Privacy Policy – Printify

Last Updated: March 12, 2026

Printify, Inc. (“we”, “our”, “us”, or “Printify”) respects the privacy of its users and is fully committed to protect our user personal data and use it in accordance with data privacy laws. This Privacy Policy describes how we collect, use, and process any personal data that we collect from you—or you provide to us—in connection with your use of our website (www.printify.com) or our apps and our print-on-demand and other services (collectively, “Services”). By accessing or using our Services, you signify your understanding of the terms set out in this Privacy Policy.

Our Services are not directed to persons under the age majority (typically 18 or 19 years, but up to 21 years, depending on your jurisdiction), especially to children (persons aged below 13 years (as defined by the U.S. Children’s Privacy Protection Act (COPPA) or persons aged below 16 years (as defined by the European Union General Data Protection Regulation (GDPR)). We do not knowingly collect, maintain, disclose, or sell Personal Data about users under the age of majority or children.

The use of the Services for persons under the age of majority is not allowed under the Terms of Use. If you are under the age of majority, please do not use our Services, or provide any information on our Services or through any of their features, use any of the interactive features of our Services, or provide any information about yourself to us, including your name, address, telephone number or email address.

If we discover that we have collected Personal Data from a minor or child we will delete the data. If you are under the age of majority and have used our Services, or if you are a parent or a guardian and you believe we have collected Personal Data from your minor or child, please contact us.

1. Background

We provide Services both to its business customers, as well as directly to end users.

If you use our Services only for your personal use, you are to be considered as the “User” and for the purpose of Data Protection Laws, and we are the data “controller” or covered “business” as such terms are defined in the applicable Data Protection Law.

If you use our Services to execute orders and deliver products to third parties, you are considered a “Merchant”. When processing contact details, payment information and other information listed in Section 1 below directly related to the Merchant, we are the data controller or covered business. Where we act on a Merchant’s behalf to fulfill an order with regard to the Merchant’s end-customer, we are a “data processor” or “service provider” as such terms are defined in the applicable Data Protection Law. Where we act as a data processor we process information in accordance with our Data Processing Terms (according to the Terms of Service) on behalf of our customers.

The term “Data Protection Law(s)” shall include any applicable data privacy or security law, including but not limited to the General Data Protection Regulation (“GDPR”) and the UK General Data Protection Regulation (as defined by the UK Data Protection Act 2018 as amended by the Data Protection, Privacy and Electronic Communications (Amendments, etc.) (EU Exit) Regulations 2019), Heightened U.S. State Privacy Laws (including: the California Consumer Protection Act as amended by the California Privacy Rights Act (collectively, “CCPA”), the Colorado Privacy Act, the Connecticut Data Privacy Act, the Delaware Personal Data Privacy Act, the Indiana Consumer Data Protection Act, the Iowa Consumer Data Protection Act, the Kentucky Consumer Data Protection Act, the Maryland Online Data Privacy Act, the Minnesota Consumer Data Privacy Act, the Montana Consumer Data Privacy Act, the Nebraska Data Privacy Act, the New Hampshire Privacy Act, the New Jersey Data Privacy Act, Oregon Consumer Privacy Act, the Rhode Island Data Transparency and Privacy Protection Act, the Tennessee Information Protection Act, the Texas Data Privacy and Security Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act and other enacted U.S. state laws that contain materially similar comprehensive consumer privacy provisions) and all applicable amendments and regulations related to the foregoing.

If you are a resident of the United Kingdom or the European Economic Area, please see Additional Disclosure for European Residents below.

If you are a Canadian resident, please see Additional Disclosures for Canadian Residents below.

If you are a California resident, please see Additional Disclosures for California Residents below.

If you are a resident of states which have enacted Heightened U.S. State Privacy Laws, or any other state that enacts a materially similar privacy law partly or wholly, please see Additional Disclosures for Heightened U.S. State Privacy Law Residents below.

If you reside outside the jurisdictions described above, we process your personal data in accordance with this Privacy Policy and applicable data protection laws where required. Depending on your location, you may have certain rights regarding your personal data similar to those described in this Privacy Policy.

