← Back to Home

Privacy Policy

Last updated: February 16, 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and profile picture (if provided via Google OAuth). We do not store your password directly; authentication is handled securely by Supabase.

Usage Data: We track basic usage metrics such as daily quote count to enforce free-tier limits. We do not track individual calculations or their results.

Uploaded Files: If you use the embroidery file viewer, files are processed client-side in your browser. We do not upload, store, or transmit your embroidery files to our servers.

Email Subscriptions: If you subscribe to our waitlist (AutoDigitizing feature), we collect your email address and preferred language for communication purposes.

2. How We Use Your Information

We use collected information to: (a) provide and maintain the Service; (b) process payments and manage subscriptions; (c) send service-related communications; (d) improve and optimize the Service; (e) comply with legal obligations. We will never sell your personal data to third parties.

3. Third-Party Services

We use the following third-party services:

  • Supabase — Authentication and database services (hosted in EU)
  • Lemon Squeezy — Payment processing (PCI-DSS compliant)
  • Google OAuth — Social login authentication
  • Netlify — Website hosting and deployment

Each third-party service has its own privacy policy governing their handling of your data.

4. Cookies

Essential Cookies: Required for authentication, session management, and basic site functionality. These cannot be disabled.

Analytics Cookies: Used to understand how visitors interact with the Service. These are optional and can be disabled via our cookie consent banner.

You can manage your cookie preferences at any time through your browser settings or our cookie consent banner.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law. Usage logs are anonymized after 90 days.

6. Your Rights (GDPR/KVKK)

Under applicable data protection laws (including GDPR and KVKK), you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, contact us at hello@stitchops.app.

7. Data Security

We implement industry-standard security measures including: encrypted data transmission (TLS/SSL), secure authentication via Supabase, Row Level Security (RLS) policies on our database, and regular security reviews. However, no method of electronic transmission is 100% secure.

8. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related inquiries, contact our Data Protection Officer at: hello@stitchops.app