Privacy Policy

1 Privacy Overview

Template Bundle ("we," "us," or "our") operates templatebundle.com and provides digital productivity templates. This Privacy Policy describes how we handle your personal information when you use our services.

🌟 What We Promise:

✅ Transparent data practices
✅ Minimal data collection
✅ Strong security measures
✅ Respect for your rights
✅ No selling to third parties

📍 Key Information:

Data Controller: Template Bundle LLC
Contact: privacy@templatebundle.com
Location: United States
Last Updated: September 15, 2025

2 Information We Collect

We collect only the information necessary to provide our services effectively and securely.

👤 Personal Information You Provide:

Account Information

• Full name
• Email address
• Password (encrypted)
• Profile preferences

Payment Information

• Billing address
• Payment method details
• Transaction history
• Invoicing information

Communication Data

• Support messages
• Feedback and reviews
• Survey responses
• Marketing preferences

Optional Information

• Company name
• Job title
• Phone number
• Profile photo

🤖 Information We Collect Automatically:

Technical Data

• IP address
• Browser type
• Device information
• Operating system

Usage Data

• Pages visited
• Time spent on site
• Click patterns
• Download activity

Location Data

• General location (city/country)
• Time zone
• Language preferences
• Regional settings

3 How We Use Your Data

We use your information for legitimate business purposes that benefit both you and our service.

🎯 Primary Service Purposes:

Service Delivery

• Processing payments and orders
• Delivering digital templates
• Managing your account
• Providing customer support

Security & Legal

• Preventing fraud and abuse
• Ensuring platform security
• Complying with legal obligations
• Resolving disputes

📈 Service Improvement (With Your Consent):

Analytics & Optimization

• Understanding user preferences
• Improving template designs
• Optimizing website performance
• Creating better user experiences

Communication (Optional)

• Sending product updates
• Sharing new template releases
• Providing helpful tips
• Offering special promotions

✅ Legal Basis for Processing:

We process your data based on:

• Contract: To provide services you've purchased
• Consent: When you opt-in for marketing communications
• Legitimate Interest: For security, analytics, and service improvement
• Legal Obligation: To comply with applicable laws

4 Information Sharing & Disclosure

🚫 What We DON'T Do:

We NEVER sell, rent, or trade your personal information to third parties for their marketing purposes.

When We May Share Information:

🔧 Service Providers (Necessary for Operations):

Payment Processing

• Stripe (payment processing)
• PayPal (payment processing)
• Tax calculation services
• Fraud prevention services

Service Delivery

• Email service providers
• Cloud storage services
• Analytics platforms
• Customer support tools

All service providers are contractually bound to protect your information and use it only for specified purposes.

⚖️ Legal Requirements:

We may disclose information when legally required or to protect rights:

• In response to valid legal process (subpoenas, court orders)
• To comply with applicable laws and regulations
• To protect our rights, property, or safety
• To protect users from harm or illegal activities
• In connection with business transactions (mergers, acquisitions)

✅ With Your Explicit Consent:

We may share information in other circumstances only with your explicit consent, such as:

• Featuring your work in our marketing (with permission)
• Participating in partner programs you've opted into
• Sharing testimonials or case studies (anonymized or with consent)

5 Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience and understand how our service is used.

🍪 Types of Cookies We Use:

Essential Cookies (Required)

Authentication, security, basic functionality

Performance Cookies (Optional)

Analytics, error tracking, performance monitoring

Functional Cookies (Optional)

Preferences, language, personalization

Marketing Cookies (Optional)

Targeted advertising, social media integration

🎛️ Your Cookie Controls:

• Browser Settings: Control cookies through your browser
• Opt-Out Links: Direct opt-out from analytics providers
• Cookie Banner: Manage preferences on first visit
• Account Settings: Adjust marketing preferences

🔍 Third-Party Analytics:

Google Analytics

Website traffic and user behavior analysis

Opt-out →

Hotjar

User experience and heatmap analysis

Opt-out →

Facebook Pixel

Advertising effectiveness measurement

Manage →

6 Data Security & Protection

🛡️ Our Security Commitment:

We implement industry-leading security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

🔐 Technical Safeguards:

• SSL/TLS Encryption: All data transmissions encrypted
• Data Encryption: Sensitive data encrypted at rest
• Secure Servers: Protected server infrastructure
• Regular Updates: Security patches and updates
• Access Controls: Limited employee access
• Monitoring: 24/7 security monitoring

🏢 Organizational Measures:

• Privacy Training: Regular staff training
• Access Logs: All access monitored and logged
• Background Checks: Vetted personnel only
• Incident Response: Rapid breach response plan
• Regular Audits: Internal and external audits
• Data Minimization: Collect only necessary data

⚠️ Your Security Responsibilities:

• Use strong, unique passwords for your account
• Enable two-factor authentication when available
• Keep your browser and software updated
• Never share your login credentials
• Report suspicious activities immediately
• Log out from shared or public computers

🚨 Data Breach Notification:

In the unlikely event of a data breach that may affect your personal information, we will:

• Notify you within 72 hours of discovery
• Provide clear information about what happened
• Explain what data may have been affected
• Outline steps we're taking to address the breach
• Provide recommendations for protecting yourself

7 Your Privacy Rights

✊ Your Rights Under GDPR & Other Privacy Laws:

You have significant rights regarding your personal data. We make it easy to exercise these rights.

