Privacy Policy
At Printera, your privacy is fundamental — not an afterthought. This policy explains exactly what data we collect, why we collect it, and how we protect it.
Who We Are
Printera ("we," "our," or "us") operates printera.io, a software-as-a-service platform that helps Etsy and Amazon sellers manage their print-on-demand operations — from product creation and order fulfilment to financial reporting. Our primary contact for all privacy matters is admin@printera.io.
Information We Collect
2.1 — Account & Identity Information
When you register or update your account:
- Full name and email address
- Phone number (optional)
- Business / store name
- Invoice type (individual or corporate)
- Turkish Tax Identification Number (Vergi No) and Tax Office — required for corporate invoicing under Turkish law
2.2 — Marketplace Integration Data
When you connect your Etsy or Amazon store:
- OAuth access and refresh tokens (stored encrypted at rest)
- Shop name, shop ID, and listing data
- Order records including buyer shipping details (name, address, country)
- Marketplace-generated receipt and transaction IDs
We access marketplace data strictly on your behalf. We never share your store credentials with any third party beyond the infrastructure providers listed in Section 4.
2.3 — Platform & Operational Data
- Products, variants, and design files you upload
- Production job records and fulfilment routing decisions
- Financial transactions and credit wallet activity
- Subscription plan and billing history
2.4 — Technical & Usage Data
- IP address and approximate geographic location
- Browser type, operating system, and device identifiers
- Pages visited, features used, and session duration
- Error logs and crash reports
2.5 — Payment Information
We do not store payment card numbers or sensitive banking details. All payment processing is handled by Iyzico (iyzico.com), a PCI-DSS certified payment provider regulated in Turkey. We retain only transaction reference codes, amounts, and statuses necessary for your billing history and reconciliation.
How We Use Your Information
We use your data exclusively to operate and improve the Printera platform:
- Authenticate your identity and maintain account security
- Sync orders and listings with connected marketplaces (Etsy, Amazon)
- Coordinate production and fulfilment of your orders
- Generate invoices and process subscription payments
- Provide P&L dashboards and financial analytics
- Send transactional emails (order confirmations, billing receipts, system alerts)
- Diagnose technical issues and improve platform performance
- Comply with applicable Turkish and EU legal obligations
We do not sell your data, use it for advertising, or share it for any purpose beyond what is described in this policy.
Third-Party Service Providers
We share data with a limited set of trusted infrastructure partners, each bound by data processing agreements:
Database, authentication, file storage, and serverless functions. Processes all platform data on our behalf.
Payment processing for subscriptions and wallet top-ups. Regulated by BDDK (Banking Regulation and Supervision Agency of Turkey).
Marketplace data exchanged under your explicit OAuth authorization. Governed by Etsy's own Privacy Policy.
Order and listing data exchanged via Amazon SP-API under your authorization. Governed by Amazon's Privacy Notice.
Beyond the above, we may disclose information if required by a Turkish court order, regulatory authority, or applicable law.
Data Retention
We retain your data only as long as necessary:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account & profile data | Active period + 3 years after closure | Legitimate interest |
| Order & transaction records | 10 years | Turkish Commercial Code & Tax Law |
| OAuth tokens | Until revoked or account closure | Service operation |
| Design & product files | Active period + 90 days after deletion | Legitimate interest |
| Usage & error logs | 90 days | Security & debugging |
Your Rights
Under the EU General Data Protection Regulation (GDPR) and the Turkish Personal Data Protection Law (KVKK), you have the following rights:
- Access — request a copy of all personal data we hold about you
- Rectification — correct any inaccurate or incomplete information
- Erasure — request deletion of your data (subject to legal retention obligations)
- Portability — receive your data in a structured, machine-readable format
- Restriction — limit how we process your data in certain circumstances
- Objection — object to processing based on legitimate interests
- Withdraw consent — where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, email us at admin@printera.io. We respond to all verified requests within 30 days.
Data Security
We take the security of your data seriously and implement multiple layers of protection:
- TLS 1.2+ encryption for all data in transit
- AES-256 encryption for sensitive data at rest (OAuth tokens, credentials)
- Row-Level Security (RLS) enforced at the database layer — no cross-tenant data access
- Multi-factor authentication available for all accounts
- Principle of least privilege for all internal access
- Regular dependency and vulnerability audits
In the event of a data breach that poses a risk to your rights, we will notify affected users within 72 hours of becoming aware, in accordance with GDPR Article 33.
International Data Transfers
Printera is operated from Turkey. Some of our infrastructure providers (notably Supabase and the marketplace APIs) may process data in the United States or EU. When data is transferred outside Turkey, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where applicable under KVKK and GDPR requirements.
Cookies & Tracking
We use strictly necessary cookies and browser storage to maintain your authenticated session. We do not use:
- Third-party advertising or tracking cookies
- Cross-site tracking pixels
- Behavioural analytics platforms (e.g., Google Analytics, Mixpanel)
We may add analytics tools in the future, at which point this policy will be updated and users notified in advance.
Children's Privacy
The Printera platform is intended for business use by adults aged 18 and over. We do not knowingly collect personal data from individuals under 18. If you believe a minor has provided us with personal data, please contact us immediately at admin@printera.io and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable law. For material changes, we will notify registered users via email at least 14 days before the changes take effect. The "Last updated" date at the top of this page always reflects the most recent revision. Your continued use of Printera after the effective date constitutes acceptance of the updated policy.
Contact Us
For privacy inquiries, data requests, or to report a concern: