Privacy Policy

Who we are

Our website address is:

Effective: 24th of May 2018

Version: 1.1 Country: United Kingdom Privacy Policy Coffeestain – Kats Card Creations/Affordable Wedding/Affordable Candles

Below you will find information on how we use your personal data, for which purposes your personal data is used, with whom it is shared and what control and information rights you may have.

Kats Card Creations is our product line for These includes our digital designs ZIP packs, texture pdf packs and quote ZIP packs as well as future developments in the field of design (collectively “Devices”). The designs are supported by Coffeestain Services (collectively “Services”).

Summary of Our Processing Activities When you use our Designs and/or the Services we collect personal data. Personal data is any information relating to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, or an online identifier.

In this section we will summarize how we collect data and what we do with it. You will find more detailed information under the indicated sections below. When you use the Design without setting up an account, no personal data will be processed. Please note that without account registration the use of our Services will be very limited. In case you register a user account for one of our Services (“Kats Card Creations Account”), personal data will be processed in order to deliver such services.

Your personal data make be disclosed to third parties that are located outside your country of residence; potentially, different data protection standards may apply; such as payment services. We have implemented appropriate safeguards to secure your personal data and retain your personal data only as long as necessary.

Processing Activities Kats Card Creations Account Registration and Delivery of Services. In addition to the above, with regard to the registration of a Kats Card Creations Account and its subsequent use, we process: Information (such as your name, user name and email address) that is provided by registration; Information in connection with an account sign-in facility (e.g. log-in and password details); Communications sent by you (e.g. via e-mail or website communication forms); Device data (e.g. Device ID, MAC address, IP address)

Location data Website/Design/Service usage (e.g. Website login Success/Failure. Designs download Times/Formats/License Information); Payment information. The information which is necessary for the performance of the service is labelled accordingly. All further information is provided voluntarily.

We will process the personal data you provide to: identify you at sign-in; provide you with the Services and information which you request; administer your Kats Card Creations Account; communicate with you; For this, the legal basis is Art. 6 (1) b) GDPR. Your personal data is, in the absence of exceptions within the specific services mentioned below, retained for as long as your Kats Card Creations Account is used.

After deletion of your account, your personal data will be erased without undue delay. Statutory storage obligations or the need for legal actions that may arise from misconduct within the Services or payment problems can lead to a longer retention of your personal data. In this case, we will inform you accordingly.

Improvement of Our Designs/Services We further might use your personal data in order to improve our Designs/Services. This might include all data under Section Kats Card Creations Account Registration and Delivery of Services above. Your personal data will be anonymized where possible. For this, the legal basis is Art. 6 (1) f) GDPR.

Our legitimate interest pursued is the state of the art development of our products in order to ensure safety and remain competitive. Your personal data will be stored, for as long as this is necessary for the development of a respective improvement.

Once completed your personal data will be deleted immediately. Cookies The Services use cookies in several cases.

Cookies serve to make our offer more user-friendly, more effective, and safer. Cookies are small text files that are stored on your computer. This data does not contain information that we could allocate to a natural person. Cookies do not harm your computer and do not contain any viruses. You can prevent the use of cookies by adjusting your browser settings. Please note that in this case you may not be able to fully utilize all functions of this website. We use cookies in order to enhance your customer experience.

Legal basis for this is Art. 6 (1) f) GDPR. Our legitimate interest pursued is the sale of further products and/or services to you. Recipients of your Personal Data We may transfer your personal data to third-parties, if this is required for the fulfilment of the Services.

This is in particular the case, if third-party services form part of our Services. For the processing of your credit card and billing information your personal data is transferred to PayPal’s corporate headquarter, located in the North San Jose Innovation District of San Jose, California, at North First Street campus.

We further may engage third-party companies including companies from our corporate family and other individuals to perform services on our behalf (e.g., without limitation, software maintenance services, e-mail service providers, delivery services, database management, web analytics). These third parties may have access to your personal information. If they do, this access is provided so that they may perform these tasks on our behalf and they are not authorized by us to otherwise use or disclose your personal information, except to the extent required by law.

Other than that, your personal data is only shared with your prior consent (e.g. paypal, registrations, subscriptions, payments). Third-Party Services Our Services and Devices can be used in combination with third-party services. We have no influence on the processing of personal data by such third-parties. For more information on the processing of your personal data, please confer their respective privacy policies.

Cross-Border Data Transfers Your personal data will be transferred to other countries (including countries within the EEA) which may have different data protection standards than your country of residence.

Please note, that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures (e.g. conclusion of EU SCCs or selection of Privacy Shield certified service providers) to keep up an adequate level of data protection also when sharing your personal data with such countries.

When using the Services your personal data (incl. any video footage) will be transferred into and stored in the UK. The transfer is necessary for the performance of the contract and delivery of the Services by Coffeestain (Art. 6 (1) b), 49 (1) b) GDPR. Security We have implemented measures, including encryption and SSL technology, designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.

Your account’s privacy and security is protected by your password. In order to prevent unauthorized access to your account and personal information, you should select a strong password and protect it by limiting access to your computer, device, browser or application and by signing off after you have finished accessing your account.

If you use a third-party service to sign into your account, you should protect that account accordingly as well. While we strive to always protect the privacy of your account and personal information in our records, we cannot always guarantee it will be completely secure.

The security of your personal information may be compromised by unauthorized entry, unauthorized use, hardware failure, software failure, and other factors at any time. Data Retention We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this Policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.

Your Rights You may receive information about your personal data that we store at any time, free of charge. You do not need to give reasons. If personal data is inaccurate or no longer needed, you can also block, correct or delete such personal data.

In case the processing of your data is based on Art. 6 GDPR (Legitimate Interest, cf. above) for example in regard to direct marketing purposes, you have the right to object to the processing of your personal data. If the statutory requirements are met, you can also exercise your rights to restrict the processing and data transferability of your personal data.

Contact If you have any questions that this policy could not answer, or if you require further information on a particular point, please do not hesitate to contact us at any time. You can reach us via email