📥 Access & Portability Rights:

Right to Access

Request a copy of all personal data we hold about you

Data Portability

Receive your data in a machine-readable format

✏️ Correction & Deletion Rights:

Right to Rectification

Correct or update inaccurate personal information

Right to Erasure

Request deletion of your personal data ("Right to be Forgotten")

🎛️ Control Rights:

Right to Restrict

Limit how we process your personal data

Right to Object

Object to processing for direct marketing or legitimate interests

⚙️ Manage Preferences

⚖️ Legal Rights:

Right to Complain

File a complaint with your local data protection authority

Right to Withdraw Consent

Withdraw consent for processing at any time

📞 Contact Privacy Team

⏱️ Response Times:

We respond to privacy rights requests promptly:

• Standard Requests: Within 30 days (GDPR requirement)
• Complex Requests: Up to 60 days (with notification)
• Urgent Requests: Within 72 hours when possible
• Acknowledgment: Within 24 hours of receipt

8 Data Retention Periods

We retain personal data only as long as necessary for legitimate business purposes or as required by law.

📅 Retention Periods:

Account Data

Until account deletion + 30 days

Transaction Records

7 years (tax and legal requirements)

Support Communications

3 years after resolution

Marketing Data

Until opt-out + 30 days

Analytics Data

26 months (anonymized)

🔄 Deletion Process:

Automatic Deletion

Data automatically removed when retention period expires

Secure Erasure

Data securely overwritten and cannot be recovered

Backup Removal

Data removed from all backup systems within 90 days

Third-Party Deletion

Ensure service providers also delete data

⚠️ Legal Hold Exceptions:

Data retention may be extended when required for:

• Legal proceedings or investigations
• Regulatory compliance requirements
• Fraud prevention and security
• Debt collection or dispute resolution

We will notify you if your data retention is extended for legal reasons.

9 International Data Transfers

Our services are primarily operated from the United States. Your data may be processed in countries outside your residence.

🌍 Transfer Safeguards:

When we transfer data internationally, we ensure adequate protection through:

• Adequacy Decisions: Transfers to countries deemed adequate by regulators
• Standard Contractual Clauses: EU-approved data transfer contracts
• Certification Programs: Privacy Shield successors and similar frameworks
• Binding Corporate Rules: Internal privacy rules for multinational companies
• Your Consent: Explicit consent for specific transfers when required

🏢 Primary Locations:

• United States: Primary servers and operations
• European Union: EU customer data processing
• Canada: Backup and disaster recovery
• Australia: Regional support services

🔒 Transfer Protections:

• End-to-end encryption during transfer
• Contractual data protection obligations
• Regular compliance audits
• Local data residency options (enterprise)

10 Children's Privacy (COPPA Compliance)

👶 Age Restrictions:

Our services are not intended for children under 13 years of age (16 in EU).

We do not knowingly collect, use, or share personal information from children under these age limits without verifiable parental consent.

🚫 If We Discover Child Data:

• Immediately suspend the account
• Delete all collected personal information
• Contact parents/guardians if possible
• Prevent future data collection
• Report to authorities if required

👨‍👩‍👧‍👦 For Parents:

• Monitor your child's online activities
• Contact us if you discover unauthorized use
• Request deletion of child's data
• Use parental control software
• Educate about online privacy

👨‍👩‍👧‍👦 Report Child Account

📚 Educational Use:

For educational institutions using our templates in classrooms:

• Teachers must have appropriate permissions and supervision
• No personal data should be collected from students
• Institutional accounts should be used, not individual student accounts
• Contact us for educational licensing options

11 California Privacy Rights (CCPA/CPRA)

🌟 California Consumer Rights:

If you're a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

🏛️ Your CCPA Rights:

Right to Know

• Categories of personal information collected
• Sources of personal information
• Business purposes for collection
• Categories of third parties we share with

Right to Delete

• Request deletion of personal information
• Some exceptions may apply (legal obligations)
• We'll notify third parties to delete too
• Confirmation of deletion provided

Right to Opt-Out

• Opt-out of "sale" of personal information
• Opt-out of targeted advertising
• Limit use of sensitive personal information

