Privacy Policy — 42 STUDIO

Privacy Policy

Last updated: May 5, 2026

This Privacy Policy describes how 42 STUDIO ("we", "us", "our"), operating the website 42prints.com, collects, uses, and protects your information when you visit our website or use our services, including the storefront, subscriptions, and our Business / Custom Model Order service for companies.

1. Information We Collect

Automatically collected:

Information you provide when creating an account or using the service:

Information you provide when submitting a Business / Custom Model Order:

We use this information solely to evaluate, communicate about, and fulfill your business request. We do not share it with anyone outside our small team and the contractors directly assigned to your project.

Payment information: We process subscriptions and one-time purchases through Stripe (PCI-DSS compliant). 42 STUDIO never sees or stores your full card number. We retain only a transaction reference, the last 4 digits, billing email and country (required for invoicing and tax compliance).

2. How We Use Your Information

3. Business / Custom Model Orders

If you submit a request via our /business form or business contact email, we additionally:

You can request a copy or deletion of any business-order data at [email protected] — except where retention is required by tax law.

4. Analytics

We use a self-hosted, privacy-friendly analytics system. We do not use Google Analytics or any third-party advertising trackers. Our analytics:

5. Cookies & Local Storage

Our website does not use cookies for advertising or cross-site tracking. When you sign in, a session token (JWT) is stored in your browser's local storage for authentication only. Stripe and Cloudflare set their own essential cookies on the payment / checkout flow — see their privacy policies for details.

6. Third-Party Services

7. Data Retention

We keep account data for as long as your account is active. Analytics data is retained for up to 90 days. Order, subscription, and business-order records are retained for at least 5 years for tax and accounting compliance. You can request deletion of your account at any time via [email protected]; we will remove personal data within 30 days, except where law requires us to keep transactional records.

8. Your Rights

You have the right to:

To exercise these rights, contact us at [email protected].

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encrypted connections (HTTPS / TLS 1.3), encrypted database backups, role-based admin access, and Stripe-handled card-data isolation. Business-order briefs and uploaded files are stored in a private Cloudflare R2 bucket reachable only through time-limited signed URLs.

10. Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes (especially anything that broadens how your data is used) will be announced via an in-app notice or email at least 14 days before they take effect. The current revision date is shown at the top of this page.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us: