Paint by AI - Transform Your Ideas into Art
paintby.ai

Privacy Policy

Last updated: 03 June 2025

This Privacy Policy describes how Lars Langenstueck ("we", "us", or "our") collects, uses, and protects your personal information when you visit or use https://paintby.ai (the "Site"), place an order, or interact with our services.

By using this Site, you agree to the terms of this Privacy Policy.

1. Who We Are

Lars Langenstueck
3 Hillside Apartments
Sacred Heart Avenue
St Julians, STJ1436
Malta
VAT ID: MT26104808
Email: [email protected]

2. What Information We Collect

We collect personal data only as necessary to provide and improve our services. This includes:

  • Contact Details: Name, email address, shipping address
  • Order Information: Product details, payment status (via Stripe), delivery details
  • Technical Data: IP address, browser type, device info, usage data (via Umami)
  • Session Data: Stored locally in your browser using cookies/local storage to allow you to continue your session later
  • Communication: Email interaction data (via Plunk)

We do not collect or store your full payment details. Payments are handled securely by Stripe.

3. Why We Collect Your Data

We collect and process your data to:

  • Process and fulfill your custom orders
  • Communicate order updates
  • Improve our service and website
  • Comply with tax and legal obligations
  • Send optional email updates and offers (only if you've opted in)

4. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract: To fulfill your order
  • Consent: For marketing emails (only if you opt in)
  • Legal Obligation: For accounting or tax purposes
  • Legitimate Interest: To improve site performance and customer experience

5. How We Store and Protect Your Data

Your data is stored securely and only for as long as necessary:

  • Order and account data: 5 years (for tax/audit purposes)
  • Email and marketing data: until you unsubscribe or request deletion
  • Session data: stored locally in your browser and not transmitted to us

We take appropriate security measures to protect your data from unauthorized access or misuse.

6. Who We Share Your Data With

We only share your data with trusted third parties essential for running the business:

  • Stripe (payment processing)
  • Plunk (email communication)
  • Umami (privacy-friendly analytics, no personal identifiers)
  • Shipping providers (to deliver your order)

We do not sell or rent your personal data to any third parties.

7. Your Rights Under GDPR

You have the right to:

  • Access, correct, or delete your personal data
  • Withdraw consent (e.g., from email marketing)
  • Object to processing
  • Lodge a complaint with the Office of the Information and Data Protection Commissioner (Malta)

To exercise your rights, contact us at [email protected].

8. Cookies and Local Storage

We use local storage (browser-based) to save your in-progress designs and preferences. These are not transmitted to our servers.

Umami uses anonymous, cookie-free analytics. No third-party tracking or advertising cookies are used.

9. Children

Our services are not directed to children under 16. We do not knowingly collect personal data from minors.

10. Changes to This Policy

We may update this Privacy Policy to reflect legal or business changes. The latest version will always be available on our site.