Right to Non-Discrimination

• No denial of service for exercising rights
• No different prices or service levels
• No retaliation for requests

📊 Personal Information Categories We Collect:

Categories A-F:

• A: Identifiers (name, email, IP address)
• B: Personal records (payment info)
• C: Protected classifications (age, if provided)
• D: Commercial information (purchase history)
• E: Biometric information (not collected)
• F: Internet activity (browsing, usage)

Categories G-K:

• G: Geolocation data (general location)
• H: Sensory data (not collected)
• I: Professional info (if provided)
• J: Education info (not collected)
• K: Inferences (preferences, analytics)

📝 How to Exercise Your Rights:

📞 Contact California Privacy Team

🔍 Do Not Sell My Personal Information:

Important: We do not "sell" personal information as traditionally understood. However, some data sharing for advertising purposes may be considered a "sale" under CCPA.

✅ Currently Opted Out

12 Privacy Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

📢 How We Notify You:

• Email Notification: Significant changes sent to your email
• Website Banner: Prominent notice on our website
• Account Dashboard: Notification in your user account
• Version Dating: "Last Updated" date at the top of policy

⏰ Notice Periods:

• Material Changes: 30 days advance notice
• Minor Updates: Notice upon next visit
• Legal Requirements: Immediate if legally required
• Emergency Changes: As soon as reasonably possible

📋 Your Options When We Update:

• Continue Using: Continued use means acceptance of new terms
• Request Clarification: Contact us with questions about changes
• Exercise Rights: Use data deletion or other rights if you disagree
• Stop Using Service: Discontinue use if you don't accept changes

📅 Recent Updates:

• September 15, 2025: Initial privacy policy version
• Future updates will be listed here

13 Privacy Contact Information

We're committed to addressing your privacy concerns promptly and transparently.

📧 Privacy Team Contact:

Email (Primary)

privacy@templatebundle.com

Response within 24 hours

Phone (Urgent)

+1 (555) 123-4567

Available 9 AM - 6 PM EST

Live Chat

Available on our website

Instant privacy support

🏢 Business Information:

Company Name

Template Bundle LLC

Mailing Address

123 Privacy Street
Suite 456
San Francisco, CA 94102
United States

Data Protection Officer

dpo@templatebundle.com

🌍 Regional Privacy Contacts:

European Union

eu-privacy@templatebundle.com

GDPR specialist team

California/US

ccpa@templatebundle.com

CCPA/CPRA specialist

Other Regions

global-privacy@templatebundle.com

International privacy team

📞 Contact Privacy Team

📋 Quick Navigation

🛠️ Privacy Tools

Privacy Policy

Our Commitment to Your Privacy

1 Privacy Overview

🌟 What We Promise:

📍 Key Information:

2 Information We Collect

👤 Personal Information You Provide:

Account Information

Payment Information

Communication Data

Optional Information

🤖 Information We Collect Automatically:

Technical Data

Usage Data

Location Data

3 How We Use Your Data

🎯 Primary Service Purposes:

Service Delivery

Security & Legal

📈 Service Improvement (With Your Consent):

Analytics & Optimization

Communication (Optional)

✅ Legal Basis for Processing:

4 Information Sharing & Disclosure

🚫 What We DON'T Do:

When We May Share Information:

🔧 Service Providers (Necessary for Operations):

Payment Processing

Service Delivery

⚖️ Legal Requirements:

✅ With Your Explicit Consent:

5 Cookies & Tracking Technologies

🍪 Types of Cookies We Use:

Essential Cookies (Required)

Performance Cookies (Optional)

Functional Cookies (Optional)

Marketing Cookies (Optional)

🎛️ Your Cookie Controls:

🔍 Third-Party Analytics:

Google Analytics

Hotjar

Facebook Pixel

6 Data Security & Protection

🛡️ Our Security Commitment:

🔐 Technical Safeguards:

🏢 Organizational Measures:

⚠️ Your Security Responsibilities:

🚨 Data Breach Notification:

7 Your Privacy Rights

✊ Your Rights Under GDPR & Other Privacy Laws:

📥 Access & Portability Rights:

Right to Access

Data Portability

✏️ Correction & Deletion Rights:

Right to Rectification

Right to Erasure

🎛️ Control Rights:

Right to Restrict

Right to Object

⚖️ Legal Rights:

Right to Complain

Right to Withdraw Consent

⏱️ Response Times:

8 Data Retention Periods

📅 Retention Periods:

Account Data

Transaction Records

Support Communications

Marketing Data

Analytics Data

🔄 Deletion Process:

Automatic Deletion

Secure Erasure

Backup Removal

Third-Party Deletion

⚠️ Legal Hold Exceptions:

9 International Data Transfers