Back

PRIVACY POLICY

Last updated: December 21, 2025

1. INTRODUCTION

LeHa Design GmbH ("we," "us," or "our") operates the website https://www.lehadesign.club/. We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations (GDPR/DSGVO, DSG) and this Privacy Policy.

2. DATA CONTROLLER

The controller responsible for processing data on this website is:

LeHa Design GmbH

Gadenweith 15, 2565 Neuhaus, Austria

Email: hello@lehadesign.at

3. DATA COLLECTION ON OUR WEBSITE

3.1 Account & Registration

When you register for an account, we collect:

  • Name and Email address.
  • Account credentials (encrypted).

Legal Basis: Art. 6(1)(b) GDPR (Performance of a contract).

3.2 Payment Processing (LemonSqueezy)

We use LemonSqueezy as our Merchant of Record. When you make a purchase, LemonSqueezy collects your payment and billing information.

  • Data processed: Name, email, billing address, payment method.
  • Legal Basis: Art. 6(1)(b) GDPR.
  • Note: We do not store credit card details on our servers.

3.3 File Hosting & Security (Cloudflare)

We use Cloudflare R2 and Cloudflare's CDN to deliver 3D models and protect our site.

  • Data processed: IP address, browser information, and download logs (to track "unlocked" models).
  • Legal Basis: Art. 6(1)(f) GDPR (Legitimate interest in secure and efficient delivery).

3.4 Marketing (Mailchimp / LemonSqueezy)

If you subscribe to our newsletter or opt-in during checkout, we use Mailchimp or LemonSqueezy to send updates.

Legal Basis: Art. 6(1)(a) GDPR (Consent). You can unsubscribe at any time via the link in the email.

3.5 User-Generated Content ("Makes")

When you upload photos, videos, or other content showcasing your 3D prints, we collect and store:

  • The uploaded image or video files.
  • Your username (for attribution and display).
  • Upload timestamp and associated model information.
  • Any captions or descriptions you provide.

Legal Basis: Art. 6(1)(b) GDPR (Performance of a contract) and Art. 6(1)(a) GDPR (Consent for public display).

Important: User-generated content may be publicly visible on our Site. Do not upload photos or videos containing identifiable persons without their explicit consent. You are responsible for ensuring you have the right to share any content you upload.

4. ANALYTICS AND ADVERTISING

4.1 Google Analytics

We use Google Analytics to analyze website traffic. Google processes your IP address (shortened/anonymized) and user behavior.

Legal Basis: Art. 6(1)(a) GDPR (Consent via cookie banner).

4.2 Meta Pixel (Facebook Pixel)

We use the Meta Pixel to track the effectiveness of our advertisements and for retargeting.

Legal Basis: Art. 6(1)(a) GDPR (Consent). Data is transferred to Meta Platforms, Inc. in the USA.

5. COOKIES

We use cookies and similar technologies to operate our website, keep you signed in, and (with your consent) measure and improve marketing and site performance.

How to manage cookies: You can control non-essential cookies via our cookie banner (consent). You can also delete or block cookies in your browser settings. If you disable essential cookies, parts of the site may not function properly.

5.1 Essential / Functional cookies

These cookies are necessary to provide core functionality such as authentication, security, and session management.

  • Authentication/session (Supabase): project-specific cookies (often named like sb-*) to maintain your login and refresh sessions.
  • Security/performance (Cloudflare): cookies that help detect bots/abuse and protect the site (e.g., __cf_bm, cf_clearance), depending on configuration and traffic.

5.2 Analytics cookies (optional)

If you consent, we use Google Analytics cookies to understand how the website is used.

  • Google Analytics: cookies such as _ga, _ga_* (and related Google Analytics cookies), used to distinguish users and measure usage.

Legal Basis: Art. 6(1)(a) GDPR (Consent via cookie banner).

5.3 Marketing cookies (optional)

If you consent, we use marketing cookies to measure ad effectiveness and perform retargeting.

  • Meta Pixel: cookies such as _fbp and fr (and related Meta cookies), used for ad measurement and retargeting.

Legal Basis: Art. 6(1)(a) GDPR (Consent).

6. DATA TRANSFERS (USA)

Some of our partners (Google, Meta, Cloudflare, LemonSqueezy, Mailchimp) are located in the USA. We ensure that these transfers are compliant with the EU-U.S. Data Privacy Framework or utilize Standard Contractual Clauses (SCCs) to ensure a high level of data protection.

7. RETENTION PERIOD

We store your data for as long as necessary to provide our services or as required by Austrian tax and commercial law (usually 7 years for financial records under § 132 BAO).

8. YOUR RIGHTS

You have the right to access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, and the right to withdraw consent. Contact us at hello@lehadesign.at.

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde).

IMPRINT

Our imprint is available at /imprint.

Privacy Policy | LeHa Design Club