Skip to main content

Account Portal Privacy Policy

LAST UPDATED: APRIL 16, 2026

warning

If you link your Pawprint Press Official Store account to your account.pawprint.press account, the Portal will retrieve and cache personal and order data from the Official Store. The Official Store's own collection of that data remains governed by the Official Store Privacy Policy.

Please also read the Machine Learning and AI Training and Your Rights sections below. They describe how we do (and do not) use your data and the rights you have over it.

Introduction

This Privacy Policy explains how account.pawprint.press (the "Portal") collects, uses, shares, and protects your personal information. It applies to all users of the Portal, wherever you reside. Please also read our Terms of Service.

Data Controller and Contacts

Pawprint Press, operated by PROJECT PRESS INC. ("we," "us," or "our"), operates the Portal and is the data controller (or, in some jurisdictions, the "business," "personal information handler," or "person responsible") for personal information processed through the Portal.

PurposeContact
General privacy questions and to exercise your rightscontact@pawprint.press
Mailing addressPROJECT PRESS INC., 1801 Flower Ave, STE F1, Duarte, California 91010, United States of America
EU/EEA representative (GDPR Art. 27)To be appointed. We will update this section once our representative in the European Union is designated.
UK representative (UK GDPR Art. 27)To be appointed. We will update this section once our representative in the United Kingdom is designated.

Information We Collect

CategoryWhen It's CollectedWhat It IncludesStored?
Account credentialsWhen you register, update your account, or sign inEmail address (also used as your sign-in identifier), short-lived magic sign-in link tokens, session tokens, account preferencesYes — magic sign-in link tokens are single-use and expire within minutes; session tokens persist only for the duration of your session
Profile informationWhen you fill in your profileName, shipping/billing address, phone numberYes
Product registration dataWhen you register a productProduct identifier, serial or batch number, purchase date, retailer, and any proof-of-purchase files you uploadYes
Support ticket contentWhen you submit a ticket or reply to our teamSubject, message body, attachments, ticket metadataYes
Linked Official Store dataWhen you link your Pawprint Press Official Store accountShopify customer ID, name, email, shipping/billing address, phone number, order history, and loyalty/store-credit balances (where applicable)Yes — retrieved from the Official Store via Shopify APIs and cached in your Portal account
Device & usage informationWhen you access the PortalIP address, browser type and version, operating system, time zone, pages viewed, referring page, timestampsYes — used for security, fraud prevention, and service analytics
Authentication eventsEach time you sign in or perform a security-sensitive actionTimestamps, IP address, device fingerprint, outcome (success/failure)Yes — retained for security and abuse detection

Sensitive Personal Information

Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), and under comparable laws in other jurisdictions, certain categories of personal information are treated as "Sensitive Personal Information." The only Sensitive Personal Information we collect in the routine operation of the Portal is the combination of your email address with the short-lived magic sign-in link token or session token that allows access to your account. We use passwordless sign-in, so we do not collect or store passwords. We collect and use this information solely to authenticate you and to keep your account secure.

We do not use Sensitive Personal Information for any purpose other than those permitted by Cal. Civ. Code § 1798.121(a) — namely, to provide you the Service you request, to prevent fraud and security incidents, to ensure the physical safety of individuals, and to comply with legal obligations. Because we limit our use of Sensitive Personal Information to these permitted purposes, your CCPA/CPRA right to limit the use and disclosure of Sensitive Personal Information is not triggered by our practices, but you may contact us at any time to confirm this in writing.

User Content you voluntarily upload (for example, files attached to a support ticket) may occasionally contain Sensitive Personal Information. We do not solicit such information and will process it only to the extent necessary to respond to your request.

How We Use Your Information

We use the information we collect to:

  • create, operate, and secure your Portal account;
  • authenticate you and protect the Portal against fraud and abuse;
  • record your product registrations and make them available to you;
  • receive, route, and respond to your support tickets;
  • retrieve your customer profile and order history from the Pawprint Press Official Store when you authorize the linkage, and associate that information with your Portal account;
  • send you transactional emails (magic sign-in links, account verification, security alerts, ticket updates, and similar service messages);
  • diagnose technical issues, measure performance, and improve the reliability and quality of the Portal;
  • comply with our legal obligations and enforce our Terms of Service.

We do not:

  • sell your personal information (as "sale" is defined under the CCPA/CPRA or any analogous US state or international law);
  • share your personal information for cross-context behavioral advertising (as "share" is defined under the CCPA/CPRA);
  • use your Portal data for targeted advertising, behavioral advertising, or profiling for advertising purposes;
  • use your Portal data to train generative artificial-intelligence or machine-learning models (see Machine Learning and AI Training below).

