Privacy Policy

Effective Date: 27.05.25

Last Updated: 27.05.25

1. INTRODUCTION

T-Shirt Box ("we," "us," or "our"), operated by Smartum Tech LLC, respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information when you use our design subscription service.

Data Controller: Smartum Tech LLC Service Name: T-Shirt Box Contact: support@tshbox.com

2. INFORMATION WE COLLECT

2.1 Account and Subscription Information

• Personal Details: Name, email address, password
• Business Information: Company name, business type, industry
• Billing Information: Credit card details, billing address, tax information
• Subscription Data: Plan selection, billing history, usage patterns
• Communication Preferences: Email notifications, marketing consent

2.2 Design Usage and Preferences

• Download History: Which designs downloaded and when
• Theme Voting: Your votes for future design themes
• Usage Patterns: How you interact with our design library
• Feedback Data: Ratings, comments, and suggestions about designs
• Success Metrics: Sales performance data (if voluntarily shared)

2.3 Technical Information

• Device Data: Browser type, operating system, device specifications
• Usage Analytics: Pages visited, features used, session duration
• IP Address: Location data for service optimization
• Cookies: As detailed in our Cookie Policy
• Performance Data: Download speeds, error reports

2.4 Third-Party Integrations

• Payment Processors: Transaction verification from Stripe, PayPal
• Print-on-Demand Services: Integration data (if connected)
• Social Media: If you connect social accounts for sharing
• Analytics Services: Aggregated usage statistics

3. HOW WE USE YOUR INFORMATION

3.1 Service Delivery

• Process subscriptions and deliver monthly design packages
• Manage theme voting and selection process
• Provide customer support and technical assistance
• Process payments and prevent fraudulent transactions
• Deliver designs in appropriate formats for your needs

3.2 Service Improvement

• Analyze design popularity and usage patterns
• Develop new themes based on customer preferences
• Improve design quality and variety
• Optimize service performance and user experience
• Conduct customer satisfaction surveys

3.3 Business Communication

• Send subscription-related notifications and updates
• Notify about new design releases and themes
• Provide billing statements and payment confirmations
• Share important service changes or maintenance notices

3.4 Marketing (With Consent Only)

• Send newsletters with design tips and trends
• Share success stories from other customers
• Announce new features and plan options
• Provide educational content about t-shirt business

3.5 Legal and Compliance

• Comply with tax reporting obligations
• Respond to legal requests and court orders
• Protect against fraud and security threats
• Enforce our Terms of Service

4. LEGAL BASIS FOR PROCESSING (GDPR)

We process your data based on:

• Contract Performance: Delivering subscription services and designs
• Legitimate Interest: Business operations, fraud prevention, service improvement
• Consent: Marketing communications, non-essential cookies, success story sharing
• Legal Obligation: Tax compliance, anti-fraud measures, legal requests

5. DATA SHARING AND DISCLOSURE

5.1 Essential Service Providers

• Payment Processing: Stripe, PayPal for secure transactions
• Cloud Infrastructure: AWS, Google Cloud for reliable service delivery
• Email Services: SendGrid, Mailchimp for communications
• Analytics: Google Analytics, Mixpanel for service optimization
• Customer Support: Zendesk, Intercom for help desk functionality

5.2 Business Partners (With Consent)

• Print-on-Demand Services: For direct integration features
• Marketing Partners: For co-marketing opportunities (opt-in only)
• Industry Events: For case studies and success stories (with permission)

5.3 Legal Disclosure

Data may be disclosed when legally required:

• Court orders and legal proceedings
• Law enforcement investigations
• Tax audits and financial reporting
• Protection of rights and safety

5.4 Business Transfers

In case of merger, acquisition, or sale, customer data may be transferred with appropriate notifications and protections.

