Privacy Policy

This Privacy Policy explains what THB Embroidery Studio (“we”, “us”) collects when you use our browser-based embroidery digitizer, how we use it, how long we keep it, and the choices you have.

1. What we collect

• Account info — email address, display name, and authentication identifiers (including Google sign-in identifiers if you choose Google).
• Uploaded artwork — PNG/JPG files you upload to digitize.
• Saved projects — embroidery projects you save to your cloud library (stitches, colors, settings, generated previews).
• Billing metadata — subscription status and plan. Payment card details are handled by our payment processor and are never stored on our servers.
• Diagnostic data — basic logs (timestamps, error messages, IP address) used to keep the Service running.

2. How we use it

• To run the digitizer and stitch simulator for you.
• To store and reload your saved projects across devices.
• To operate authentication, billing, and customer support.
• To measure aggregate product usage and to debug issues.

3. Storage and retention of artwork and projects

Uploaded artwork and saved projects are stored on our backend (database and object storage) so you can return to them later. They are bound to your account via your user ID and protected by row-level access rules so other users cannot read them.

• Active accounts: we keep your artwork and projects for as long as your account exists, so they remain available to you.
• Cancellation: if you cancel your subscription, your saved projects and artwork remain accessible during the paid period that you have already paid for.
• Account deletion: when you delete your account, your artwork and saved projects are deleted from our active systems within 30 days. Encrypted backups may retain copies for up to 90 days before they are rotated out.
• Anonymous “Try it free” demo: files you upload to the demo page at /try are processed in your browser and are not stored on our servers.

4. Cookies and analytics

We use a small number of cookies and similar technologies:

• Essential cookies — required to keep you signed in and to remember basic preferences (such as your cookie-consent choice). These are always on.
• Product analytics — we record anonymized, aggregate events (pages viewed, features used, errors) so we can improve the Service. We do not sell this data and we do not use it for cross-site advertising.

You can change your choice at any time by clearing your browser storage for this site, which will re-show the cookie banner.

5. Sharing

We do not sell your personal data. We share data only with vendors that help us run the Service (hosting/database, authentication, payment processing, error monitoring), and only as needed for them to perform their function. We may disclose information when required by law.

6. Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to certain processing. You can exercise most of these rights from your account settings, or by using our contact form.

7. International transfers and security

Data may be processed in countries other than your own. We use industry-standard safeguards (encryption in transit, access controls, RLS-style isolation) to protect your data, but no system is perfectly secure.

8. Children

The Service is not directed to children under 13 and we do not knowingly collect their personal data.

9. Changes

We will update this page when our practices change and adjust the “Last updated” date above.

10. Contact

Privacy questions or requests: our contact form.