1. Who are we?
Canvafilo is an online design tool offered by AmoxAI. You can reach us at info@canvafilo.com.
2. What data do we collect?
When creating an account or using Canvafilo, we collect the following data:
- Email address — for your account and communication about your subscription
- Password — stored encrypted via Supabase Auth
- Design projects — your canvases and elements, stored in our database
- Payment data — processed by Mollie. We do not store full payment details
- Usage data — anonymous statistics about app usage (no personal data)
3. Why do we process your data?
- To create and manage your account
- To save and sync your designs
- To process your subscription and send invoices
- To inform you of changes to the service
- To improve the service based on usage
4. Legal basis for processing
We process your data on the following grounds (GDPR):
- Performance of contract — to deliver the service
- Legitimate interest — for anonymous usage statistics and fraud prevention
- Legal obligation — for retaining payment records
5. How long do we retain your data?
- Account data is retained as long as you have an account
- After deleting your account, your data is removed within 30 days
- Payment data is retained for 7 years in accordance with tax law
6. Sharing with third parties
We share your data only with the following parties, which are necessary for delivering the service:
- Supabase (auth & database) — privacy policy
- Mollie (payments) — privacy policy
- Vercel (hosting) — privacy policy
We never sell your data to third parties and do not use it for advertising purposes.
7. Cookies
Canvafilo uses only functional cookies that are necessary for the service to work (session cookies for login status). We do not place tracking or advertising cookies.
8. Your rights (GDPR)
Under the GDPR you have the following rights:
- Access — you can request which data we hold about you
- Correction — you can have inaccurate data corrected
- Erasure — you can request your data to be deleted
- Data portability — you can request your data in a readable format
- Objection — you can object to processing based on legitimate interest
Send an email to info@canvafilo.com. We respond within 30 days.
9. Security
We take appropriate technical and organisational measures to protect your data: encrypted connections (HTTPS), encrypted passwords, and restricted access to our systems.
10. Complaints
If you have a complaint about the processing of your personal data, you can report it to the relevant data protection authority in your country.
11. Changes
This privacy policy may be updated. For significant changes we will send you an email. The most recent version is always available at canvafilo.com/privacy.