Privacy Policy

Data Controller

cyc4arts OÜ
Narva mnt 5
10117 Tallinn

1. Introduction

Your privacy is important. This Policy explains how we collect, use, store, and protect your personal data when you visit our website and purchase Print Templates.

2. Data We Collect

• Session data: session_id in localStorage for plot generation and favorites.
• Order data: email (if provided), transaction details, purchase history.
• Payment data: raw payment details are never stored by us; processed securely via paddle.
• Usage data: pages visited, interactions with sliders and plots.

3. Legal Basis for Processing

• Performance of contract: to generate and deliver digital goods.
• Legitimate interests: to improve service, detect fraud, and ensure security.

4. Cookies & Tracking

We use minimal cookies/session storage only for maintaining your session and Braintree drop-in functionality. No third-party analytics by default.

5. Data Sharing & Transfers

• Payment gateway: Braintree (a PayPal service), may transfer data to the U.S. under standard contractual clauses.
• Database hosting: Heroku Postgres within the EU.

We do not rent or sell your data to third parties.

6. Data Retention

• Plots & favorites: retained up to 12 months unless you request deletion.
• Payment records: retained for 10 years as required by German tax law.

7. Your Rights

Under the GDPR, you have the right to:

• Access your personal data.
• Rectify or delete inaccurate data.
• Request restriction of or object to processing.
• Data portability.
• Withdraw consent at any time (where applicable).

To exercise these rights, use contact formular in main menu.

8. Security Measures

We implement organizational and technical measures (TLS, secure key storage) to protect your data.

9. Updates to This Policy

We may update this Policy; changes take effect upon publication. The “Last updated” date will reflect revisions.