LEGAL
Terms & Privacy
These agreements govern use of the Platform. They are written to allocate risk clearly between the company, buyers, and makers. They are not a substitute for advice from your own counsel.
Privacy Policy
Effective date: July 13, 2026
Document version: 2026-07-13
Operator: LeonardShopping L.L.C., a Texas limited liability company, d/b/a Print3d Hive
This Privacy Policy explains how LeonardShopping L.L.C. (“Company,” “we,” “us”) collects, uses, shares, and protects information in connection with the Print3d Hive Platform (the “Service”). It works together with our Terms of Service.
If you do not agree with this Policy, do not use the Service.
1. Who we are
Controller / business: LeonardShopping L.L.C. (Texas), operating under the Print3d Hive trade name (Colorado DBA).
Contact channels for privacy requests will be published on the Platform (About / legal pages) and may be updated from time to time.
2. Scope
This Policy covers information processed through our websites, apps, APIs, and related services we control. It does not cover third-party sites or services (makers’ own sites, carriers, OAuth providers, payment processors) except as they process data on our behalf or receive data as independent controllers.
3. Information we collect
3.1 You provide
- Account data: email (if you choose email signup), password hashes (not plaintext passwords), recovery key hashes, public handle / public hash, profile bio, avatars/banners, optional display fields.
- OAuth profile data: when you use Google, GitHub, X, or similar: provider subject ID, and depending on provider—display name, username, avatar URL, and sometimes email. We key OAuth identity by provider + stable subject ID, not by email alone.
- Marketplace data: listings, designs/files, offers, orders, messages related to orders (if enabled), shipping addresses and contact details for fulfillment, preferences.
- Communications: support messages, reports, feedback.
- Legal acceptance records: when you accept Terms/Privacy—timestamp, document version, method (e.g., signup, login, OAuth), and technical metadata (IP address and User-Agent when available) for compliance and dispute evidence.
3.2 Collected automatically
- Device and log data: IP address, User-Agent, approximate location derived from IP, timestamps, request paths, referrers, error logs.
- Cookies and similar tech: session cookies (signed), preference cookies, onboarding dismissal flags (often localStorage), security cookies (e.g., OAuth state, legal-ack), analytics identifiers if enabled.
- Usage data: pages viewed, clicks, feature usage, performance metrics—used to operate and improve the Service.
3.3 From third parties
- OAuth providers (Google, GitHub, X, etc.).
- Payment processors (e.g., Stripe): payment status, last4/brand where provided, dispute/chargeback data—not full PAN if using hosted fields.
- Shipping / maps / geocoding providers when you use address tools.
- Fraud and security signals from infrastructure providers.
3.4 Sensitive data
We do not intentionally collect government ID numbers or precise health data. Location used for shipping or approximate “world” features should be limited to what you provide or what is needed for the feature. Do not upload content you are not willing to store on our systems.
4. How we use information
We use information to:
- Provide, secure, and maintain the Service (accounts, sessions, marketplace, files, payments);
- Process orders and communicate about them;
- Prevent fraud, abuse, spam, and security incidents;
- Comply with law, enforce Terms, and establish, exercise, or defend legal claims (including storing acceptance records);
- Improve features, UX, reliability, and performance;
- Communicate service-related notices; send optional product updates if you opt in where required;
- Analyze aggregated or de-identified trends.
Legal bases (where GDPR/UK GDPR-style bases apply): contract performance; legitimate interests (security, improvement, marketplace integrity) balanced against your rights; consent (where required, e.g., certain cookies/marketing); legal obligation.
5. How we share information
We do not sell your personal information for money. We may “share” data for advertising only if we explicitly enable such tools and provide required opt-outs; our default marketplace operation does not depend on selling data brokers your profile.
We share information with:
5.1 Service providers / processors under contracts: hosting, storage, email, analytics, error monitoring, payment processing, maps/geocoding, security.
5.2 Other users as part of the product: public handles, public profiles, public listings, public designs you publish, content you mark public. Privacy-preserving defaults do not make public posts private.
