Privacy policy

This policy applies to visitors of our marketing website, registered users of the Spinnify application, and technical contacts who integrate our widget on third‑party storefronts. Separate agreements (e.g. terms of service) may apply to paid subscriptions.

We may process: account and profile data (such as email address and workspace identifiers); usage and analytics data relating to the dashboard and widget (such as views, session duration, and error logs); content you upload (for example 360° image sequences and product metadata); technical data (IP address, browser type, device identifiers, and timestamps); and communications you send to support. We do not intentionally collect sensitive categories of data unless you voluntarily provide them and we have a lawful basis to process them.

We use personal data to provide, secure, and improve the services; authenticate users; process subscriptions and payments through our payment provider; communicate service updates and security notices; troubleshoot issues; comply with legal obligations; and enforce our terms. Analytics may be aggregated or pseudonymized where appropriate.

Where GDPR applies, we rely on contractual necessity, legitimate interests (such as securing our platform and understanding product usage), consent where required (for example non‑essential cookies), and legal obligation when we must retain records. Retention periods depend on the type of data: account data is kept while your account is active; billing records may be retained as required by tax law; logs may be rotated after a limited period unless longer retention is justified for security or disputes.

We use trusted infrastructure and service providers (for example hosting, email delivery, and payment processing). They may process personal data only under our instructions and appropriate agreements. Payment card data is handled by our payment processor; we do not store full card numbers on our servers. We may disclose information if required by law, to protect rights and safety, or as part of a merger or acquisition subject to safeguards.

Depending on your jurisdiction, you may have rights to access, rectify, delete, restrict, or object to certain processing, and to data portability. You may withdraw consent for optional processing at any time. To exercise your rights, contact us using the details on our Contact page. You may also lodge a complaint with your local supervisory authority. We may update this policy from time to time; material changes will be communicated as required by law.