Privacy Policy — Label Generator

On this page

1. Who we are
2. Information we collect
3. How we use it
4. Lawful basis
5. Subprocessors
6. International transfers
7. Data retention
8. Cookies
9. Your rights
10. Children
11. Security
12. Marketing
13. Changes
14. Contact

This Privacy Policy explains how Label Generator ("we", "us", "the Service") collects, uses, stores, and shares personal information about you when you use label-generator.io and related services. It applies to all visitors, registered users, and paying customers.

We comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and the EU ePrivacy Directive. If you have questions, contact privacy@label-generator.io.

1. Who we are (Data Controller)

The data controller for personal information collected through the Service is the operator of Label Generator. Contact for privacy matters: privacy@label-generator.io.

For users in the EU/UK who wish to exercise their rights, this address also reaches our data protection point of contact.

2. Information we collect

We collect the following categories of personal information:

Account information. When you sign up via Clerk (our authentication provider): name, email address, profile picture (if you sign in with Google), and authentication tokens. Passwords, when used, are managed entirely by Clerk and never reach us.
Content you create. Label designs, text, uploaded images, and brand kit data (colors, fonts, logos) that you save in the Service.
Billing data. If you upgrade to Pro, Stripe collects your payment method (card details, billing address, country) and processes the charge. We never see or store your full card number; we only receive a Stripe customer ID, subscription ID, and subscription status.
Usage analytics. If you grant consent through our cookie banner, we collect anonymous usage events (pageviews, button clicks, feature usage) via PostHog. These help us understand which features matter and where users get stuck.
Technical data. Server logs may temporarily contain your IP address, browser/user-agent string, and request paths for security, debugging, and abuse prevention. These are retained for up to 30 days.
Cookies and local storage. See Section 8.

3. How we use your information

To provide the Service: store your designs, sync them across devices, render the editor, generate exports.
To authenticate you and protect your account from unauthorized access.
To process payments and manage subscriptions, including invoicing, renewal, cancellation, and refund processing.
To respond to support requests, bug reports, and inquiries.
To improve the Service through aggregated, opt-in product analytics.
To send transactional email (e.g., account confirmation, payment receipts via Stripe) — never marketing email without your explicit, separately requested consent.
To comply with legal obligations and respond to lawful requests from authorities.

Contract performance — operating the Service, processing your payments, providing your account.
Legitimate interest — securing the Service, preventing abuse, improving features in aggregate, debugging.
Consent — optional analytics, optional marketing communications. You may withdraw consent at any time.
Legal obligation — retaining transaction records as required by tax law, responding to lawful legal process.

5. Subprocessors

We rely on the following third-party providers (subprocessors) to operate the Service. Each processes only the data necessary for its function, under a data processing agreement.

Provider	Purpose	Data processed	Region
Clerk	Authentication	Email, name, OAuth tokens, IP	United States
Convex	Database, file storage, real-time sync	Designs, brand kits, uploaded images	European Union (eu-west-1)
Stripe	Payment processing, billing portal	Card details, billing address, transaction history	United States (with EU SCCs)
Vercel	Hosting, edge CDN, server logs	Request logs (IP, paths)	Global edge; primarily US/EU
PostHog	Product analytics (consent-based)	Anonymous usage events, device info	United States (EU instance available)
Brandfetch	Brand-asset lookup (Pro "Extract from URL")	Domain name only	United States (EU SCCs for EU users)
Hostinger	DNS	Domain configuration only — no user data	European Union

When you use the "Extract from URL" feature on a Pro plan, we send the URL you provide to Brandfetch to look up publicly-available brand assets. Brandfetch publishes a public brand page at brandfetch.com/{domain} for every domain queried; this page may appear in search engine results. Do not use this feature for URLs you do not own or have permission to query.

We may add, remove, or change subprocessors as the Service evolves. Material changes will be announced via this page and email to active subscribers at least 30 days before they take effect.

