Privacy Policy

Latest Update: January 2023

Welcome to designstripe! We’re happy to meet you.

At DesignStripe Software Inc. (herein referred to as “designstripe”, “we”, or “us”), we understand that you want transparency about how we process your personal data. This Privacy Policy contains information about your privacy and your rights. We know there are many privacy policies to read, but we encourage you to take the time to read it before using designstripe.

This Privacy Policy applies to your use of the DesignStripe website at (the “Website”), the designstripe application (the “App”) to our use of social media, to the communications you may have with us from time to time (together, the “Services”). Under the General Data Protection Regulation (“GDPR”), designstripe is a data controller for the Services.

Should you have any concerns or inquiries regarding the processing of your personal data, do not hesitate to reach out to us! You can e-mail us at

What do we mean by personal data?

This Privacy Policy applies to personal data. We consider that “personal data” means any information which allows us to identify you directly or indirectly, including “cookies” and other electronic data. Some information may not be personal on its own but may become personal data if associated with or if the sum of the information allows us to identify you.

A “cookie” is information that a website installs on your computer’s hard drive so that the website can remember something about you at a later time. In this Privacy Policy, when we refer to “cookies” we include other technologies with similar purposes, such as pixels, tags and beacons. If you are looking for more information on cookies, you can refer to websites such as and

This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal data may not be protected as personal data under applicable laws. For instance, business contact information is excluded under some privacy laws, but is considered personal data under the GDPR.

When does this Privacy Policy not apply?

If you click through to links to third parties’ websites, applications, or services from our Services, this Privacy Policy does not apply to the processing of personal data by such external services. It is always a good idea to read the privacy policies of such third parties’ websites to understand what they do with your personal data!

What type of personal data do we collect and why?

We collect personal data to offer our Services, to perform analytics, and to process job applications. Below is a table containing the categories of personal data that we collect, along with the purpose for collection.

Depending on the jurisdiction we are in, we use different legal bases to process your personal data. In Canada, we rely on your consent. If you are in the European Union, we rely on different legal basis to justify our processing of your personal data, such as consent, the performance of a contract and our legitimate interests. These legal bases may not be valid under all jurisdictions and are only indicative. Each time consent is the legal basis, you can withdraw your consent at any time.

What cookies do we use and why?

We use cookies for our Services to function as intended, to provide functionalities on our Platform, to analyze our performance and to ensure that our Services are secure. Cookies are also useful to identify bugs and errors. We use both first-party and third-party cookies installed by partners on our Website.

We collect essential, functional and analytics cookies. These are installed by us and third parties. We install essential cookies based on our legitimate interests, as essential cookies are required to provide you with the Services. However, we only install functional and analytics cookies based on your consent.

We collect cookies that classify in each of these categories:

Do we use Google Analytics?

Yes, designstripe uses Google Analytics to view key metrics such as how many visitors view the website, and peak hours of traffic. Google Analytics is Google’s analytical tool that helps us to understand how Users engage with our Services. It uses a set of cookies to collect information and report site usage statistics without allowing us to identify individual visitors. We also track paid ads on Google Analytics.

For more information on Google Analytics, including how to opt out from certain data collection, please visit

Do we share your personal data and if so, with whom?

Yes, we share your personal data with third parties for a number of reasons including: (1) to provide you with the Services, (2) to provide IT support, (3) to process payments, (4) to send emails and communicate with you, and (5) as required by the law. We can also share your personal data in the context of a merger and acquisition, as part of bankruptcy procedures or for other corporate requirements.

To be clear, we are not data brokers, and we do not sell your personal data to third parties.

In the table below, we provide more information on the third parties we share your personal data with, and provide their privacy policies by hyperlinks.

In the case of a merger or acquisition, sale of assets, corporate reorganization, bankruptcy filing, insolvency procedures or similar circumstances, your personal data would be considered our assets and property. In these circumstances, ownership of the personal data we collected may be transferred or we may have to share some of your personal data to conclude, negotiate or discuss with third parties. We will only share what we are required to share for these specific purposes.

Where do we store your personal data?

We use in AWS, GCP, Auth0 & Mongo Atlas to store your personal data in the United States and Canada. Our service providers may process your personal data internationally, including in the United States, depending on where they are located.

If you are in the European Union, we are required to ensure that appropriate safeguards are in place prior for transferring your personal data out of the European Union. We do so through standard contractual clauses, as is the case for AWS, or through other safeguards when they are available.

How long do we retain your personal data?

We retain personal data for as long as necessary to provide you with the Services, to perform our marketing campaigns effectively or as required by applicable laws, whichever is longer. We use both persistent and session cookies. Session cookies are deleted once you close your browser, whereas persistent cookies remain active on your device for longer. For instance, Google Analytics cookies remain installed on your device for 2 years. This allows Google Analytics to track you for analytic purposes, as well as for marketing purposes, and to provide us with aggregated data on your behaviour.

How do we keep your personal data secure?

We use Google Cloud Platform and AWS to host our Services which are certified by independent auditors based on several frameworks, such as SOC 1/ISAE 3402, SOC 2, ISO 27001, ISO 27017 and ISO 27018. Our payment processor, Stripe, is certified PCI DSS Level 1.

However, securing your personal data requires teamwork. You also need to do your part, such as by keeping your credentials confidential and using secure networks, especially when you make a payment.

Can I manage my cookie preferences?

You can manage your cookie preferences through your browser. However, if you turn all cookies off, you may not have access to the same functionalities that other users have.

Click on your browser for more information:

What are my rights with regard to my personal data?

The law provides you with rights over your personal data. Your rights vary depending on the laws that apply to your situation, and the specific circumstances of the request. designstripe acknowledges the right of individuals to access their personal data. Upon request to, we will provide you with confirmation as to whether we are processing your personal data, and have the data communicated to you within a reasonable amount of time. Your rights differ depending on where you are located in the world.

In most locations, you have the right to correct, amend or delete your personal data where it is inaccurate or has been processed in violation of this Privacy Policy.

In the European Union, you may also benefit from these additional rights:

  • The right to revoke your consent when processing is based on consent.
  • The right to object to the processing of your personal data.
  • The right to restrict the processing of your personal data.
  • The right to data portability, which means that your personal data is provided to you or a third party in normal format to allow you to re-use them, including with another provider.
  • The right to have automated decisions being reviewed by a human in some cases, and some rights over profiling.

If you would like to learn more about these rights, please click here for a more detailed explanation. All of these rights are subject to limitations within the law, so if we cannot comply, we will respond to you and let you know why.

If you want to exercise one of these rights and the situation allows for such exercise, you can contact us at

We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or wish for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.

For security reasons and to avoid any fraudulent request, we may require that you provide proof of identity with your request. We will not use such personal data for any other purposes.

We will respond to your request within thirty (30) days, unless agreed otherwise. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision.

If you are in the European Union, you can contact your local data protection authority. The list of data protection authorities can be found here.

The Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:


9:00 am to 4:00 pm EST

Toll-free: 1-800-282-1376

Mailing address

Office of the Privacy Commissioner

30 Victoria Street

Gatineau, Québec

K1A 1H3f

You can also use this online form.

If you have any issue with how we process your personal data, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.

If you are still not satisfied, you can lodge a complaint with the Office of the Privacy Commissioner of Canada using this online form, or to your local privacy regulators, or if you are in the European Union, with your local data protection authority.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. When material changes are made to this Privacy Policy, Customers will be notified through the contact email given to us at least two (2) weeks prior to modifications taking effect. Questions about the new Privacy Policy should be addressed to