Privacy Policy

This Privacy Policy explains how MoldMaker Inc. ("MoldMaker", "we", "us") collects, uses, and protects your personal data when you use our website, Blender add-on, and cloud SaaS platform (the "Service").

1. What We Collect

Account data

When you register: your name, email address, and a hashed password. If you sign in via Google or GitHub OAuth, we receive your public profile information from that provider.

Billing data

Payment details are collected and stored by our payment processor (Stripe, Inc.). We receive only non-sensitive metadata such as subscription status, plan tier, and last-4 card digits.

Uploaded content

3D model files you upload, the mold outputs generated from them, and the parameters you configure. These are processed to provide the Service and stored for the duration of your retention setting.

Usage data

Aggregate metrics such as job counts, processing times, model size ranges, success and failure rates. This data is anonymized before use for system improvement purposes.

Communications

Emails and messages you send to our support team.

Blender add-on (local mode)

When using the add-on in fully local mode, no personal data is transmitted to our servers. Optional anonymous telemetry (crash reports, usage counts) is sent only if you have explicitly opted in within the add-on preferences.

2. How We Use Your Data

• To provide and maintain the Service (process your jobs, deliver outputs, manage your account).
• To send transactional communications (job completion, billing receipts, security alerts).
• To send marketing emails and product updates, which you may unsubscribe from at any time.
• To detect and prevent fraud, abuse, and security threats.
• To improve the Service using aggregated, anonymized analytics.

3. Legal Bases (EU/EEA Users)

• Contract performance: Processing necessary to provide the Service you've subscribed to.
• Legitimate interests: Security, fraud prevention, system improvement using anonymized data.
• Consent: Marketing emails, non-essential cookies, and optional telemetry.
• Legal obligation: Retaining billing records as required by applicable law.

4. Data Sharing

We do not sell your personal data. We share data with:

• Infrastructure providers: Cloud hosting (AWS), object storage, CDN.
• Payment processor: Stripe, Inc. (governed by Stripe's Privacy Policy).
• Email delivery: Transactional email provider for notifications.
• Analytics: Aggregated, anonymized usage metrics only — no raw personal data.

All third-party processors are bound by data processing agreements with appropriate safeguards.

5. Data Retention

Account data: Retained while your account is active, plus up to 7 years for billing and legal compliance, then deleted.

Uploaded models and outputs: Deleted automatically per your plan's retention setting (default 30 days on Free, 90 days on Creator, configurable on Studio). You may delete files manually at any time from your account.

Anonymized metrics: Retained indefinitely in aggregated form.

6. Security

Data is encrypted in transit using TLS 1.2+. Storage at rest uses AES-256 encryption. Access is controlled on a need-to-know basis. We perform regular security reviews. No system is perfectly secure; we encourage you to use a strong, unique password.

7. Your Rights

Subject to applicable law, you may:

• Access a copy of the personal data we hold about you.
• Correct inaccurate data via your account settings or by contacting us.
• Delete your account and associated data (subject to legal retention requirements).
• Download your uploaded models and generated outputs from your account.
• Object or restrict certain processing, including marketing communications.
• Lodge a complaint with your local data protection authority.

Submit privacy requests to privacy@moldmaker.io. We respond within 30 days.

8. International Transfers

MoldMaker processes data in the United States. If you are located in the EU/EEA/UK, transfers are covered by Standard Contractual Clauses (SCCs) or other appropriate safeguards as required by GDPR.

9. Children

The Service is not directed to children under 13. If we discover we have collected personal data from a child under 13 without verifiable parental consent, we will delete it promptly. Contact privacy@moldmaker.io to report such cases.

10. Changes to This Policy

We may update this Privacy Policy. Material changes will be communicated by email or prominent in-app notice. The "Last updated" date at the top reflects the most recent revision.