2. How and When We Collect Your Data

We may collect data directly from you, from other parties or by automatic means.

Directly from You. We collect personal information you provide us directly, such as when you make a purchase; register for an account or create a profile; contact us; respond to a survey; participate in a sweepstakes, contest, or other similar campaign or promotion; apply for a job; sign up to receive emails or newsletters, or otherwise engage in direct communication with us.
Using Online Tracking Technologies and Other Automatic Data Collection Technologies. When you visit our websites, use our Services, open or click on emails we send you, we or third parties can automatically collect certain information using online tracking technologies such as cookies. For more information, please see our Cookie Policy available via the cookie banner (click “Your privacy choices” at the page footer).
From Merchants. We obtain information directly from Merchants that we may be providing services on behalf of.
From Social Media Platforms and Networks. If you interact with us on social media or use features, such as plugins, widgets, or other tools made available by social media platforms or networks (including Instagram, Facebook, Twitter, Google, LinkedIn, and Pinterest) in connection with our websites, we collect information that you disclose to us. For more information about the privacy practices of those social media platforms, please review the privacy policies and settings of the social media platforms and networks that you use.
From Other Sources. We may obtain information about you from other sources, such as data analytics providers, fraud prevention service providers, vendors that provide services on our behalf, or publicly available sources. We also create information based on our analysis of the information we have collected from you.

3. Information Collected About Users and Merchants and How We Use It

The types of personal information we obtain and process about you depends on how you interact with us and our Services.

Identifiers and contact information. For example: your name, postal address, shipping address, email address, and telephone number.
Payment Information. For example:information relating to billing and payment details (including first and last digits of your payment card).
Commercial Information. For example: information about Services you have purchased or considered, and your preferences.
Device and Unique Identifiers. For example: internet or other electronic network activity information, such as IP addresses, the device and browser you use, referring pages, time stamps, and cookie details.
Geolocation Data. For example: non-precise location information that permits us to determine your location based on information provided in your IP address.
Audio Information. For example: recorded phone calls as allowed under applicable law.
Government Issued Identification. For example: images and data, which may appear on government-issued identity documents or identification cards.
Content. For example: your communications with us and any other content you provide, such as social media profiles, images, videos, survey responses, comments, reviews, and testimonials.

We don’t collect any “sensitive data” about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences).

4. How We Use Your Data

This section explains the purposes for which we collect your data and the legal grounds we rely on to process it. We do not collect additional categories of personal data or use personal data for materially different purposes without providing notice.

Providing and Managing Our Services

We process your data to fulfill our contractual obligations to you and to operate our business efficiently.

Purpose: To confirm your identity, manage your account, provide customer support (via chat, blog, or email), process invoices, and maintain our products.
Legal Basis:Contractual Necessity (to provide the services you signed up for) and Legitimate Interest (to ensure service quality).
Data Collected: Identifiers (e.g., name, email), Payment Information, and Commercial Information.

Communication and Support

We use your information to stay in touch and resolve issues.

Purpose: To respond to inquiries, feedback, and support requests. We may monitor or record calls and chats for quality assurance and dispute resolution.
Legal Basis:Legitimate Interest (to provide quality services and product support, to improve our Services and protect our legal rights).
Data Collected: Identifiers, Device/Unique Identifiers, and Communication Content.
Retention: Recordings are generally kept for the duration of your account or as needed to resolve active disputes.

Analytics, Personalization, and Product Development

We strive to make our Services more intuitive and relevant to your needs.

Purpose: To conduct research, improve Services and monitor performance, and provide personalized recommendations. We use location data to provide regional content, mapping, and localized search results.
Legal Basis:Legitimate Interest (to improve our website and services) and Consent (where required for specific user tracking or cookies).
Data Collected: Device and Unique Identifiers, Geolocation Data (via IP address or profile), and interaction data (via cookies).

Marketing and Advertising

We use your data to keep you informed about our products and promotions.

