  • Technical Data - IP address, device/browser information, cookies, and analytics data.

How We Use Your Data

We process your personal data to:

  • Provide, maintain, and improve the Service.
  • Authenticate your account and secure access.
  • Process payments and manage subscriptions.
  • Communicate with you about updates, support, and offers.
  • Comply with legal obligations.

Legal Basis for Processing

We rely on the following legal grounds:

  • Contract - to deliver the Service you signed up for.
  • Consent - for optional features like newsletters or analytics cookies.
  • Legal Obligation - to comply with tax, accounting, and regulatory requirements.
  • Legitimate Interest - to ensure security, prevent fraud, and improve performance.

Data Sharing

We may share data with:

  • Service Providers - e.g., hosting, analytics, payment processors.
  • Legal Authorities - if required by law or valid legal process.
  • Business Transfers - in the event of a merger, acquisition, or restructuring.

We ensure all third parties comply with GDPR through data processing agreements.

International Data Transfers

If personal data is transferred outside the EEA/Switzerland, we ensure appropriate safeguards (e.g., Standard Contractual Clauses approved by the EU Commission).

Data Retention

We retain personal data only as long as necessary to:

  • Provide the Service.
  • Comply with legal and accounting obligations.
  • Resolve disputes and enforce agreements.

Design files may be deleted when you remove them from your account.

Your Rights

Under GDPR, you have the right to:

  • Access your data.
  • Correct inaccurate information.
  • Request deletion ("right to be forgotten").
  • Restrict or object to processing.
  • Port your data to another provider.
  • Withdraw consent (where applicable).

Requests can be made by contacting us (see contact information).

Security

We implement appropriate technical and organizational measures to protect data against unauthorized access, loss, or misuse. However, no system is completely secure.

Cookies & Tracking

We use cookies and similar technologies for:

  • Essential functionality.
  • Analytics and performance improvements.
  • (Optional) Marketing and personalization, with consent.

You can control cookies in your browser settings.

Contact Information

If you have questions or wish to exercise your rights, contact us at:

Email: contact@shapiful.com

Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated through the Service or email. Continued use after updates means acceptance.