CustoPrint
Login

Privacy Policy

Last Updated: April 10, 2025

1. Introduction

This Privacy Policy explains how Comyoucom Ltd, registered in England & Wales (“we,” “our,” or “us”), operating as CustoPrint, collects, uses, shares, and protects your information when you use our website, software, and services (collectively, the “Services”).

Please read this Privacy Policy carefully. By accessing or using our Services, you agree to this Privacy Policy and our Terms of Service.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you provide directly to us, including:

  • Account Information: When you register for an account, we collect your name, email address, password, and other contact information. Lawful basis: Contractual Necessity
  • Business Information: Information about your print shop business, including business name, address, contact details, payment information, and tax identification details. Lawful basis: Contractual Necessity
  • User Content: Information you upload or input into our system, such as print files, customer information, product options, and pricing configurations. Lawful basis: Contractual Necessity
  • Payment Information: When you subscribe to our Services, we collect payment information, though we do not store complete credit card information on our servers. Lawful basis: Contractual Necessity
  • Communications: Information you provide when contacting our support team or communicating with us. Lawful basis: Legitimate Interest

2.2 Information We Collect Automatically

When you access or use our Services, we automatically collect certain information, including:

  • Usage Information: Details of your usage of our Services, including log data, traffic data, and other communication data. Lawful basis: Legitimate Interest
  • Device Information: Information about the device you use to access our Services, including hardware model, operating system, unique device identifiers, IP address, and mobile network information. Lawful basis: Legitimate Interest

2.3 Our Role as a Data Processor

It is important to understand that CustoPrint acts in two distinct capacities regarding personal data:

  • As a Data Controller: For the personal data we collect about you (the print shop owner/user) as described in sections 2.1 and 2.2, we act as a Data Controller, determining the purposes and means of processing.
  • As a Data Processor: For the personal data contained within the files you upload or the customer information you input into our system (e.g., your customers' names, addresses, order details), we act solely as a Data Processor. This means:
    • You (the print shop owner/user) are the Data Controller for this information.
    • We process this data solely on your behalf and according to your instructions.
    • We do not determine the purposes or means of processing this data.
    • We implement appropriate technical and organizational measures to ensure the security of this data.
    • We do not use this data for our own purposes or share it with third parties except as necessary to provide the Services.

The specifics of our Data Processor relationship are detailed in our Terms of Service, which includes provisions regarding our data processing activities, security measures, and obligations as a processor.

3. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, maintain, and improve our Services (Lawful basis: Contractual Necessity);
  • Process transactions and send related information, including confirmations, invoices, and receipts (Lawful basis: Contractual Necessity);
  • Create and maintain your account (Lawful basis: Contractual Necessity);
  • Communicate with you about the Services, including technical notices, updates, security alerts, and support and administrative messages (Lawful basis: Contractual Necessity / Legitimate Interest);
  • Respond to your comments, questions, and requests (Lawful basis: Legitimate Interest);
  • Monitor and analyze trends, usage, and activities in connection with our Services (Lawful basis: Legitimate Interest);
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities (Lawful basis: Legal Obligation / Legitimate Interest);
  • Personalize and improve the Services (Lawful basis: Legitimate Interest);
  • For other purposes for which we obtain your consent (Lawful basis: Consent).

4. Data Storage, Security, and International Transfers

Our servers are hosted in Germany. If you are accessing our Services from outside Germany, please be aware that your information may be transferred to, stored, and processed in Germany where our servers are located. By using our Services, you consent to the transfer of your information to Germany and understand that your information may be subject to the data protection and privacy laws of Germany and the European Union.

All print files and customer data uploaded to our system are securely stored and automatically deleted upon job completion. We implement strong encryption and access controls to ensure the security of your data while it is in our care.

We do not use cookies on our website or application.

5. Data Sharing and Disclosure

CustoPrint does not share your data with third parties for marketing or advertising purposes. We only share your information in the following limited circumstances:

  • Service Providers: We work with the following categories of service providers who need access to certain data to perform their functions:
    • Cloud Hosting Providers (servers located in Germany)
    • Payment Processors (Stripe, Redsys)
    • Email Service Providers (for sending transactional emails only)
    All service providers are bound by contracts that require them to use the data only for the purpose of providing services to us and in accordance with this Privacy Policy.
  • For Legal Reasons: We may disclose your information if we believe it is necessary to comply with applicable laws, regulations, legal processes, or governmental requests.
  • In Connection with a Change of Business: If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding that involves the transfer of the information we hold.
  • With Your Consent: We may share your information with third parties when we have your consent to do so.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information. These may include:

  • The right to access, correct, or delete your personal information;
  • The right to object to or restrict certain processing of your personal information;
  • The right to data portability; and
  • The right to withdraw your consent at any time.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, accidental loss, destruction, or damage. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and testing
  • Access controls and authentication
  • Secure data deletion practices
  • Employee training on data security

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain different types of data for different periods:

  • Account Information: Retained for as long as your account is active and for up to 24 months thereafter for legal and operational purposes.
  • Business Information: Retained for as long as required for tax and accounting purposes (typically 7 years in accordance with UK regulations).
  • User Content - Print Files: Automatically deleted upon job completion. We do not retain copies of your customers' print files.
  • User Content - Customer Information: Retained only as long as necessary to complete the services you've requested.
  • Payment Information: Transaction records are retained for tax and accounting purposes, but payment method details are not stored on our servers.
  • Usage Logs: Retained for 90 days for security and analysis purposes.

When determining retention periods, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, and whether we can achieve the purposes of processing through other means.

9. Children's Privacy

Our Services are not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe we may have collected information about a child, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice on our website prior to the changes becoming effective. We encourage you to review this Privacy Policy periodically for the latest information on our privacy practices.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Comyoucom Ltd
Email: [email protected]
Address: 101 Clerkenwell Rd. EC1R 5BX, London

12. Data Protection Officer

You may contact our Data Protection Officer at [email protected] for any privacy-related inquiries.

13. Supervisory Authority

If you are a resident of the European Economic Area and believe we maintain your personal data subject to the GDPR, you may direct questions or complaints to your local supervisory authority. For UK residents, the supervisory authority is the Information Commissioner's Office (ICO).