Purpose: To send newsletters, SMS campaigns, and show advertisements and administer contests and sweepstakes. We do not use Merchants end-customers’ data to market directly to them.
Legal Basis:Consent (for opt-in marketing) or Legitimate Interest (for existing customer communications). Your SMS opt-in data is never shared with third parties for their own marketing; it is only shared with service providers who help us deliver our messages to you.
Data Collected: Identifiers, Commercial Information, Device and Unique Identifiers and Geolocation Data.
For information about how to unsubscribe from emails, newsletters or other communications, please see Your Choices in Connection With Our Services below.

Security, Fraud Prevention, and Legal Compliance

Protecting our platform and complying with the law is a priority.

Purpose: To detect and prevent security issues and fraudulent transactions, investigate malicious activity, enforce our Terms of Service, and comply with legal mandates (such as DMCA requests or economic sanctions).
Legal Basis:Legal Obligation and Legitimate Interest (to ensure network security and prevent harm).
Data Collected: Identifiers, Device and Unique Identifiers, and Commercial Information.

We may collect data such as information on your device, your preferences and information filled in while visiting our website, your interaction with the website, and other information used for technical, security, analytical, marketing purposes (including unique visits, returning visits, length of the session, actions carried out in the webpage). Learn more about how we use cookies within our Services by accessing the Cookie Policy via the cookie banner (click “Your privacy choices” at the page footer).

5. Information Collected About Our Merchant’s End-Customers

In the course of providing products and services on our Merchant’s behalf, we collect and process certain information about individuals at the direction of such Merchants (“End-Customer Data”). End-Customer Data has historically included information such as personal data relating to the end user of our Services, any personal data in the printing content (where applicable), personal data revealed during the use of any Services, including name, email address, phone number, shipping address, and other information about the Merchant’s end-customers.

If you are an end-customer of the Merchant (an end user of our Services), the Merchant is the data controller with regard to your personal data contained in End-Customer Data and should provide you with the information on how your personal data is collected and processed when using our Services. Please read the Merchant’s privacy policy for further information. The Merchant is your contact for any questions you have about how it handles your personal data.

To deliver the best possible experience we often have to partner with third parties. The following details the types of third parties whom we share information with in connection with your use of the Services:

Service Providers. In order for us to provide you with our Services, we work with third parties who perform services on our behalf and with whom we share personal data to support our Services (“Service Providers”). Service Providers include:

Hosting, Online and Security Services.
Manufacturing and Logistics Services. Email and Messaging Service Providers.
Payment Processors and Fraud Prevention Services. Analytic and Marketing Providers.

We will only share personal data to Service Providers that have undertaken to comply with obligations set out in applicable Data Protection Laws.

Legal Advisors. Insofar as reasonably necessary, we may be required to share information with third parties to (1) comply with legal requirements or requests, including any subpoenas, claims, disputes or litigation, (2) protect our, or a third party’s, lawful interests, (3) enforce or apply our agreements; and (4) protect property or safety of us or others.

Affiliates. We may share your personal data with our affiliates (companies within our corporate family).

Business Customers (i.e., Merchants). Where we provide Services on behalf of Merchants, we will provide certain information related to your orders and purchases. We may also share information with Merchants if we are handling a DMCA takedown request or facilitating an appeal process.

In a Business Transfer. We may disclose or share your information as part of a corporate business transaction, such as a merger or acquisition, joint venture, corporate reorganization, financing, or sale of company assets, or in the unlikely event of insolvency, bankruptcy, or receivership, in which such information could be transferred to third parties as a business asset in the transaction.

Facilitating Requests. We share information at your request or direction, such as when you choose to share information with a social network about your activities using the Services.

Notwithstanding the above, we may share information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law. For information on your rights and choices regarding how we share information about you, please see Your Choices In Connection With Our Services below.

7. Data Retention

We may retain your personal data for as long as you have an account or any of the abovementioned legal bases for personal data processing still exists. For example, if you unsubscribe from our marketing, newsletter, or blog emails, we will stop the processing of the personal data for such purposes.

If you have used our Services without creating an account, we will keep your personal data as long as necessary to comply with our legal obligation to retain information relating to provision of services, for example, for tax purposes.

