Privacy Policy

Who This Applies To

This Privacy Policy applies to anyone who uses Merchize’s services, registers an account, or visits our website. If you are a merchant using Merchize to fulfill your customers’ orders, we act as a data processor for your customers’ data on your behalf. You (the merchant) are responsible for informing your customers how their data is handled. For all registered Merchize customers and website visitors, Merchize is the data controller of your personal information – we determine how and why your data is processed.

Our Responsibilities

We are committed to protecting your personal data. When you use our services, we collect and process certain information to provide and improve our services, handle orders, and communicate with you. We adhere to industry-standard security measures (encryption, secure servers, access controls) to safeguard your data. We also follow Google’s and Dropbox’s API user data policies for any data accessed via those service.

Your Responsibilities

If you provide personal information about others (e.g., registering a merchant account on behalf of an employee or sharing your customers’ data), you must ensure you have the right to share that data with Merchize. By submitting someone else’s data, you confirm you have their permission to let us process it under this Privacy Policy.

What Data We Collect and When

Merchize collects data in two ways: with your consent (you actively provide or authorize it) and automatically (collected as you use our site).

• With Your Consent: We collect data when you register an account, upload content/designs, link third-party platforms (like stores, Google Drive, or Dropbox via APIs), list products on sales channels, contact us (email, support chat), or opt in to marketing. For example, linking Google Drive or Dropbox is your consent for us to access the files you select for upload.

• Automatically: We also collect data automatically as you use our platform – for instance, your IP address, browser and device information, the pages and features you use, order submissions, and your navigation on our site. We use cookies and similar technologies to improve site functionality (you can manage cookies in your browser).

Google Drive Integration

When you link your Google Drive to Merchize, we access the specific files and metadata (e.g. file names, sizes) that you explicitly authorize for use in designs. We do not access or copy any other files in your cloud account. This access is only used to import your images into our design tools and fulfill orders. We adhere to Google’s data policies, meaning we are transparent about how we use this data and only use it for the purposes you expect. We do not retain these files longer than necessary for order processing.

Dropbox Integration

When you link your Dropbox to Merchize, we access the specific files and metadata (e.g. file names, sizes) that you explicitly authorize for use in designs. We do not access or copy any other files in your cloud account. This access is only used to import your images into our design tools and fulfill orders. We adhere to Dropbox's data policies, meaning we are transparent about how we use this data and only use it for the purposes you expect. We do not retain these files longer than necessary for order processing.

Types of Data Collected

To provide our print-on-demand services, we collect:

• Contact & Account Data: Your name, address, email, phone number, and other contact info for account setup and communication.

• Payment & Financial Data: Transaction details like order amounts, products purchased, and payment method (PayPal email or credit card info).

• Design & Content Data: Any designs, artwork, images, or other content you upload or create using our tools (including images from Google Drive or Dropbox). We also collect product listings and details you submit (e.g., product descriptions).

• Order & Transaction Data: Order details, customer shipping information (name, address, etc.), your store name, and other data associated with transactions.

• Technical & Usage Data: Your IP address, device/browser info, login credentials, time zone, pages visited, features used, session duration, and error logs. This helps us run and improve the site.

Sensitive Data: We do not collect sensitive personal data (such as race, health, religious beliefs, political opinions, etc.).
Children: Our services are intended for business users 18+. We do not knowingly collect data from anyone under 16. If we learn we have, we will delete it promptly.

How and Why We Use Your Data

We use your data only for the purposes needed to provide our services, as described below:

• Provide and Improve Services: We use your data to process orders, create product mockups, manage your account, authenticate logins, personalize your experience, and maintain platform security. This includes integrating with your store, handling payments, and running our site’s infrastructure. (This processing is necessary to fulfill our contract with you and for our legitimate business interests in delivering the service.)

• Customer Support: We use your contact information and account details to help resolve issues, respond to inquiries, and send service notifications. (This is also part of fulfilling our contract with you.)