5.3 Makers / buyers as needed to fulfill orders (shipping name/address, order details, contact info required for delivery or meetup coordination).
5.4 OAuth and payment partners as needed to authenticate or process payments.
5.5 Legal and safety: if we believe disclosure is required by law, subpoena, court order, or to protect rights, safety, and integrity of the Service, users, or the public.
5.6 Business transfers: merger, acquisition, financing, or sale of assets—information may transfer under appropriate confidentiality, with notice where required.
5.7 With your direction: when you use integrations or export tools.
6. Cookies and similar technologies
We use:
- Essential cookies: login session, CSRF/OAuth state, legal acknowledgment, security.
- Preferences: theme, dismissed onboarding.
- Analytics (if enabled): aggregate traffic and product metrics.
You can control cookies via browser settings; blocking essential cookies may break login and checkout. LocalStorage may store client-only flags (e.g., onboarding seen).
7. Retention
We retain information as long as needed for the purposes above, including:
- Account data while the account is active and for a reasonable period after deletion requests or inactivity (backups, legal holds, fraud prevention);
- Order and payment records as required by tax, accounting, and payment-network rules (often multiple years);
- Legal acceptance logs for the duration needed to evidence consent and resolve disputes (often for the life of the account plus a multi-year limitation period);
- Logs for security (shorter rolling windows unless needed for an investigation).
When we delete or anonymize, residual copies may remain in backups for a limited time.
8. Security
We implement reasonable administrative, technical, and organizational measures (access controls, hashed credentials, signed cookies, transport encryption where configured). No method of transmission or storage is 100% secure. You use the Service at your own risk regarding residual security risk. Notify us promptly of suspected account compromise.
9. Your choices and rights
Depending on your location, you may have rights to:
- Access, correct, or delete personal information;
- Export a copy;
- Object to or restrict certain processing;
- Withdraw consent where processing is consent-based;
- Appeal a denial (certain U.S. states);
- Lodge a complaint with a supervisory authority (EEA/UK).
California / state privacy (CCPA/CPRA and similar): We describe categories collected (identifiers, commercial information, internet activity, geolocation approximate, user content). We do not sell personal information as commonly defined for cash. To exercise rights, contact us via published privacy channels and verify your request. Authorized agents may be required to show authority.
Account self-service: profile and some data can be edited in-product. Deletion requests may be limited where we must retain data for law, security, or outstanding orders.
Marketing: opt out of non-essential marketing emails via unsubscribe links (transactional mail may continue).
10. Children
The Service is not directed to children under 13 (or 16 in some regions). We do not knowingly collect personal information from children. If you believe a child provided data, contact us to delete it.
11. International transfers
We may process data in the United States and other countries where we or our processors operate. Those countries may have different data-protection laws than your home country. Where required, we use appropriate transfer mechanisms (e.g., standard contractual clauses).
12. Pseudonymity and legal process
Public handles are designed to reduce casual identification. We may still hold email, OAuth IDs, IPs, payment records, and shipping data that can identify you. We may disclose information in response to valid legal process. Marketing statements about privacy do not limit lawful process or this Policy.
13. Automated decision-making
We may use automated systems for fraud prevention, ranking, spam detection, and recommendations. These are not intended to produce legal effects solely by automated means without human involvement where law requires human review.
14. Changes to this Policy
We may update this Policy by posting a new version and document version string. Material changes may require renewed acceptance. The “Effective date” and “Document version” at the top state the current version.
15. Relationship to Terms; liability
This Policy is informational and contractual as incorporated by the Terms. Disclaimers and limitations of liability in the Terms apply to privacy-related claims to the maximum extent permitted by law, except where privacy statutes prohibit limitation.
16. Contact
For privacy requests or questions, use the contact method listed on the Platform’s About or legal pages, and include enough detail to verify your account (e.g., public handle and associated email if any).
BY USING THE SERVICE OR ACCEPTING OUR TERMS, YOU ACKNOWLEDGE THIS PRIVACY POLICY.
Questions? See the About page contact channels.