Privacy Policy

This Privacy Policy applies to:

• The ur/gd marketing website
• All ur/gd applications and digital tools
• Communications with us, including support inquiries

Certain applications may collect additional data specific to their functionality. Where applicable, those details will be described within the relevant application or its documentation.

We collect information in the following categories:

2.1 Information You Provide

You may provide information such as:

• Name
• Email address
• Account credentials
• Content you upload (e.g., photos, messages, files, codes)
• Communications with us

You control what content you choose to submit.

2.2 Information Collected Automatically

When you use the Services, we collect certain technical information such as IP address, device type, browser type, and usage data. This information is collected through standard server logs and infrastructure monitoring tools and is used for security, diagnostics, and service improvement.

Our Services are protected by a web application firewall (WAF) and security monitoring infrastructure. These systems automatically collect and analyze request-level data — including IP addresses, request patterns, and headers — to detect and block malicious traffic, enforce rate limits, and protect the integrity of the Services. This data is used solely for security purposes and is not used for tracking, profiling, or advertising.

Where the Services accept file uploads, uploaded content may be automatically scanned for malware using third-party security scanning services provided by our cloud infrastructure provider. Files identified as malicious are rejected and deleted immediately. Scan metadata (such as scan status and timestamps) is retained temporarily for operational purposes and is automatically deleted.

We do not use advertising cookies or cross-site tracking technologies.

2.3 App-Specific Data

Some ur/gd applications may collect additional information necessary to provide their intended functionality. We design data collection to be proportional to the feature being provided.

Stitch (SVG-to-PES Converter)

Stitch is a file conversion tool that does not require an account, authentication, or any personally identifying information. When you use Stitch:

• You upload SVG files for conversion to PES embroidery format. Uploaded files are temporarily stored, scanned for malware, and processed. Original files are deleted immediately after conversion or rejection.
• Converted PES files are temporarily available for download and are automatically deleted within 24 hours.
• A randomly generated request identifier (UUID) is used to track conversion status. This identifier is not linked to any personal information and is automatically deleted after 7 days.
• No user accounts, login credentials, cookies, or tracking identifiers are used.

Additional applications may describe their specific data practices within the application interface or supporting documentation at the time of release.

We use information to:

• Operate and maintain the Services
• Provide functionality requested by users
• Respond to inquiries and provide support
• Monitor system performance and security
• Scan uploaded content for malware and reject harmful files
• Prevent fraud, misuse, or abuse
• Comply with legal obligations

We do not use personal information for profiling or behavioral advertising.

We do not use personal information for automated decision-making that produces legal or similarly significant effects.

4.1 No Sale of Personal Information

We do not sell personal information.

4.2 Service Providers

We may share information with service providers who process information on our behalf to operate the Services (such as cloud hosting providers):

• Cloud infrastructure providers
• Hosting services
• Payment processors
• Security and monitoring providers, including malware detection services

These providers are contractually obligated to safeguard information and may only use it to perform services on our behalf.

4.3 Legal Requirements

We may disclose information if required to:

• Comply with law or lawful requests
• Protect rights, safety, or security
• Investigate fraud or misuse

We retain personal information only for as long as necessary to provide the Services, fulfill the purposes described in this Privacy Policy, and comply with legal obligations.

Retention periods may vary depending on:

• The nature of the information
• The purpose for which it was collected
• Account status and user activity
• Legal, accounting, or dispute-resolution requirements

For file-processing services such as Stitch, the following retention periods apply:

• Uploaded files: Deleted immediately after processing or rejection
• Converted output files: Available for a limited download period (typically up to 24 hours), then automatically deleted
• Conversion status records: Automatically deleted after 7 days
• Security scan metadata: Retained temporarily for operational purposes and automatically deleted

Users may request deletion of their personal information by contacting us at privacy@urgdstudios.com. We will process deletion requests in accordance with applicable law.

Certain information may be retained where required to comply with legal obligations, resolve disputes, or enforce agreements.

Depending on your jurisdiction, you may have the right to:

• Request access to your personal information
• Request correction of inaccurate data
• Request deletion of your information
• Object to or restrict certain processing
• Request data portability

Requests may be submitted to privacy@urgdstudios.com.

We will respond to verifiable requests within forty-five (45) days, or as otherwise required by applicable law.

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the right to:

• Know what personal information we collect
• Request deletion of personal information
• Request correction of inaccurate information
• Opt out of the sale or sharing of personal information

We do not sell or share personal information as defined under California law.

We will respond to verifiable requests within forty-five (45) days, as required by applicable law.

At this time, ur/gd studios LLC does not meet the thresholds required to be classified as a “business” under the CCPA/CPRA, but we provide these disclosures voluntarily in the interest of transparency.

urgd studios LLC is based in the United States.

Our Services are primarily intended for users located in the United States. We do not intentionally target or market to individuals in the European Economic Area (EEA) or United Kingdom.

If you access the Services from outside the United States, your information may be transferred to and processed in the United States.

If we become subject to the General Data Protection Regulation (GDPR) or other international data protection laws due to our operations, we will implement appropriate safeguards as required by law.

Individuals located in the EEA or UK may have additional rights, including the right to lodge a complaint with their local supervisory authority.

We implement reasonable administrative, technical, and organizational measures to protect personal information.

Data is encrypted in transit and, where supported by our infrastructure providers, at rest.

Our Services are protected by a centralized web application firewall (WAF) and rate-limiting controls. Where the Services accept file uploads, uploaded content is automatically scanned for malware before processing.

However, no method of transmission over the Internet or electronic storage is 100% secure.

In the event of a confirmed data security incident affecting personal information, we will take appropriate steps consistent with applicable law, including notification to affected individuals where required.

Our Services are not directed to children under 13 years of age.

In jurisdictions where the minimum age for consent to use online services is higher than 13, we do not knowingly collect personal information from individuals below that age.

Our Services may contain links to third-party websites or services.

We are not responsible for their privacy practices.

We may update this Privacy Policy from time to time.

When we do, we will revise the “Last Updated” date at the top of this page.

Continued use of the Services after changes indicates acceptance of the updated Policy.

For questions or privacy-related requests, contact privacy@urgdstudios.com

Mailing Address
ATTN: ur/gd Studios LLC
The Cloud Room
1424 11th Ave STE 400
Seattle, WA 98122