After terminating your relationship with us by deleting your account or otherwise ceasing to use our Services, we may continue to store copies of your (and in regard to Merchants, your customers’ personal data) as necessary to comply with our contractual obligations with Merchants and legal obligations, as well as to resolve disputes between you and us (or Merchants and applicable customers), to prevent fraud and abuse, to enforce our agreements, and/or to protect our legitimate interests (to the extent that we are permitted by the applicable law to continue to store copies to protect our legitimate interests).

We reserve the right to retain usage data relating to our products and services, as well as data that has been anonymized and/or aggregated, to the extent permitted by applicable laws.

8. Information Security

We seek to use reasonable organizational, technical, and administrative measures to protect the conﬁdentiality, integrity, and availability of personal data.

Our measures include implementing appropriate access controls, investing in the latest information security capabilities to protect the IT environments we leverage, and ensuring we encrypt and anonymize personal data wherever possible. Access to information is only permitted among our employees and agents on a need-to-know basis.

We encourage you to take care of the personal data in your possession that you process online and set strong passwords for your account, limit access to your computer and browser by signing out after you have ﬁnished your session.

9. Your Choices In Connection With Our Services

A. Account.

You may access, update, or remove certain information that you have provided to us through your account or by sending an email to the email address set out in Contact Information below. We may require additional information from you to allow us to confirm your identity.

B. Communications.

Emails. You can opt-out of receiving promotional emails from us at any time by following the instructions as provided in emails to click on the unsubscribe link. Please note that you cannot opt-out of non-promotional emails, such as those about your account, transactions, servicing, or our business relations (e.g. terms).

C. Cookies and Tracking Technologies.

Cookies. See our Cookie Policy via the cookie banner (click “Your privacy choices” at the page footer) for information about how to control cookies and edit your choices.
Do Not Track. Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. We currently do not respond to browser “do not track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.

Please note that your choices made via the cookie banner will only apply to the specific browser or device from which you access the webpage.

E. Legal Privacy Rights.

You may have additional legal privacy rights under certain applicable laws, for more information about your rights under these respective laws, please see the following sections where applicable:

Additional Disclosures for European Residents
Additional Disclosures for Canadian Residents
Additional Disclosures for California Residents
Additional Disclosures for U.S. State Privacy Law Residents

For more information about how to exercise applicable legal rights, please see the section titled How to Exercise Your Legal Rights Under Privacy Laws below.

10. Additional Disclosure for European Residents

If you are a User or data subject related to a Merchant located in the European Economic Area or the United Kingdom, you have certain rights with respect to your personal data in accordance with Data Protection Laws in the European Union and United Kingdom (collectively the “GDPR”). If you are a User or data subject located in Germany, you have certain rights under both the GDPR and the Federal Data Protection Act (“BDSG”). Under BDSG, residents are afforded certain rights about the Personal Information (as such capitalized term is defined under BDSG) we have collected about them, which we have described in more detail below.

A. Roles

GDPR distinguishes between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). As described in the Section entitled “Background” above, we may either be a controller or a processor depending on the circumstances.

Us as a Controller: We are the data “controller” when we process information directly from Users to provide our Services such as a User that used the specific Services.

Us as a Processor: We are a processor where we act on a Merchant’s behalf to fulfill an order with regard to the Merchant’s customer. Where we act as a processor we process information in accordance with our Data Processing Terms (according to the Terms of Service) on behalf of our customers.

B. Lawful Basis

The GDPR requires a “lawful basis” for processing personal data. Our lawful bases include where: (i) you have given consent to the processing for one or more specific purposes, either to us or to our service providers, partners, or customers; (ii) processing is necessary for the performance of a contract with you; (iii) processing is necessary for compliance with a legal obligation; or (iv) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, provided that your interests and fundamental rights and freedoms do not override our interests.

C. Data Transfers

All the information you provide may be transferred or accessed by our parent company in the United States and our affiliate companies and subsidiaries in other countries, such as Latvia, Poland, Spain, and the UK and our Service Providers (as described above) for the provision of our Services as described in this Privacy Policy.

When we transfer your information globally, we take necessary measures to ensure appropriate protection of your information, including, as applicable, entering into the European Commission’s Model clauses for the transfer of personal data to third countries (i.e., the standard contractual clauses) and any equivalent clauses issued by the relevant competent authority of the UK.