6. International data transfers

Some of our subprocessors are based in the United States (Clerk, Stripe, PostHog, Vercel). When your data is transferred outside the European Economic Area, the United Kingdom, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (SCCs) and the corresponding UK addendum to ensure adequate protection. Stripe additionally maintains its own SCCs for cardholder data.

7. Data retention

Account & content data: retained while your account is active.
After account deletion: we permanently delete your designs, brand kits, and uploaded images within 30 days.
Billing records: retained for 7 years (or as required by applicable tax/accounting law).
Server logs: 30 days, then automatically purged.
Backups: deleted data may persist in encrypted backups for up to 90 days before being overwritten.

8. Cookies and local storage

We use the following categories:

Strictly necessary— authentication session cookies (Clerk), CSRF tokens, and editor settings stored in your browser's localStorage. These do not require consent under ePrivacy because they are essential to the Service.
Optional analytics— PostHog event tracking. Disabled by default. We will only enable analytics tracking after you grant consent through our cookie banner. You can withdraw consent at any time by clicking "Cookie settings" in the footer (when banner is implemented) or contacting us.

We do not use third-party advertising cookies. We do not run remarketing or ad-network tracking.

9. Your rights

Under GDPR, UK GDPR, and CCPA, you have the following rights regarding your personal data. To exercise any right, email privacy@label-generator.io; we will respond within 30 days.

Access — request a copy of the personal data we hold about you.
Rectification — correct inaccurate or incomplete data.
Erasure ("right to be forgotten") — request deletion of your account and associated data.
Restriction — limit how we process your data.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interest.
Withdraw consent — withdraw any consent you previously granted (e.g., for analytics).
Lodge a complaint — with your local data protection supervisory authority. EU: see EDPB members list. UK: ico.org.uk.

California residents additionally have the right to know what personal data we collect, the right to delete it, the right to opt out of the sale or sharing of personal data, and the right to non-discrimination for exercising these rights. We do not sell or share your personal data as those terms are defined under CCPA/CPRA.

10. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have collected data from a child, contact us and we will delete it.

11. Security

We use industry-standard security measures: TLS encryption in transit, encryption at rest for database and file storage, principle of least privilege for internal access, and regular security review of dependencies. No system is perfectly secure; if we become aware of a breach affecting your data, we will notify you without undue delay and as required by applicable law.

12. Marketing communications

We do not send marketing emails by default. If you opt in to product updates or newsletters, every message will include a one-click unsubscribe link. Transactional emails (receipts, account security notices, service announcements) are not marketing and are sent regardless of marketing opt-in status.

13. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced via this page and (for active subscribers) by email at least 30 days in advance. The "Last updated" date at the top reflects the current version.

14. Contact

Privacy questions, data subject rights requests, breach notifications: privacy@label-generator.io

General support: support@label-generator.io

1. Who we are (Data Controller)

The data controller for personal information collected through the Service is the operator of Label Generator. Contact for privacy matters: privacy@label-generator.io.

For users in the EU/UK who wish to exercise their rights, this address also reaches our data protection point of contact.

2. Information we collect

We collect the following categories of personal information:

Account information. When you sign up via Clerk (our authentication provider): name, email address, profile picture (if you sign in with Google), and authentication tokens. Passwords, when used, are managed entirely by Clerk and never reach us.
Content you create. Label designs, text, uploaded images, and brand kit data (colors, fonts, logos) that you save in the Service.
Billing data. If you upgrade to Pro, Stripe collects your payment method (card details, billing address, country) and processes the charge. We never see or store your full card number; we only receive a Stripe customer ID, subscription ID, and subscription status.
Usage analytics. If you grant consent through our cookie banner, we collect anonymous usage events (pageviews, button clicks, feature usage) via PostHog. These help us understand which features matter and where users get stuck.
Technical data. Server logs may temporarily contain your IP address, browser/user-agent string, and request paths for security, debugging, and abuse prevention. These are retained for up to 30 days.
Cookies and local storage. See Section 8.

