Privacy Policy
- Versione
- 1.0.0-rc
- Data di entrata in vigore
- 2026-05-25
- Ultima revisione
- 2026-05-25
Effective Date: 2026-05-25 · Version 1.0.0-rc
This Privacy Policy explains what personal information INDIVISUAL ("we", "us", "our") collects when you use our services, how we use and share it, and what rights you have.
If you only read one section, read Section 6 (Your Rights) and Section 11 (Contact).
1. Information We Collect
1.1 Information you provide directly
- Account: email, name, password hash, language/region preference
- Orders: shipping address, billing address, phone number, payment method (we do not store full card numbers — only tokenized references from Stripe / Antom / AliPay / WeChat Pay)
- User-generated content: photos and images you upload to the Designer, design drafts, saved designs
- Communication: messages you send to our customer support
1.2 Information collected automatically
- Usage: pages visited, features used, time spent, clicks, search queries
- Device: IP address, browser type, OS, screen size, device ID
- Location: approximate (city-level) inferred from IP, or precise if you grant browser permission
- Cookies and similar: see Cookie Policy
1.3 Information from third parties
- Social login: if you sign in with Google / Apple / WeChat, we receive the profile info you authorize (name, email, avatar)
- Payment providers: confirmation of successful payment, fraud signals
- Shipping carriers: delivery status and tracking
2. How We Use Your Information
We use your information to:
- Fulfill orders: produce, package, and deliver your customized products
- Customer account: manage your profile, saved designs, order history
- Payments: process transactions and prevent fraud
- Customer support: respond to your inquiries
- Personalization: recommend designs and products based on your activity (you can disable this — see Section 6)
- Communications: send order updates (transactional, cannot opt out of these until account closure) and, only with your opt-in, marketing emails and newsletters
- Platform improvement: analyze aggregated usage to improve features
- Safety and legal compliance: prevent abuse, detect fraud, comply with legal obligations, respond to lawful requests
We do not use your uploaded design content to train AI models without your explicit opt-in consent.
3. Legal Basis for Processing (EU/UK users)
Under GDPR, we rely on:
- Contract: to fulfill your order and provide the services you request
- Consent: for marketing communications, optional cookies, and AI training opt-in
- Legitimate interest: for platform improvement, fraud prevention, network security — balanced against your rights
- Legal obligation: for tax records, law enforcement requests, safety
4. How We Share Your Information
We do not sell your personal information.
We share with:
- Production and shipping partners receive shipping address, phone, order details, and design files to produce and deliver your order.
- Payment processors (Stripe, AliPay, Antom, or the payment method shown at checkout) receive payment information, amount, and fraud signals to process payment.
- Analytics providers receive anonymized usage data to improve the platform after consent where required.
- Customer support tools receive your inquiry messages and account email to respond to your requests.
- Cloud infrastructure providers receive encrypted stored data to host the platform.
- Law enforcement may receive data when legally required by subpoena, court order, or emergency safety request.
- Corporate transaction recipients may receive data as part of a merger, acquisition, or sale; we will notify you of changes in data controller where required.
All third parties are bound by data processing agreements to use your data only for the purposes we specify.
5. International Data Transfers
Our platform operates globally. Your data may be transferred to and processed in:
- China (Mainland): for users in Mainland China; Tencent Cloud or Aliyun
- International: for users outside China; Cloudflare / AWS EU or US regions
For EU/UK users, international transfers are governed by Standard Contractual Clauses (SCCs) and supplementary measures as applicable.
For Mainland China users, cross-border data transfers follow PIPL Article 38 requirements.
6. Your Rights
Depending on your jurisdiction, you may have the following rights:
Universal
- Access: request a copy of your personal data
- Correction: fix inaccurate or incomplete data
- Deletion: request we delete your data (subject to legal retention requirements)
EU / UK (GDPR)
- Portability: receive your data in a structured, machine-readable format
- Object: to processing based on legitimate interest
- Restrict: processing in certain circumstances
- Withdraw consent: anytime, without affecting past lawful processing
- Complaint: to your local data protection authority
California (CCPA/CPRA)
- Know: what categories of personal info we have collected about you
- Delete: request deletion
- Correct: inaccurate info
- Opt-out of "sharing": for cross-context behavioral advertising (we don't currently do this, but you may opt out preemptively)
- Limit use: of sensitive personal information
- Non-discrimination: for exercising your rights
To exercise any sale, sharing, or targeted-advertising choice, email privacy@indivisualhub.com. We do not currently sell personal information.
China (PIPL)
- Access and copy
- Correction
- Deletion
- Withdraw consent
- Portability (in some cases)
- Refuse automated decision-making (e.g., personalized recommendations)
- Complaint to CAC or local authority
How to exercise your rights
Email us at privacy@indivisualhub.com. We will respond within 30 days (may extend to 90 days for complex requests).
We may need to verify your identity before processing your request.
7. Data Retention
We keep your data only as long as necessary:
- Account data: until you close your account, then 30 days.
- Order records: 7 years for tax and commerce requirements.
- Design files: until you delete them, or until account closure plus 30 days.
- Marketing emails: until you unsubscribe.
- Analytics logs: 13 months.
- Payment records: 7 years where legally required.
After retention, data is either deleted or anonymized beyond reversibility.
8. Security
We use reasonable technical and organizational measures to protect your data:
- Passwords hashed with bcrypt
- Transport-layer encryption (HTTPS)
- At-rest encryption for sensitive fields
- Access control: only authorized staff with business need
- Regular security audits
- Data breach notification in accordance with applicable law (within 72 hours for GDPR)
However, no system is 100% secure. If you suspect your account has been compromised, contact security@indivisualhub.com immediately.
9. Children's Privacy
Our services are not directed to children under 13 (14 in Mainland China). We do not knowingly collect personal info from children.
If we become aware that we have collected info from a child without parental consent, we will delete it promptly. Parents who believe we have collected their child's info can contact privacy@indivisualhub.com.
10. Changes
We may update this Privacy Policy from time to time. When we do:
- We update the "Effective Date"
- For material changes (new categories of data collected, new sharing practices, changes to your rights), we notify you via email or in-app banner at least 14 days in advance
- Continued use after the Effective Date = acceptance
11. Contact
Data controller
Dujue Technology (Shenzhen) Co., Ltd. (独觉科技(深圳)有限公司), doing business as INDIVISUAL for this storefront, unless a checkout provider or order document identifies a different merchant of record for a specific transaction.
Legal notices and service address requests: legal@indivisualhub.com
Data Protection Officer (DPO)
privacy@indivisualhub.com
Regional contacts
- EU and UK privacy requests: privacy@indivisualhub.com
- China personal-information requests: privacy@indivisualhub.com
Document version: 1.0.0-rc · Last updated: 2026-05-25.