D. Your Data Subject Rights

If you are a data subject you have the right to (with certain limitations):

access, rectify, or erase any personal data we process about you;
data portability, meaning the ability to receive your personal data in a structured, commonly used machine-readable format and ability to transfer such data another third party of your choice;
restrict or object to our processing of personal data we process about you; and
where applicable, withdraw your consent at any time for any data processing.

For more information about how to exercise applicable legal rights, please see the section titled How to Exercise Your Legal Rights Under Privacy Laws below.

E. GDPR Complaints

If you have a complaint about our use of your personal data or response to your requests regarding your personal data, please see the section entitled “Complaints” below.

The contact information of our European Representative and Data Protection Officer is detailed in the Section “Contact Information” below.

11. Additional Disclosures for Canadian Residents

If you are a User or data subject located in Canada, you have certain rights under the Personal Information Protection and Electronic Documents Act (“PIPEDA”).

We are an “Organization” under PIPEDA, since we may collect information from you.

Your Data Subject Rights

If you are a data subject according to PIPEDA, subject to certain conditions you have the right to:

access, rectify, modify, or erase any personal data we process about you; and
where applicable, withdraw your consent at any time for any data processing.

When we collect information from you, you may inform us if you do not wish to be contacted for marketing/market research purposes in accordance with Canadian Anti-Spam Legislation. If you do not want to receive promotional information from us or our representatives, please use the unsubscribe option in your user account or the email you received, or email us to the address in Section ”Contact Information” below to update your personal contact preferences.

For more information about how to exercise applicable legal rights, please see the section ‘How to Exercise Your Legal Rights Under Privacy Laws’ below.

12. Additional Disclosures for California Residents

All terms and phrases used under this section have the same meaning as those phrases are defined under the California Consumer Privacy Act and its implementing regulations, as amended (collectively, the “CCPA”).

If you are a California resident, the processing of certain personal information about you may be subject to the CCPA.

A. Notice at Collection

To learn more about the categories of personal information we collect about California residents, please see Information Collected About Users and Merchants above.

For more information about how we use those categories of personal information, please see How We Use Your Data above.

For more information about how we collect categories of personal information, please see How We Collect Your Data above and our Cookie Policy that can be accessed via the cookie banner (click “Your privacy choices” at the page footer).

To learn more about how we disclose categories of personal information, and the categories of third parties with whom we disclose such information, please see Categories of Personal Information Disclosed and Categories of Recipients below.

To learn more about how long we keep your information, please see Retention Periods above.

B. Categories of Personal Information Disclosed and Categories of Recipients

The following disclosure describes the categories of information that we disclose to the categories of recipients of such disclosure. For more information about the third parties we disclose information to, please see Sharing Personal Data With Third Parties above.

Service Providers. The type of data we share depends on the type of service provider. The below summary details the types of service providers and related information shared:
- Hosting and Online Services. We may disclose Identifiers, Device And Unique Identifiers, and Geolocation Data.
- Manufacturing Services. We may disclose Identifiers, Device And Unique Identifiers, and Geolocation Data.
- Email Service Providers. We may disclose Identifiers, Device And Unique Identifiers, and Geolocation Data.
- Payment Processors. We may disclose Identifiers, Device And Unique Identifiers, and Payment Information.
- Analytic and Digital Marketing Providers. We may disclose Device And Unique Identifiers and Geolocation Data.

Legal Advisors, Legal Process, and Protection. Any collected information identified in Information Collected About Users and Merchants that is reasonably required to be disclosed and does not violate any legal or contractual obligation may be disclosed in accordance with such request and/or requirement.
Affiliates. We may disclose any of the information identified in Information Collected About Users and Merchants with our Affiliates so where it is necessary for the legitimate interest including our appropriate business purposes and our Affiliates in accordance with Data Protection Laws.
Business Customers (i.e., Merchants). We may disclose Identifiers and Commercial Information.
In a Business Transfer. We may disclose any of the information identified in Information Collected About Users and Merchants in connection with a business transfer where it is necessary for the legitimate interest including our appropriate business purposes and our Affiliates.
Facilitating Requests. We may disclose or make appropriate information identified in Information Collected About Users and Merchants to facilitate your requests reasonably in accordance with the CCPA. With respect to social networking requests, categories of information shared are Identifiers, Device And Unique Identifiers, Geolocation Data, and any applicable Content associated with the request.

C. Your Legal Rights Under the CCPA

Where the CCPA applies, this section provides additional privacy disclosures and informs you of key additional rights as a California resident. We will never discriminate against you for exercising your rights, including providing a different level or quality of services or denying goods or services to you when you exercise your rights under the CCPA.

Right to Know Request. Under the CCPA, California residents have a right to request information about our collection, use, and disclosure of your personal information over the prior twelve (12) months, and ask that we provide you free of charge with the following information:

1. the categories of personal information about you that we collected;

2. the categories of sources from which the personal information was collected;

3. the purpose for collecting personal information about you;

4. the categories of third parties to whom we disclosed personal information about you and the categories of personal information that was disclosed (if applicable) and the purpose for disclosing the personal information about you; and

5. the specific pieces of personal information we collected about you.

You may make a verifiable consumer request to know your personal information twice per twelve (12) month period.

Right to Access. You have a right to access the personal information that we collected from you in accordance with the applicable law.

Right to Delete Request. Under the CCPA, you also have a right to request that we delete personal information, subject to certain exceptions.
Right To Correct. Under the CCPA, you have the right to ask us to correct, or make available a means to correct, the personal information we have collected about you, subject to certain exceptions.
Right to Opt-Out of the Sale or Sharing of Personal Information.
- Right to Opt-Out of the Sale or Sharing of Personal Information. You may request that we not sell your Personal Information. Please note, however, that CCPA defines “sale” very broadly, and includes “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California consumer’s Personal Information by the business to another business or third party for monetary or other valuable consideration.” We use services that help deliver interest-based ads to you and may transfer Personal Information to business partners for their use. We may also make available Personal Information to Merchants relating to your commercial information. These practices are considered a “sale” under the CCPA.
  
  To a certain extent you may also opt-out of the sales relating to browser based data sales by opting-out of using a universal opt-out preference signal, such as the Global Privacy Control (GPC), on your browser which will be effective in jurisdictions where recognition of GPC signal is mandatory. In all other jurisdictions universal opt out signals such as GPC will not be considered.
Right to opt-out of Automated Decision-making Technology. You may opt out of certain automated decision-making processes, subject to legal limitations and exceptions.

These rights may be limited in some circumstances. For more information about how to exercise your legal rights and limitations that may apply, please see How to Exercise Your Legal Rights Under Privacy Laws below.

D. Notice of Disclosure for a Business Purpose

To learn more about the categories of personal information we have disclosed for a business purpose, and the categories of third parties with whom we’ve disclosed such information, please see How Do We Disclose Your Information? above.

E. Notice of Sale

We sell your personal information through the use of certain third party advertising partners, as well as when we provide your personal information to Merchants. We do not share your personal information. We also don’t knowingly sell or share the personal information of any California resident who is 16 years or younger.

F. Notice of Use of Sensitive Personal Information

We do not use California resident sensitive personal information for any purpose other than is permissible under the CCPA. Specifically, we do not use sensitive personal information of California residents to derive characteristics about California residents.

F. Notice about Automated Decision-making Technology

We may use automated decision-making technologies, including algorithms, to support fraud prevention, security monitoring and analytics. These processes do not produce legal or similarly significant effects for you. You may request information about our use of automated decision-making technologies and, where applicable, to opt out of certain automated decision-making processes, subject to statutory limitations and exceptions.

G. Notice of Financial Incentives

We offer our User and Merchants certain discount opportunities that may be considered a “financial incentive” or “bona fide loyalty program” under applicable Data Protection Laws (the “Program”). Such a Program may include discounts or coupons provided when you sign up to receive such discounts or coupons, which typically requires you to provide your name and contact information (such as email address), or participation in a survey. We consider the value of your personal information to be related to the value of the discounted products or services, or other benefits that you obtain or that are provided in connection with the Program, less the expense we incur offering such opportunity.

