Data Policy

• Full name and business contact information
• Email addresses and phone numbers
• Billing and shipping addresses
• Payment information (processed securely)
• Company name and industry information
• Order history and preferences

• Project specifications and requirements
• Artwork, logos, and design files
• Communication records (emails, calls, messages)
• Account preferences and settings

• IP addresses and geographic location
• Browser type, version, and language settings
• Device information and screen resolution
• Pages visited and session duration
• Referral sources and exit pages
• Search terms used on our site

• Website loading times and performance metrics
• Error logs and debugging information
• User interaction patterns
• Form completion rates

• Order Forms: Information you provide when placing orders
• Contact Forms: Details submitted through website inquiries
• Account Registration: Data provided when creating accounts
• Phone Calls: Information discussed during customer service calls
• Email Communications: Content of emails exchanged with us

• Cookies and Tracking: Browser cookies and similar technologies
• Analytics Tools: Google Analytics and other measurement tools
• Server Logs: Technical information about your website visits
• Security Monitoring: Data collected to prevent fraud and abuse

• Payment Processors: Transaction data from payment providers
• Shipping Services: Delivery status and tracking information
• Business Directories: Publicly available business information
• Marketing Partners: Data from authorized marketing collaborations

We process your data based on:

• Contract Performance: To fulfill orders and provide services
• Legitimate Interest: To improve services and prevent fraud
• Consent: For marketing communications and optional features
• Legal Compliance: To meet tax, accounting, and regulatory requirements

• Cloud Hosting: Secure servers with encryption and backup systems
• Database Security: Encrypted databases with access controls
• File Storage: Secure storage for artwork and design files
• Backup Systems: Regular backups with disaster recovery procedures

• SSL/TLS encryption for data transmission
• AES-256 encryption for data at rest
• Multi-factor authentication for admin access
• Regular security audits and vulnerability assessments
• Firewall protection and intrusion detection

• Employee training on data protection
• Access controls based on job responsibilities
• Regular review of data access permissions
• Incident response procedures
• Vendor security assessments

• Secure data center facilities
• Environmental controls and monitoring
• Physical access restrictions
• Equipment disposal procedures

• Active Customers: Data retained while account is active
• Order History: 7 years for tax and legal compliance
• Payment Information: Not stored unless customer opts in
• Communication Records: 3 years or until no longer needed

• Email Lists: Until unsubscribe or account deletion
• Website Analytics: 26 months (Google Analytics default)
• Marketing Campaign Data: 2 years for performance analysis

• Tax Records: 7 years as required by law
• Employment Records: As required by applicable law
• Legal Correspondence: Duration of legal matters plus 3 years

We share data with trusted partners who help us operate our business:

• Payment Processors: Stripe, PayPal, Square, and others
• Shipping Companies: FedEx, UPS, USPS, and international carriers
• Technology Providers: Website hosting, email services, analytics
• Manufacturing Partners: For custom product production

• Data may be transferred to countries outside your region
• We ensure adequate protection through standard contractual clauses
• We comply with applicable data protection frameworks

In the event of a merger, acquisition, or sale:

• Customer data may be transferred to the new entity
• We will notify customers of any such transfer
• Existing privacy commitments will be honored

• Request copies of your personal data
• Obtain information about how we process your data
• Receive data in a portable format

• Request correction of inaccurate information
• Update your contact and account information
• Modify communication preferences

• Request deletion of your personal data
• Close your account and remove associated data
• Note: Some data may be retained for legal compliance

• Limit how we process your data
• Object to certain types of processing
• Withdraw consent for optional processing

• Receive your data in a machine-readable format
• Transfer data to another service provider
• Export your order history and account information

• Session Management: Keep you logged in during visits
• Shopping Cart: Remember items you've selected
• Security: Protect against fraud and unauthorized access
• Load Balancing: Ensure optimal website performance

• Google Analytics: Website traffic and user behavior analysis
• Performance Monitoring: Site speed and error tracking
• A/B Testing: Improve user experience through testing

• Conversion Tracking: Measure effectiveness of marketing campaigns
• Remarketing: Show relevant ads to previous visitors
• Social Media: Enable social sharing and interactions

• Adjust cookie preferences through your browser settings
• Use our cookie preference center (if available)
• Note that disabling cookies may affect website functionality

• Continuous monitoring for security incidents
• Immediate assessment of breach scope and impact
• Documentation of all breach-related activities

• Regulatory authorities notified within 72 hours (where required)
• Affected individuals notified without undue delay
• Clear communication about the nature and impact of the breach

• Immediate containment of the security incident
• Assessment and repair of vulnerabilities
• Enhanced monitoring and security measures
• Regular review and improvement of procedures

We do not knowingly collect data from children under 13. If we become aware that we have collected such information:

• We will delete the data immediately
• We will not use the data for any purpose
• Parents may contact us to request deletion of their child's data

• CCPA: California Consumer Privacy Act compliance
• GDPR: General Data Protection Regulation (for EU visitors)
• CAN-SPAM: Email marketing compliance
• PCI DSS: Payment card industry standards

• Regular compliance audits and assessments
• Adherence to data protection best practices
• Continuous monitoring of regulatory changes

• Subject line: "Data Request - [Type of Request]"
• Include sufficient information to verify your identity
• Allow up to 30 days for response to complex requests

We may update this Data Policy to reflect:

• Changes in our data practices
• New legal requirements
• Enhanced security measures
• Customer feedback and requests

We will notify you of material changes through:

• Email notification to registered users
• Prominent website notices
• Updates to the "Last Updated" date

Your continued use of our services after changes constitutes acceptance of the updated policy.