3. How we use your information

To provide the Service: store your designs, sync them across devices, render the editor, generate exports.
To authenticate you and protect your account from unauthorized access.
To process payments and manage subscriptions, including invoicing, renewal, cancellation, and refund processing.
To respond to support requests, bug reports, and inquiries.
To improve the Service through aggregated, opt-in product analytics.
To send transactional email (e.g., account confirmation, payment receipts via Stripe) — never marketing email without your explicit, separately requested consent.
To comply with legal obligations and respond to lawful requests from authorities.

Contract performance — operating the Service, processing your payments, providing your account.
Legitimate interest — securing the Service, preventing abuse, improving features in aggregate, debugging.
Consent — optional analytics, optional marketing communications. You may withdraw consent at any time.
Legal obligation — retaining transaction records as required by tax law, responding to lawful legal process.

5. Subprocessors

We rely on the following third-party providers (subprocessors) to operate the Service. Each processes only the data necessary for its function, under a data processing agreement.

Provider	Purpose	Data processed	Region
Clerk	Authentication	Email, name, OAuth tokens, IP	United States
Convex	Database, file storage, real-time sync	Designs, brand kits, uploaded images	European Union (eu-west-1)
Stripe	Payment processing, billing portal	Card details, billing address, transaction history	United States (with EU SCCs)
Vercel	Hosting, edge CDN, server logs	Request logs (IP, paths)	Global edge; primarily US/EU
PostHog	Product analytics (consent-based)	Anonymous usage events, device info	United States (EU instance available)
Brandfetch	Brand-asset lookup (Pro "Extract from URL")	Domain name only	United States (EU SCCs for EU users)
Hostinger	DNS	Domain configuration only — no user data	European Union

We may add, remove, or change subprocessors as the Service evolves. Material changes will be announced via this page and email to active subscribers at least 30 days before they take effect.

6. International data transfers

7. Data retention

Account & content data: retained while your account is active.
After account deletion: we permanently delete your designs, brand kits, and uploaded images within 30 days.
Billing records: retained for 7 years (or as required by applicable tax/accounting law).
Server logs: 30 days, then automatically purged.
Backups: deleted data may persist in encrypted backups for up to 90 days before being overwritten.

8. Cookies and local storage

We use the following categories:

Strictly necessary— authentication session cookies (Clerk), CSRF tokens, and editor settings stored in your browser's localStorage. These do not require consent under ePrivacy because they are essential to the Service.
Optional analytics— PostHog event tracking. Disabled by default. We will only enable analytics tracking after you grant consent through our cookie banner. You can withdraw consent at any time by clicking "Cookie settings" in the footer (when banner is implemented) or contacting us.

We do not use third-party advertising cookies. We do not run remarketing or ad-network tracking.

9. Your rights

Under GDPR, UK GDPR, and CCPA, you have the following rights regarding your personal data. To exercise any right, email privacy@label-generator.io; we will respond within 30 days.

Access — request a copy of the personal data we hold about you.
Rectification — correct inaccurate or incomplete data.
Erasure ("right to be forgotten") — request deletion of your account and associated data.
Restriction — limit how we process your data.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interest.
Withdraw consent — withdraw any consent you previously granted (e.g., for analytics).
Lodge a complaint — with your local data protection supervisory authority. EU: see EDPB members list. UK: ico.org.uk.

10. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have collected data from a child, contact us and we will delete it.

11. Security

12. Marketing communications

13. Changes to this policy

14. Contact

Privacy questions, data subject rights requests, breach notifications: privacy@label-generator.io

General support: support@label-generator.io

1. Who we are (Data Controller)

2. Information we collect

3. How we use your information

4. Lawful basis for processing (GDPR Art. 6)

5. Subprocessors

6. International data transfers

7. Data retention

8. Cookies and local storage

9. Your rights

10. Children

11. Security

12. Marketing communications

13. Changes to this policy

14. Contact

1. Who we are (Data Controller)

2. Information we collect

3. How we use your information

4. Lawful basis for processing (GDPR Art. 6)

5. Subprocessors

6. International data transfers

7. Data retention

8. Cookies and local storage

9. Your rights

10. Children

11. Security

12. Marketing communications

13. Changes to this policy

14. Contact