Machine Learning and AI Training

We know that how your data might be used to train artificial-intelligence systems is a growing concern. We want to be clear about our practices:

  • We do not use your Portal data — including your account information, product registrations, support tickets, uploaded files, or usage data — to train any generative artificial-intelligence or machine-learning model, whether developed by us or by any third party.
  • We do not sell, share, license, or otherwise make your Portal data available to any third party for the purpose of training artificial-intelligence or machine-learning models.
  • If we introduce any feature that uses artificial intelligence to process your Portal data (for example, an AI-assisted customer-service agent), we will update this Privacy Policy to describe what data is involved, how it is used, and what choices you have, before that feature is enabled for you. Where required by applicable law — including California's AB 2013, which takes effect on January 1, 2026 — we will provide the specific disclosures that law requires.

Any use of the separately-branded "Pawel AI" assistant is governed by the Pawel AI Privacy Policy, which applies only when and to the extent you choose to interact with Pawel AI.

Automated Decision-Making and Profiling

We do not engage in fully automated decision-making that produces legal or similarly significant effects on you, and we do not engage in profiling for the purposes of targeted advertising, credit, employment, housing, insurance, or access to essential services.

We do use limited automated mechanisms to protect the Portal and its users:

  • Rate limiting of IP addresses, device fingerprints, or accounts associated with repeated failed sign-in attempts or abusive requests. This persists for a limited number of hours.
  • Step-up authentication that may temporarily require additional verification when we detect unusual sign-in patterns.

These measures are strictly defensive, are applied uniformly, and do not produce legal or similarly significant effects on you. You may contact us if you believe one of these automated mechanisms has been applied to you in error.

Data Sharing & Disclosure

We share your personal information only with:

RecipientPurposeLegal Basis
Amazon Web Services (AWS)Hosting the Portal's application servers, databases, and object storage in the United StatesPerformance of the contract (operating the Service); legitimate interests
Fly.ioHosting certain in-house middleware services that support the Portal; your personal information may transit these services when requests are routed between Portal componentsPerformance of the contract (operating the Service); legitimate interests
MailgunSending transactional emails (magic sign-in links, verification, ticket notifications, security alerts) on our behalfPerformance of the contract; legitimate interests
Pawprint Press Official Store (Shopify)Retrieving your customer profile and order history, only when you authorize the linkageYour consent; performance of the contract
Authorities or third partiesWhere required by law, legal process, or to protect the rights, property, or safety of Pawprint Press, our users, or the publicLegal obligation; legitimate interests
Successors in a business transactionIn the event of a merger, acquisition, reorganization, or sale of assetsLegitimate interests

We bind each of our service providers by contract to process your personal information only on our documented instructions, to implement appropriate security measures, and to respect applicable data-protection law. You can read the data-handling policies of our main sub-processors:

Linking Your Pawprint Press Official Store Account

Linking is optional. When you authorize the linkage:

  • we redirect you to the Official Store to authenticate and grant access;
  • we receive a scoped access token that lets us call Shopify APIs on your behalf;
  • we retrieve your customer profile and order history and store a cached copy in your Portal account;
  • we refresh that cached copy periodically so it stays reasonably current.

You can disconnect the linkage at any time from your Portal account settings. Disconnecting revokes the access token and stops further data retrieval. A cached copy of data retrieved before disconnection will remain in your Portal account, subject to the "Data Retention" section below, until you delete your account or request deletion.

The Official Store's own collection and use of the data behind the linkage remains governed by the Official Store Privacy Policy.

International Data Transfers

The Portal's application servers, databases, and object storage are located in the United States. Our sub-processors — Amazon Web Services (primary hosting), Fly.io (in-house middleware services that may process your personal information in transit), and Mailgun (transactional email delivery) — all run the workloads supporting the Portal on US-based infrastructure. If you access the Portal from outside the United States, your personal information will be transferred to, stored in, and processed in the United States.

Where required, we rely on the following safeguards to protect cross-border transfers:

  • From the European Economic Area: Standard Contractual Clauses adopted by the European Commission, supplemented where necessary by additional measures consistent with the Schrems II ruling.
  • From the United Kingdom: the UK Information Commissioner's International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses.
  • From other jurisdictions with their own cross-border-transfer requirements: analogous contractual safeguards recognized under the applicable data-protection law.

