Last Updated: [1/22/2025]
PrintsBoost ("we", "us", or "our") is committed to protecting your privacy. This policy explains how we collect, use, disclose, and safeguard your personal data in compliance with global privacy laws, including:
General Data Protection Regulation (GDPR) (EU/EEA)
California Consumer Privacy Act (CCPA/CPRA)
Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada)
United Nations Guidelines for Consumer Protection
This policy applies to all users of https://printsboost.com and related services. Key terms:
Personal Data: Any information directly or indirectly identifying an individual (e.g., name, email, IP address).
Processing: Operations performed on data (collection, storage, deletion, etc.).
Data Controller: Entity determining purposes of processing (i.e., PrintsBoost).
Account Registration: Name, email, phone number, shipping/billing address.
Transaction Details: Payment information (handled by PCI-DSS compliant gateways like Stripe/PayPal), order history.
Communications: Customer service inquiries, survey responses.
Device & Usage: IP address, browser type, pages viewed, cookies (see Cookie Policy).
Location: Approximate geographic data (based on IP or device settings).
Analytics: Via Google Analytics (anonymized where required by law).
Social Media: If you link social accounts (e.g., Facebook Login).
Partners: Fraud detection services, marketing platforms.
We process data under the following legal frameworks:
| Purpose | Legal Basis | Examples |
|---|---|---|
| Order fulfillment | Contractual necessity | Processing payments, shipping |
| Marketing | Consent (opt-in) | Email newsletters, targeted ads |
| Legal compliance | Legal obligation | Tax reporting, fraud prevention |
| Analytics | Legitimate interest | Improving website performance |
GDPR-specific: We adhere to Article 6(1) principles.
CCPA-specific: We do not sell personal data to third parties.
Service Providers: Payment processors (Stripe), logistics partners (DHL), cloud hosts (AWS).
Legal Authorities: When required by law (e.g., court orders).
Business Transfers: In mergers/acquisitions, with confidentiality agreements.
EU/EEA to Non-EU: Use Standard Contractual Clauses (SCCs) or Adequacy Decisions.
California to Other States: Disclose in CCPA "Right to Know" responses.
| Region | Rights | How to Exercise |
|---|---|---|
| Global | Access, Correct, Delete | Submit request via [Email/Portal] |
| EU/EEA | Data Portability, Object to Processing | Contact services@printsboost.com |
| California | Opt-Out of Sale, Limit Sensitive Data Use | Click "Do Not Sell My Info" link |
| Canada | Withdraw Consent | Update preferences in account settings |
Response Time: We resolve requests within 30 days (or 45 days with notification).
Technical Measures: SSL encryption, regular penetration testing, role-based access controls.
Organizational Measures: Employee training, GDPR-compliant Data Processing Agreements (DPAs) with vendors.
Breach Notification: Notify regulators & affected users within 72 hours (GDPR) or as required by local laws.
Essential Cookies: Required for core functionality (e.g., shopping cart).
Analytical Cookies: Google Analytics (anonymized IPs for EU users).
Advertising Cookies: Managed via Consent Management Platforms (e.g., Cookiebot).
Opt-Out: Adjust settings in our Cookie Preference Center or browser tools.
We do not knowingly collect data from users under 16 (or 13 under COPPA). Parents may request deletion via services@printsboost.com.
We notify changes via email or website banners. Material changes (e.g., new data uses) require re-consent.
Data Protection Officer (DPO): services@printsboost.com
Disputes: Mediation via ICCPAN or local supervisory authorities.
