🔒

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last updated: January 2025

1. Information We Collect

Personal Information

  • Name, email address, phone number
  • Company information and business details
  • Billing and shipping addresses
  • Payment information (processed securely by third parties)

Technical Information

  • CAD files and technical specifications
  • Manufacturing requirements and preferences
  • Project communications and correspondence
  • Website usage data and analytics

Automatically Collected Data

  • IP address and location data
  • Browser type and device information
  • Pages visited and time spent on site
  • Cookies and tracking technologies

2. How We Use Your Information

Service Delivery

  • Process and fulfill manufacturing orders
  • Provide quotes and technical consultations
  • Communicate about project status and updates
  • Handle billing and payment processing

Business Operations

  • Improve our services and user experience
  • Analyze usage patterns and preferences
  • Develop new features and capabilities
  • Ensure security and prevent fraud

Communications

  • Send order confirmations and updates
  • Provide customer support
  • Share relevant industry insights (with consent)
  • Send marketing materials (opt-in only)

3. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties.

Limited Sharing

  • Trusted service providers (payment processors, shipping companies)
  • Manufacturing partners (only necessary technical information)
  • Legal compliance (when required by law)
  • Business transfers (merger, acquisition, asset sale)

Data Protection Measures

  • All third parties sign confidentiality agreements
  • Technical data shared on a need-to-know basis only
  • Regular audits of data handling practices
  • Secure data transmission and storage protocols

4. Data Security

Technical Safeguards

  • 256-bit SSL encryption for data transmission
  • Secure servers with regular security updates
  • Multi-factor authentication for staff access
  • Regular security audits and penetration testing

Physical Security

  • Restricted access to manufacturing facilities
  • Secure storage for physical documents
  • Surveillance systems and access controls
  • Clean desk and clear screen policies

Staff Training

  • Regular privacy and security training
  • Confidentiality agreements for all employees
  • Role-based access to customer data
  • Incident response procedures

5. Your Privacy Rights

Access and Control

  • Request access to your personal information
  • Correct inaccurate or incomplete data
  • Delete your account and associated data
  • Export your data in a portable format

Communication Preferences

  • Opt out of marketing communications
  • Choose communication channels
  • Set frequency preferences
  • Update contact information

Legal Rights (where applicable)

  • Right to be forgotten (GDPR)
  • Data portability rights
  • Right to restrict processing
  • Right to object to certain uses

6. Cookies and Tracking Technologies

Types of Cookies

  • Essential cookies (required for site functionality)
  • Analytics cookies (site usage and performance)
  • Preference cookies (user settings and choices)
  • Marketing cookies (with explicit consent)

Cookie Management

You can control cookies through:

  • Browser settings and preferences
  • Our cookie consent banner
  • Opt-out links in marketing emails
  • Third-party opt-out tools

7. Data Retention

Retention Periods

  • Account information: Until account deletion
  • Project data: 7 years for business records
  • Payment information: As required by law
  • Marketing data: Until consent withdrawal

Secure Deletion

  • Automated deletion of expired data
  • Secure overwriting of storage media
  • Certificate of destruction for sensitive data
  • Regular purging of backup systems

8. International Data Transfers

We may transfer your data internationally for processing and storage. When we do:

  • We ensure adequate protection through appropriate safeguards
  • We use standard contractual clauses approved by regulators
  • We conduct due diligence on international partners
  • We maintain records of all international transfers

9. Contact Us

If you have questions about this Privacy Policy or your personal information:

Privacy Officer: privacy@geppetto.studio

Data Protection: dpo@geppetto.studio

General Inquiries: legal@geppetto.studio

Response Time: We respond within 30 days

10. Policy Updates

We may update this Privacy Policy periodically. When we make material changes:

  • We will notify you via email or website notice
  • We will provide a 30-day notice period for significant changes
  • We will maintain previous versions for reference
  • Continued use indicates acceptance of changes