Privacy Policy

Last updated: February 2026

1. Data We Collect

• Account data: Email, name, OAuth profile (Google/Microsoft/Apple)
• Usage data: Feature usage analytics, error logs
• 3D Models: Temporarily processed server-side for analysis/repair, never stored permanently
• Payment data: Processed by Stripe Inc. — we never see your card details

2. How We Use Data

• Provide and improve 3ASYCAD services
• Process subscriptions and payments
• Send service-related communications
• Analyze usage to improve the product

3. Data Processing & Storage

Your data is stored in EU-based PostgreSQL databases (Supabase). Temporary file processing occurs on EU servers (Railway). AI features may send minimal context (dimensions, summaries — never full 3D geometry) to Anthropic (USA) under their data processing agreement.

4. Third-Party Services

• Stripe: Payment processing (USA, EU-US DPF certified)
• Supabase: Authentication & database (EU region)
• Vercel: Frontend hosting (EU region)
• Railway: Backend hosting (EU region)
• Anthropic: AI assistants features (USA)

5. Your Rights (GDPR)

You have the right to access, rectify, erase, port, and restrict processing of your data. Contact info@3festo.com for any requests. Response within 30 days.

6. Data Retention

Account data: retained while account is active + 30 days. 3D files: deleted immediately after processing. Payment records: 10 years (Italian tax law).

7. Security

TLS encryption in transit, AES-256 at rest, JWT authentication, rate limiting, no plain-text passwords.

8. Changes

We may update this policy. Significant changes will be notified via email or in-app notice.

Terms of Service • Cookie Policy • Back to 3ASYCAD