You may withdraw from participating in a Program at any time by contacting us using the designated method set forth in the applicable Program rules. Please review any applicable terms and conditions provided in connection with such Program.

G. Contact Information

For California resident relevant contact information, please see Section “Contact Information” below.

13. Additional Disclosures for Heightened U.S. Privacy Law State Residents

Under certain Heightened U.S. state Privacy Laws applicable residents are afforded specific rights regarding the data we have collected about them. This notice describes how we collect, use, and share your Personal Data in our capacity as a “Controller” under such respective Heightened U.S. Privacy Law, and the rights that you have with respect to your Personal Data, including sensitive personal data. For purposes of this section, “Personal Data” and “sensitive data” have the meanings given in the respective Heightened U.S. Privacy Law and do not include information excluded from such respective Heightened U.S. Privacy Law’s s respective Heightened U.S. Privacy Law general, personal data is information reasonably linkable to an identifiable person.

A. Notice of Collection

To learn more about the categories of personal information we collect about you and how we use it, please see Information Collected About Users and Merchants and How We Use Your Data above. To learn more about the categories of third parties with whom we may share your personal information, please see How We Share Personal Data With Third Parties above.

In addition, we may collect and/or use additional types of information after providing notice to you and obtaining your consent to the extent such notice and consent is required by Heightened U.S. Privacy Laws.

B. Your Rights Under Heightened U.S. Privacy Laws

If you are a resident of a state with a Heightened U.S. Data Privacy Law, the processing of certain personal information about you may be subject to the respective Heightened U.S. Data Privacy Law. Where the Heightened U.S. Data Privacy Law applies, this section provides additional privacy disclosures and informs you of key additional rights as a resident of such a state. We will never discriminate against you for exercising your rights, including providing a different level or quality of services or denying goods or services to you when you exercise your rights under a Heightened U.S. Data Privacy Law.

Right to Access Information/Correct Inaccurate Personal Data. You have the right to request access to Personal Data collected about you and information regarding the purposes for which we collect it, and the third parties and service providers with whom we share it. Additionally, you have the right to correct inaccurate or incomplete Personal Data. You may submit such a request as described below. If you live in Oregon or Minnesota, you also have a right to request a list of the specific third parties to which we’ve disclosed your personal data.
Right to Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you. You may submit such a request as described below. We may have a reason under the law why we do not have to comply with your request, or why we may comply in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right To Correct. You have the right to ask us to correct, or make available a means to correct, the personal information we have collected about you, subject to certain exceptions.
Right to Opt-Out of Sale of Personal Data to Third Parties. You have the right to opt out of any sale of your Personal Data by us to third parties.
Right to Portability. You have the right to request a copy of the Personal Data that you previously provided to us as a Controller in a portable format. Our collection, use, disclosure, and sale of Personal Data are described in our Privacy Policy.
Right to Opt-In to Processing of Sensitive Data. Before we collect and process sensitive personal information, we will obtain your opt-in consent as required under applicable law.
Right to Opt-Out of Targeted Advertising. You have the right to opt-out of Targeted Advertising based on your Personal Data obtained from your activities over time and across websites or applications.
Right to Opt-Out of Profiling. You have the right to opt-out of having your Personal Data processed for the purpose of profiling in the furtherance of decisions that produce legal or similarly significant effects concerning you.
Right to Appeal. If we decline to take action on any request that you submit in connection with the rights described in the above sections, you may ask that we reconsider our response by sending an email to the address in Section ”Contact Information”. You must ask us to reconsider our decision within 45 days after we send you our decision.

C. Nevada Opt-Out Rights

If you are a Nevada resident, you have the right to submit a request directing us not to make any sale of your personal information – please send an email to us with “Nevada Opt-Out of Sale” in the subject line and in the body of your message.

14. How to Exercise Your Legal Rights Under Privacy Laws

If you are an applicable resident to whom the Data Protection Laws apply to, you may contact us to exercise your rights in accordance with the below procedures:

A. Verification Requirements

For certain requests, we may require specific information from you to help us verify your identity and process your request. Depending on your request, we will ask for information such as your name, address, phone number and account number (to the extent available) used in connection with your account or applicable purchases, and may ask for government-issued ID, or date of birth. If we are unable to verify your identity, we may deny your requests to know or delete.

