Privacy Policy

This Privacy Policy explains how StencilID (“we”, “us”) collects, uses and protects your information when you use our website and application (the “Service”). By using the Service you agree to this policy.

1. Information we collect

We collect only what we need to provide the Service:

• Account data: your email address, name, password (stored hashed, never in plain text), and an optional profile photo.
• Google sign-in (optional): if you sign in with Google, we receive your email, name and profile picture from Google to create or link your account.
• Content you create: the cards, badges, certificates and templates you design, and any data (CSV spreadsheets, images) you upload to generate them.
• Onboarding info (optional): your country and use-case, which you can skip.
• Payment data: if you subscribe, our payment provider processes your card details. We do not store full card numbers; we keep your plan, billing interval and a customer reference.
• Usage data: basic, privacy-respecting analytics about how the Service is used (see “Analytics” below).

2. How we use your information

• To create and manage your account and authenticate you.
• To provide the Service, saving your designs, generating cards, and delivering downloads.
• To process subscriptions and send transactional emails (verification, password reset, receipts).
• To improve the Service and understand aggregate usage.
• To prevent abuse and keep the Service secure.

3. CSV and uploaded content

Card rendering happens in your browser. When you use bulk generation, the images we produce are uploaded so we can assemble your ZIP and print-ready PDF. Your uploaded files and generated assets are stored on our cloud storage provider and are accessible only to your account. You can delete projects and batches at any time, which removes the associated files.

4. Third-party services

We rely on trusted providers to operate the Service:

• Hosting & database, to run the application and store your account and designs.
• Cloud object storage, to store generated files (images, ZIPs, PDFs).
• Email provider, to send verification, password-reset and notification emails.
• Payment provider, to process subscriptions securely.
• Google, for optional sign-in.
• Analytics, privacy-focused product analytics (no session recording).
• Advertising (free tier only), we may show ads via Google AdSense to users on the free plan. AdSense may use cookies to serve and measure ads. Paid users see no ads.

5. Cookies & analytics

We use essential cookies/local storage to keep you signed in. We use product analytics to understand usage in aggregate; this is best-effort and non-essential. If ads are shown to free-tier users, the ad provider may set cookies as described in their own policies.

6. Data retention

We keep your account data while your account is active. You can delete your account at any time from your profile settings; doing so permanently removes your account, projects, batches and stored files. We may retain limited records (e.g. payment events) where required for legal, accounting or fraud-prevention purposes.

7. Security

Passwords are hashed, traffic is encrypted in transit, and access to your content is restricted to your account. No method of transmission or storage is 100% secure, but we take reasonable measures to protect your data.

8. Your rights

Depending on your location, you may have the right to access, correct, export or delete your personal data. You can manage most of this from your account, or contact us for assistance.

9. Children

The Service is not directed at children under 13 (or the minimum age in your country). We do not knowingly collect personal data from children.

10. Changes to this policy

We may update this policy from time to time. We will update the “Last updated” date above and, for material changes, notify you where appropriate.

11. Contact

Questions about this policy? Email us at hello@stencilid.com.