Privacy policy
Last updated: July 2026
1. Who we are
Embgig (“we”, “us”, “our”) operates the embroidery design marketplace at embgig.com. This policy explains what personal data we collect, why we collect it, and how we use and protect it.
2. Data we collect
Account data — when you register we collect your name, email address, and password (stored as a secure hash). Sellers also provide their country, phone number, and store information.
Transaction data — when you make a purchase we record the order details, the amount paid, and the payment reference. Full card details are never stored by Embgig — they are handled directly by our payment processor (Paystack).
Usage data — we record page views on design listings to calculate view counts for sellers. We do not build personal browsing profiles or track you across the web.
Identity verification — sellers who exceed a lifetime withdrawal threshold are asked to submit a government-issued ID document. These documents are stored in a private, access-controlled storage zone and reviewed only by authorised Embgig staff.
Communications — if you subscribe to our newsletter we store your email address and subscription status.
3. How we use your data
- To create and manage your account.
- To process purchases and credit seller wallets.
- To deliver purchased design files to you.
- To review seller applications and identity verifications.
- To send transactional emails (receipts, account notifications).
- To send newsletter emails you have opted into (you can unsubscribe at any time).
- To detect and prevent fraud and abuse.
- To comply with legal obligations.
4. Third-party services
We share data with the following third parties to operate the Platform:
- Supabase — our database and authentication provider. Your account data and order history are stored in Supabase.
- Paystack — our payment processor. When you check out, your payment details are sent directly to Paystack. We receive only a payment reference and confirmation of success.
- Bunny.net — our file storage and CDN provider. Design files, preview images, and identity documents are stored on Bunny. Files are only accessible via time-limited signed URLs generated by our servers.
We do not sell your personal data to any third party, nor do we share it for advertising purposes.
5. Cookies
We use a small number of functional cookies to operate the Platform:
- Session cookie — keeps you logged in as you navigate the site.
- Currency preference — remembers your chosen display currency for 30 days.
We do not use advertising, analytics, or tracking cookies from third-party services.
6. Data retention
We retain your account data for as long as your account is active. Order records are retained for a minimum of 5 years to comply with financial record-keeping requirements. If you close your account, we will delete or anonymise your personal data within 90 days, except where retention is required by law.
7. Your rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion of your data (subject to legal obligations).
- Withdraw consent for newsletter emails at any time.
To exercise any of these rights, contact us at privacy@embgig.com.
8. Security
We use industry-standard security measures including encrypted connections (HTTPS), row-level security on our database, and access-controlled file storage. No method of transmission over the internet is 100% secure, but we take reasonable steps to protect your data.
9. Changes to this policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes by email and update the “Last updated” date above.
Contact
Questions about this policy? Email us at privacy@embgig.com.