• Product Development: We analyze usage data (e.g., which features are used, page visits) and collect feedback (surveys, user studies) to improve our platform and develop new features. We may use de-identified or aggregated data for analysis. (This is done under our legitimate interest to continually enhance the platform.)

• Marketing (with consent): If you opt in, we may email you about new features, products, or promotions. You can withdraw consent at any time (see your opt-out choices below).

• Legal Compliance: We may use or disclose your data to comply with laws (e.g., tax regulations) or government requests, or to protect our rights, as permitted by law.

We will not do anything unexpected with your data. In particular, we do not sell or rent your personal information to third parties. Any use of data from Google Drive or Dropbox strictly follows those services’ API policies and is limited to the stated purpose. If our data practices change, we will update our Privacy Policy and notify you.

User Rights and Choices

You have rights under data protection laws (e.g., GDPR) regarding your personal data:

• Access: You can request details of the data we hold about you and how it’s used.

• Correction: You can ask us to correct or update any inaccurate or incomplete data about you.

• Deletion: You can request deletion of your personal data when it’s no longer needed or you withdraw consent (unless we have a legal reason to retain it).

• Withdraw Consent: If we process any of your data based on consent (such as marketing), you can withdraw consent at any time without affecting data processed before.

• Data Portability: You can request to receive your data in a structured, machine-readable format (e.g. CSV) and have it transferred to another service, where feasible.

• Lodge Complaint: If you have concerns about our data handling, please contact us. EU residents also have the right to lodge a complaint with their local data protection authority.

Your Choices: You can choose not to provide certain data, but this may limit some features (for example, not providing a shipping address means we can’t process an order). For marketing emails, you can opt out by clicking “unsubscribe” in any marketing email or by contacting us at [[email protected]]. You can also disable cookies in your browser (though this may affect site functionality).

Data Storage and Security

We use industry-standard security measures (encryption, secure servers, multi-factor authentication) to protect your data. Our servers (hosted on AWS or similar) are in secure data centers with physical access controls and 24/7 monitoring. Data in transit is encrypted via TLS/HTTPS. We limit access to your data to authorized personnel who need it to operate our service. While we strive for strong security, no system is infallible; keep your account credentials secure and notify us immediately if you suspect a breach.

Retention: We retain your personal data only as long as needed to provide the service and comply with legal obligations. For example, your contact and store data are kept while your account is active; if you close your account, we typically retain data for up to 6 years (in case of reactivation or legal requirements like taxes). You can request deletion of your data at any time (email [[email protected]]), and we will delete it unless legally required to keep it (in which case we will inform you why).

Third-Party Data Sharing

To operate our service, we share data with trusted third-party providers in limited ways:

• Service Providers: We share order details, shipping addresses, and necessary information with manufacturers and fulfillment centers to produce and ship your products.

• Cloud and Hosting: We share usage data and certain account data with our hosting and infrastructure providers to run the platform.

• Payment Processors: We share transaction details with payment gateways (e.g., PayPal, Stripe) to process payments.

• Support and Communication: We may share your email and support messages with customer service tools or email services to assist you.

• Analytics (opt-in): If you consent, we share usage data with analytics services to improve the app’s performance.

• Legal/Compliance: We may share data to comply with legal obligations (law enforcement requests, legal claims, etc.).

• Merchants (Business Customers): If you are a merchant using Merchize for fulfillment, we share order and customer data with you as needed to process those orders.

We only share data necessary for each purpose, and we require all third parties to protect data according to law. We do not share personal data beyond these purposes. For example, we do not sell or rent your personal or design data to marketers. Any disclosure of Google or Dropbox data follows their respective API terms.

Privacy Updates

We may update this Privacy Policy from time to time (for example, to add new integrations like Google Drive or Dropbox). We will post any changes here and, if significant, notify you by email or through the app. Please check this page periodically to stay informed.

Contact: For questions about your privacy or our policies, contact us at [[email protected]].