Privacy Policy

Last updated: 2026

1. Controller

Print Studio 3D (Luxembourg) is the data controller for personal data processed through this website and Service. Contact: privacy@printstudio3d.example.

2. What we collect

  • Account data: name, email, hashed password (or OAuth identifier).
  • Order data: uploaded 3D models, configuration, shipping address, order history.
  • Payment data: handled by our payment processor (Stripe); we do not store card numbers.
  • Technical data: IP address, browser/device metadata, and short-lived cookies required for authentication.

3. Legal bases

We process account and order data to perform our contract with you (Art. 6(1)(b) GDPR). We process technical data for our legitimate interest in operating a secure Service (Art. 6(1)(f) GDPR). Optional analytics or marketing cookies, if any, run only after your consent.

4. Uploaded 3D files

Your models are stored privately in an access-controlled bucket. Only you and the production staff assigned to your order can access them. Files are kept for as long as needed to fulfil the order and for a reasonable period afterwards for warranty, dispute, and tax record purposes (typically 10 years for accounting records in Luxembourg), then deleted.

5. Sharing

We share personal data only with processors necessary to run the Service: hosting (Cloudflare / Lovable Cloud), database (Supabase), payments (Stripe), email (transactional provider), and shipping carriers. Each processor is bound by a Data Processing Agreement.

6. International transfers

Some processors are located outside the EEA. Where that is the case, transfers rely on the European Commission's Standard Contractual Clauses.

7. Your rights (GDPR)

You have the right to access, rectify, erase, restrict, or object to the processing of your personal data, and to data portability. You can also lodge a complaint with the Luxembourg data protection authority (CNPD). Contact privacy@printstudio3d.example to exercise a right.

8. Cookies

We use strictly-necessary cookies for authentication. Any non-essential cookies (e.g. translation, analytics) require your prior consent through the cookie banner.

9. Security

We use TLS in transit, private storage buckets, row-level security in the database, and standard operational safeguards. No system is perfectly secure; we notify affected users of any breach as required by law.

10. Changes

We may update this policy from time to time. Material changes will be communicated to registered users by email.