B. Requests to Know, Access and Delete Information

If the Data Protection Laws apply to you, you may exercise your right to know, access or delete information through any of the following means:

Account Settings: As provided in the Your Choices in Connection with Our Services above, you can access the majority of your personal information through your account within the Services by logging in to your account.
Email Us: You may make a request by emailing us at the address in Section ”Contact Information”

C. Correction Requests

You can correct information related to your account through the following means:

Account Settings: As provided in Your Choices in Connection with Our Services above, you can access the majority of your personal information through your account within the Services by logging in to your account.
Email Us: You may make a request by emailing us at the address in Section ”Contact Information”

D. Right to Opt-Out of Sale, Profiling, and Context-Based Behavioral Advertising

You may opt-out of the sale of personal information or data by sending an e-mail to the address in Section ”Contact Information”.

If you believe that we are forwarding personal information to a third party and it is using it in a manner that exceeds such third party’s processing on our behalf as a service provider or processor (as those terms are understood under applicable law), please contact us at the address in Section ”Contact Information” so that we may look into the matter further.

E. Right to Portability

If you wish to receive your personal data in a machine-readable format, please contact us at the address in Section ”Contact Information”. We may provide you instructions on how to access your own information and download it yourself, or otherwise will work with you to provide you your personal data in accordance with applicable Data Protection Law.

If applicable Data Protection Law does not provide you with the right of portability, we may deny your request.

F. Authorized Agents

Residents of California, Colorado, and Connecticut may designate an authorized agent to submit a request on your behalf to access or delete your personal information. Use of an authorized agent must comply with the CCPA and Heightened U.S. Privacy Law as applicable, including that you must provide the authorized agent written and signed permission to submit such a request. Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf. We will still have to verify your identity directly with us in accordance with the applicable law.

G. Responding to Requests as a Controller or Covered Business

Once we receive your request, we will review it, determine whether we can verify your identity, and process the request accordingly within the timer period allowed under the applicable law. We aim to fulfill all verified requests within 45 days pursuant to the CCPA and most Heightened U.S. Privacy Laws, unless required to respond sooner. For example, if you live in Europe, we aim to respond within 30 days as required by law. If necessary, extensions as allowed under applicable law (generally for an additional 45 days) may be required and will be accompanied by an explanation for the delay.

Please note that we may charge a reasonable fee for multiple requests in the same 12-month period, as permitted by applicable law.

H. Responding to Requests as a Processor or Service Provider

If your personal data has been processed by us on behalf of a Merchant and you wish to exercise any rights you have with such personal data, please inquire with such Merchant directly.

15. Links to Third-Party Sites

Our Services may contain links to other websites or services. Please note that these links are provided for your own convenience and information, and the websites and services may operate independently from us and have their own privacy policy notices, which we strongly suggest you review.

16. Privacy Policy Changes

Any changes we make to this Privacy Policy in the future will be posted on this page. The date the Privacy Policy was last revised is identified at the top of the page. Therefore, we encourage you to check this page frequently from time to time.

17. Complaints

If you are a User that has directly used our Services and believe that we have unlawfully processed your personal data, you have the right to submit a complaint to the contact information provided below, or to your respective data protection supervisory authority. We would, however, appreciate the opportunity to address your concerns before you approach a data protection regulator, and would welcome you directing an inquiry first to us.

If you are a customer of a Merchant, please direct your concern to the relevant Merchant in the first instance.

18. Contact Information

If you wish to exercise your rights, submit complaints or appeals or have any questions about your personal data, your rights, or this Privacy Policy, please contact us by email at [email protected], or by using the contact details below:

Users outside of the European Economic Area:

Printify, Inc.
Attn: Data Protection Officer
108 West 13th Street,
Wilmington 19801, Delaware
United States

Users in the European Economic Area:

SIA “Printify Development”
Attn: Data Protection Officer
Address: Raina Bulvaris 25
Riga, LV-1050
Latvia