If you are a resident of the European Economic Area, the United Kingdom, or Switzerland, we process your personal information under one or more of the following legal bases:

  • Performance of a contract — to provide the Portal to you, including authentication, product registration, and support tickets;
  • Consent — for optional features such as linking your Pawprint Press Official Store account. You can withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal;
  • Legitimate interests — to secure the Portal, prevent fraud, and improve the reliability and quality of the Service, where those interests are not overridden by your rights and freedoms;
  • Legal obligation — where we are required to process your information to comply with applicable law.

If you are a resident of Brazil, Australia, Canada, Japan, or another jurisdiction with its own data-protection framework, we process your personal information under the legal bases or permitted purposes recognized under that law, which in most cases correspond to those listed above.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described above, or as required by applicable law:

  • Account data: retained while your account is active, and for up to 12 months after account closure for legal, tax, and fraud-prevention purposes.
  • Product registration data: retained for the duration of your account, and for up to the longer of (a) 12 months after account closure or (b) the applicable warranty period.
  • Support ticket content (including attachments): retained for up to 24 months after ticket closure for quality-assurance and dispute-resolution purposes, unless a shorter period is required by law.
  • Linked Official Store cache: deleted when you disconnect the linkage or close your account, except where we need to retain a record for fraud prevention, dispute resolution, or legal compliance.
  • Authentication and security logs: retained for up to 12 months.
  • Device and usage logs: retained for up to 12 months.

Upon your verified request, we will delete your personal information, provided it is no longer needed for legal or operational reasons.

Your Rights

Your rights depend on where you reside. The sections below summarize the most common ones; if you are unsure which apply to you, contact us and we will help identify them.

European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR / FADP)

If you are a resident of the European Economic Area, the United Kingdom, or Switzerland, you have the right to:

  • access the personal information we hold about you;
  • ask us to correct or update inaccurate or incomplete information;
  • ask us to erase your personal information;
  • restrict or object to our processing;
  • receive a copy of your personal information in a portable format;
  • withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • not be subject to a decision based solely on automated processing (we do not engage in such decision-making);
  • lodge a complaint with your local data-protection supervisory authority.

California (CCPA / CPRA)

If you are a resident of California, you have the right to:

  • know what personal information we collect and how we use it;
  • access the specific pieces of personal information we hold about you;
  • delete personal information we hold about you;
  • correct inaccurate personal information;
  • port a copy of your personal information to another service;
  • opt out of the "sale" or "sharing" of your personal information for cross-context behavioral advertising — we do not sell or share your personal information as those terms are defined under the CCPA/CPRA;
  • limit the use and disclosure of Sensitive Personal Information — because our use of Sensitive Personal Information is limited to the permitted purposes listed in Cal. Civ. Code § 1798.121(a), this right is already satisfied by our practices, but you may request written confirmation;
  • not be retaliated against for exercising any of these rights.

Other United States States

If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Tennessee, Iowa, Delaware, New Jersey, New Hampshire, Kentucky, Maryland, Minnesota, Indiana, Rhode Island, or another US state with a comprehensive consumer privacy law, you generally have rights similar to those above, which may include the right to:

  • confirm whether we process your personal information and access that information;
  • correct inaccurate personal information;
  • delete personal information;
  • obtain a portable copy of your personal information;
  • opt out of sale, of sharing for cross-context behavioral advertising, or of profiling in furtherance of decisions that produce legal or similarly significant effects (we do not engage in any of these with your Portal data).

If your state's law provides for an appeal of our decision on your request, you may appeal by replying in writing to our response, and we will address your appeal within the time period required by that law.

Australia (Privacy Act 1988 / Australian Privacy Principles)

If you are a resident of Australia, under the Australian Privacy Principles you have the right to request access to and correction of the personal information we hold about you, and to complain about our handling of your personal information. We will handle complaints as required by the Privacy Act 1988 (Cth); you may also contact the Office of the Australian Information Commissioner if you are not satisfied with our response.

Brazil (LGPD)

If you are a resident of Brazil, under the Lei Geral de Proteção de Dados (LGPD) you have the right to:

  • confirm the existence of processing of your personal data;
  • access your personal data;
  • correct incomplete, inaccurate, or outdated personal data;
  • request anonymization, blocking, or deletion of data processed in non-compliance with the LGPD;
  • request portability of your personal data;
  • obtain information about entities with which we have shared your personal data;
  • revoke your consent and request deletion of personal data processed under that consent;
  • petition the Autoridade Nacional de Proteção de Dados (ANPD) if you believe we have violated your rights.

