Minimalist Jewelry Lab
Minimalist Jewelry Lab
Get full access
ProductToolsPricingBlogLogin

Legal

Privacy Policy

This page is a structured outline only. A qualified lawyer must review and finalize the Privacy Policy before launch.

Introduction

  • This Privacy Policy explains how Minimalist Jewelry Lab handles personal data for website visitors, account holders, and tool users.
  • Using the Service means you have read and understood this Privacy Policy.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Data Controller

  • Provide the legal entity acting as data controller, including address and contact details.
  • List DPO or privacy contact if appointed.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Personal Data We Collect

  • Information you provide: account details (name, email, hashed password), billing details, and content entered into tools (descriptions, buyer persona text, free-text fields).
  • Information collected automatically: IP address, browser type and settings, timestamps, pages visited, non-sensitive device information.
  • Payment information: processed by Stripe or similar. We see partial card details (last digits), payment status, billing name/email. We do not store full card numbers.
  • Cookies and similar technologies: session cookies for authentication and preferences, analytics cookies if used.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

How We Use Personal Data

  • Provide and maintain the Service: authenticate users, operate tools, process AI requests.
  • Process payments and manage plans.
  • Improve the Service: analyze usage patterns, troubleshoot, and debug.
  • Communicate with users: account emails, support replies, and notices about changes to terms or policies.
  • Marketing communications only with proper consent or lawful basis, with opt-out options.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Legal Bases for Processing

  • Contract performance: providing the Service and processing payments.
  • Legitimate interests: improving tools, securing the Service, preventing abuse.
  • Consent: optional cookies or certain marketing communications where required.
  • Legal obligations: accounting, tax, and compliance requirements.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

How We Share Personal Data

  • Service providers: hosting, database providers, analytics, payment processors, email providers.
  • Authorities when required by law (for example, court orders).
  • Business transfers: data may be transferred if the company is sold or merged, with notice.
  • We do not sell personal data in the sense of CCPA/CPRA unless explicitly stated.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

International Data Transfers

  • If data is stored or processed outside the user's country, state where and mention safeguards such as Standard Contractual Clauses where applicable.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Data Retention

  • Account data: kept while the account is active plus a defined period after deletion for legal or backup reasons.
  • Logs: shorter retention window (define duration).
  • Payment records: retained as required by tax and accounting law.
  • Explain criteria used to set retention periods.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Your Rights

  • Rights may include access, rectification, erasure, restriction, portability, and objection (including to marketing).
  • Right to withdraw consent where processing is based on consent.
  • Right to lodge a complaint with a supervisory authority where applicable.
  • Explain how to exercise these rights (for example, email contact or in-app settings).

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Children's Privacy

  • The Service is not directed to children under a defined age (for example, 16 or 18).
  • We do not knowingly collect personal data from children. If discovered, data will be deleted.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Security

  • We use encrypted connections (HTTPS), hashed passwords, role-based access control, and periodic security reviews.
  • No system is 100% secure; users should use strong passwords and protect account access.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Links to Other Websites

  • We may link to third-party sites. Their privacy policies are separate. Review those policies when visiting third-party sites.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Changes to This Policy

  • We may update this Privacy Policy over time. The last updated date will be shown, and material changes may be communicated by email or in-app notice.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.

Contact Details

  • Provide email address and postal address for privacy inquiries. Add any form link if used.

Lawyer review required: confirm data controller details, retention timelines, legal bases, and local compliance duties.