6. INTERNATIONAL DATA TRANSFERS

6.1 Cross-Border Processing

Your data may be processed in:

• United States (primary infrastructure)
• European Union (backup and optimization)
• Service provider locations worldwide

6.2 Transfer Safeguards

• EU-US Data Privacy Framework compliance
• Standard Contractual Clauses with processors
• Adequacy Decisions where available
• Encryption for all data in transit and at rest

7. DATA RETENTION

7.1 Active Subscriptions

• Account data retained throughout subscription period
• Design download history maintained for license verification
• Billing records kept for tax compliance (7 years)
• Communication preferences stored until changed

7.2 After Subscription Ends

• Account Data: 30 days (for reactivation)
• License Records: Indefinitely (for ongoing commercial rights)
• Billing History: 7 years (legal requirement)
• Analytics Data: Anonymized and aggregated permanently

7.3 Marketing Data

• Un-subscription honored immediately
• Marketing preferences deleted within 30 days
• Anonymized data may be retained for analytics

8. YOUR PRIVACY RIGHTS

8.1 Universal Rights

• Access: Download copy of your personal data
• Correction: Update inaccurate information
• Deletion: Request account and data deletion
• Portability: Export data in standard formats

8.2 EU/UK Residents (GDPR/UK GDPR)

• Restriction: Limit processing of your data
• Objection: Opt out of marketing and profiling
• Automated Decisions: Request human review
• Supervisory Authority: File complaints with regulators

8.3 California Residents (CCPA)

• Categories: Know what personal information we collect
• Sources: Understand where information comes from
• Purpose: Learn why we process your information
• Sharing: Know if we share data (we don't sell data)
• Delete: Request deletion of personal information

8.4 Exercising Your Rights

Email: privacy@t-shirtbox.com Account Settings: Update preferences online Support: Contact customer service for assistance Response Time: 30 days maximum

9. DATA SECURITY

9.1 Technical Safeguards

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Multi-factor authentication required
• Network Security: Firewalls, intrusion detection, DDoS protection
• Regular Updates: Security patches applied promptly
• Monitoring: 24/7 security monitoring and alerting

9.2 Organizational Measures

• Staff Training: Regular privacy and security education
• Access Policies: Strict need-to-know data access
• Background Checks: Security screening for staff
• Incident Response: Documented breach response procedures
• Third-Party Audits: Regular security assessments

9.3 Breach Response

• Immediate containment and investigation
• Customer notification within 72 hours if required
• Regulatory notification as legally mandated
• Remediation and prevention measures implemented

10. CHILDREN'S PRIVACY

Our Service is intended for business users 18 years and older. We do not knowingly collect information from individuals under 18. If we discover we have collected a minor's data, we will delete it immediately.

11. THIRD-PARTY SERVICES

11.1 Integrated Services

We integrate with various third-party services to enhance your experience:

• Print-on-Demand Platforms: For direct design usage
• E-commerce Platforms: For inventory management
• Social Media: For design sharing and promotion

11.2 External Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies independently.

12. COOKIE USAGE

Please refer to our detailed Cookie Policy for information about:

• Types of cookies we use
• How to manage cookie preferences
• Third-party cookies and tracking
• Your consent options

13. UPDATES TO THIS POLICY

13.1 Policy Changes

We may update this Privacy Policy to reflect:

• Changes in our data practices
• New legal requirements
• Service enhancements
• Customer feedback

13.2 Notification Methods

Material changes communicated via:

• Email notification to subscribers
• Prominent website banner
• In-app notifications
• Account dashboard alerts

14. CONTACT INFORMATION

14.1 General Privacy Questions

Email: support@tshbox.com

Mail: Smartum Tech LLC, 30 N Gould St Ste N, Sheridan, WY 82801, USA

14.2 Data Protection Officer

Email: support@tshbox.com

Specialized Support: EU/UK privacy matters

14.3 Regulatory Contacts

• EU Users: Contact your local data protection authority
• UK Users: Information Commissioner's Office (ICO)
• California Users: California Attorney General