Canada (PIPEDA and Québec Law 25)

If you are a resident of Canada, under the Personal Information Protection and Electronic Documents Act (PIPEDA) you have the right to access the personal information we hold about you and to request corrections.

If you are a resident of Québec, you have additional rights under the Act respecting the protection of personal information in the private sector (as amended by Law 25), including the rights to data portability, to be informed about decisions based exclusively on automated processing, and to request the de-indexing of outdated personal information.

You may file a complaint with the Office of the Privacy Commissioner of Canada or, for Québec residents, the Commission d'accès à l'information du Québec.

Japan (APPI)

If you are a resident of Japan, under the Act on the Protection of Personal Information (APPI) you have the right to request disclosure, correction, addition, deletion, or suspension of use of your retained personal data. For cross-border transfers, we will provide on request information about the recipient country and the applicable safeguards, as required by APPI.

How to Exercise Your Rights

To exercise any of the rights above, contact us. To protect you, we may need to verify your identity before responding — for example, by asking you to sign in to your Portal account or to confirm information we already hold about you.

We will respond within the timeframe required by applicable law — typically within 30 days, or 45 days under the CCPA/CPRA, from the date we verify your identity — with the possibility of an extension where permitted by law, in which case we will tell you why and when to expect our response.

You have the right to authorize an agent to submit a request on your behalf; we may ask for proof of that authorization. We will not discriminate or retaliate against you for exercising your rights.

Data Breach Notification

If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and, where required, the relevant supervisory authorities, without undue delay and in accordance with applicable law — including Articles 33–34 of the GDPR, Cal. Civ. Code § 1798.82 and analogous US state breach-notification statutes, and equivalent obligations under the UK GDPR, LGPD, APPI, Québec Law 25, and other jurisdictions' laws.

Security

We implement appropriate technical and organizational measures to protect your personal information, including:

Encryption

Data transmitted between you and the Portal, and between the Portal and its sub-processors, is encrypted using secure protocols (e.g., TLS). Databases and object storage are encrypted at rest.

Access Controls

Access to personal information is restricted to authorized personnel who need it to perform their duties, and is protected by authentication mechanisms.

Passwordless Sign-In

We use passwordless authentication. Instead of requiring a password, we send a short-lived, single-use magic link to your registered email address when you sign in. We do not collect, process, or store passwords. Session tokens issued after successful sign-in are stored server-side in a form that allows them to be revoked at any time.

Logging and Monitoring

Security-sensitive events are logged and monitored to detect and respond to potential abuse.

Regular Security Reviews

We periodically review our security practices to identify and mitigate potential vulnerabilities.

No method of transmission or storage over the Internet is 100% secure. If you suspect unauthorized access to your account, contact us immediately.

Cookies

The Portal uses cookies and similar technologies that are strictly necessary to operate the Service — for example, to keep you signed in and to protect against cross-site request forgery. The Portal does not use advertising cookies, and does not load third-party tracking pixels for advertising or cross-site profiling.

Do Not Sell or Share; Do Not Track

We do not "sell" your personal information or "share" it for cross-context behavioral advertising as those terms are defined under California, Virginia, Colorado, Connecticut, or other US state privacy laws. Because we do not engage in these practices, we do not provide a separate "Do Not Sell or Share My Personal Information" link, but you may contact us at any time to confirm your preference in writing.

Because there is no consistent industry understanding of how to respond to "Do Not Track" signals, we do not alter our data-collection or usage practices when we detect such a signal from your browser. Our practices remain as described in this policy regardless of whether your browser sends a Do Not Track signal.

Children

The Portal is not intended for individuals under 18, and we do not knowingly collect personal information from children under 13 (or the higher age specified by the applicable data-protection law, where relevant, such as 16 under GDPR Article 8 unless a lower age has been set by the relevant EU member state). If you are a parent or guardian and believe your child has provided us with personal information, please contact us to request deletion.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. For material changes, we will provide reasonable advance notice — for example, by email to the address associated with your account or by conspicuous notice within the Portal — before the change takes effect. You can always check the "LAST UPDATED" date at the top of this page; that date marks when the new policy takes effect. Your continued use of the Portal after the effective date constitutes acceptance of the updated policy.

Contact

For questions about our privacy practices, to exercise your rights, or to make a complaint, please contact us by email at contact@pawprint.press or by mail:

PROJECT PRESS INC.

1801 Flower Ave, STE F1

Duarte, California 91010

United States of America

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data-protection authority in your jurisdiction, including (among others):