Data Protection Policy

Effective Date: Jan. 1st 2025
Last Updated: Jan. 27th 2025

At MiniMaker.ai (“we,” “our,” or “us”), we are committed to safeguarding the personal data of our users in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws. This Data Protection Policy outlines our principles and practices for processing, storing, and protecting personal data.

1. Purpose

This policy ensures that MiniMaker.ai:
1.1. Complies with data protection laws and follows good practices.
1.2. Protects the rights of users and other stakeholders.
1.3. Is transparent about how personal data is collected, used, and stored.
1.4. Mitigates the risk of data breaches and improper handling of data.

2. Scope

This policy applies to:
2.1. All personal data processed by MiniMaker.ai, including but not limited to user accounts, uploaded content, and usage data.
2.2. Employees, contractors, and third-party service providers who process data on behalf of MiniMaker.ai.

3. Key Principles

We adhere to the following data protection principles:

3.1. Lawfulness, Fairness, and Transparency

  • Personal data will be processed lawfully, fairly, and in a transparent manner.

3.2. Purpose Limitation

  • Data will only be collected for specified, explicit, and legitimate purposes and not processed further in a manner incompatible with those purposes.

3.3. Data Minimization

  • We collect only the data that is necessary for the specified purposes.

3.4. Accuracy

  • We ensure that personal data is accurate and kept up to date.

3.5. Storage Limitation

  • Data will not be kept for longer than necessary for the purposes for which it was collected.

3.6. Integrity and Confidentiality

  • Data will be processed securely to protect against unauthorized access, loss, or damage.

4. Data We Collect

4.1. Personal Data:

  • User information, including name, email address, and username.
  • Uploaded images and generated 3D models.

4.2. Non-Personal Data:

  • Anonymized usage data for analytics and performance monitoring.

5. Data Security

5.1. Technical and organizational measures are in place to protect data, including:

  • Encryption of sensitive data during storage and transmission.
  • Secure access controls for servers and systems.
  • Regular security audits and vulnerability assessments.

5.2. Employees and contractors are trained in data protection best practices.

6. Data Subject Rights

Under GDPR, users have the following rights:
6.1. Access: To request a copy of the personal data we hold about them.
6.2. Correction: To correct any inaccuracies in their data.
6.3. Erasure: To request deletion of their data where applicable.
6.4. Restriction: To limit the processing of their data in certain circumstances.
6.5. Data Portability: To receive their data in a structured, machine-readable format.
6.6. Objection: To object to data processing for specific purposes.

Requests can be made by contacting us at privacy@minimaker.ai.

7. Third-Party Data Sharing

7.1. Data shared with third-party service providers (e.g., analytics providers) is governed by strict data protection agreements.
7.2. We ensure that third parties comply with GDPR principles.
7.3. Shared data is anonymized wherever possible.

8. Data Breach Policy

8.1. In the event of a data breach:

  • We will notify affected users without undue delay if their rights and freedoms are at risk.
  • Affected users will be informed of the nature of the breach, potential risks, and mitigation measures.

8.2. We will report breaches to relevant authorities within 72 hours where required.

9. Retention Policy

9.1. Personal data is retained only as long as necessary for the purposes for which it was collected, unless required by law to retain it longer.
9.2. Uploaded content (e.g., images and generated models) may be retained indefinitely for training and marketing purposes, subject to anonymization.

10. International Data Transfers

10.1. All data is stored on secure servers within the European Union (EU).
10.2. Data will not be transferred outside the EU unless appropriate safeguards are in place, such as standard contractual clauses.

11. Responsibilities

11.1. MiniMaker is responsible for ensuring that all processing activities comply with this policy and relevant data protection laws.
11.2. Employees and contractors who process data must adhere to this policy.

12. Policy Updates

We reserve the right to update this policy as necessary to comply with changes in the law or our business operations. Significant changes will be communicated to users.

13. Contact Information

For questions, concerns, or requests related to data protection, contact us at:
Email: privacy@minimaker.ai