Privacy Policy

TextileHarmony S.R.L. is a Romanian company headquartered at 23A Str. Armoniei, Apt. B1, Timișoara 300921, Timiș, Romania (CUI 54220412, Reg. Com. J2026016218002). We act as the data controller for personal data processed in connection with our website and platform.

For any privacy request you can reach us at [email protected].

We collect only the data we need to provide our services:

• Account data: name, email, company, password hash, role, language, currency.
• Billing data: billing address, VAT number, plan, credit balance, invoice history. Card numbers are never stored on our systems — they are handled by our PCI-DSS payment processors.
• Project data: 3D garments, fabrics, AI fit results, tech packs and renders that you upload or generate inside the platform.
• Telemetry: device, browser, IP, pages viewed, feature usage, error reports.
• Communications: emails, support tickets, sales calls, NPS feedback.

We process personal data to:

• Provide, maintain and improve the platform and our website.
• Authenticate users and protect accounts from abuse.
• Process payments, issue invoices and manage credit balances.
• Send service notifications, security alerts and product updates you opted into.
• Provide customer support and onboarding.
• Comply with tax, accounting and legal obligations.

• Contract: running your account, billing, hosting your projects.
• Legitimate interest: security monitoring, product analytics, fraud prevention.
• Consent: non-essential cookies and marketing emails — you can withdraw consent at any time.
• Legal obligation: tax records, accounting, responding to lawful requests.

We share data only with vetted processors under signed Data Processing Agreements: cloud hosting, email delivery, payment providers, analytics, customer support tooling, and AI rendering infrastructure. We never sell personal data.

For international transfers we rely on EU Standard Contractual Clauses and adequacy decisions where applicable.

• Account data: while the account is active, plus 12 months after closure.
• Billing and tax records: 10 years (Romanian fiscal law).
• Project files: while the account is active; deleted within 30 days of account closure unless you export them earlier.
• Support tickets: 24 months.
• Marketing logs: until you unsubscribe, plus 12 months.

Under GDPR you have the right to access, rectify, erase, restrict or port your personal data, and to object to certain processing. You can exercise these rights by writing to [email protected]. We respond within 30 days.

You may also lodge a complaint with the Romanian supervisory authority (ANSPDCP) or your local EU data protection authority.

We use TLS in transit, encryption at rest, role-based access control, audit logs, vendor reviews and yearly penetration tests. Reports of vulnerabilities are welcome at [email protected].

The platform is not intended for individuals under 16. We do not knowingly collect data from children.

We may update this policy. Material changes will be announced by email or in-app at least 14 days before they take effect.