This Privacy Policy explains how madebygrids ("we", "us", "our"), operated by Made By Grids LLC, collects, uses, and protects your personal data when you visit madebygrids.com (the "Site") or purchase our products. Where we serve customers in the European Economic Area or the United Kingdom, we comply with the General Data Protection Regulation (Regulation EU 2016/679, "GDPR") and applicable data protection law.
1. Data controller
The data controller for your personal data is:
- Made By Grids LLC
- 30 N Gould St, Ste R, Sheridan, WY 82801, United States
- Email: hello@madebygrids.com
2. What data we collect
We collect the following categories of personal data:
a) When you contact us via the contact form: Name, email address, the topic you selected, and the content of your message.
b) When you make a purchase: Name, email address, billing information (processed directly by our payment provider, Stripe โ we do not store card details), country of residence, and Tax ID (if applicable).
c) When you request a free template: The email address you submit, which we use to send you the download link for the template you requested.
d) Automatically, when you visit the Site: IP address (anonymized where possible), browser type and version, pages visited, and referring URL. We use privacy-friendly analytics that do not use cookies and do not collect personally identifiable information.
3. Legal basis for processing
Under GDPR, we process your data on the following legal bases (Article 6):
| Purpose | Legal basis |
|---|---|
| Responding to your contact form inquiry | Pre-contractual measures at your request (Art. 6(1)(b)) |
| Processing your purchase and delivering the product | Performance of a contract (Art. 6(1)(b)) |
| Issuing invoices and meeting tax obligations | Legal obligation (Art. 6(1)(c)) |
| Sending purchase-related emails (order confirmation, download link, support) | Performance of a contract (Art. 6(1)(b)) |
| Sending a free template you requested by email | Consent / pre-contractual measures (Art. 6(1)(a)/(b)) |
| Maintaining website security and preventing fraud | Legitimate interest (Art. 6(1)(f)) |
| Analytics on aggregated, anonymized data | Legitimate interest (Art. 6(1)(f)) |
We do not send marketing emails or newsletters unless you have explicitly opted in.
4. How we use your data
We use your personal data to:
- Respond to your inquiries sent through the contact form.
- Process your order and deliver your template download, including order and support emails.
- Send you a free template when you request one by email.
- Issue receipts and meet our accounting and tax obligations under applicable law.
- Improve the Site through aggregated, anonymized usage data.
We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.
6. International data transfers
Some of our service providers (Stripe, Hostinger, Google Fonts, jsDelivr, and unpkg) may transfer data outside the European Economic Area (EEA), in particular to the United States. Where this is the case, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), provider security commitments, and, where applicable, certification under the EU-US Data Privacy Framework (DPF).
7. Data retention
We retain your personal data only as long as necessary for the purposes for which it was collected, or as required by law:
| Data category | Retention period |
|---|---|
| Contact form messages | 3 years from last contact |
| Customer records (name, email, order) | 5 years from purchase (commercial law) |
| Free-template email requests | Until you ask us to delete it |
| Invoices and accounting records | 10 years (standard accounting retention) |
After these periods, data is either deleted or anonymized.
8. Your rights under GDPR
You have the following rights regarding your personal data:
- Right of access: obtain a copy of the personal data we hold about you.
- Right to rectification: request correction of inaccurate or incomplete data.
- Right to erasure: request deletion of your data, subject to legal retention obligations.
- Right to restriction: request that we limit how we use your data.
- Right to portability: receive your data in a structured, machine-readable format.
- Right to object: object to processing based on legitimate interest.
- Right to withdraw consent: where processing is based on consent, withdraw it at any time.
To exercise any of these rights, email us at hello@madebygrids.com. We will respond within one month. You also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.
9. Data security
We implement appropriate technical and organizational measures to protect your personal data, including HTTPS encryption, access controls, and use of reputable third-party processors. No transmission over the internet is ever 100% secure, but we take reasonable steps to protect your data.
11. Children
Our products are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, contact us so we can delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated via the Site or by email where appropriate.
13. Contact
For all questions, requests, or complaints regarding your personal data: hello@madebygrids.com