Legal Information

Privacy Policy

Last updated: September 20, 2025

1. Information We Collect

We collect information you provide directly when you: create an account, place an order, contact customer support, or subscribe to our newsletter. This information may include:

  • Name, email address, phone number (office and cell), and mailing address
  • Professional information including school name, school district, and role at school
  • Gift preferences including size and gender/fit for complimentary items
  • Payment details (processed securely via third-party providers)
  • Order history and preferences
  • Communication records and customer service interactions

2. How We Use Your Information

We use the information collected to:

  • Process and fulfill your orders
  • Complete user onboarding and account setup
  • Provide personalized services based on your role and organization
  • Fulfill complimentary gift requests and preferences
  • Provide customer support and respond to inquiries
  • Send updates related to your orders and account
  • Improve our products, services, and website experience
  • Comply with legal and regulatory obligations

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following limited circumstances:

  • With trusted service providers who assist in business operations (e.g., payment processors, shipping partners)
  • When required by law or to protect our legal rights
  • In connection with a merger, acquisition, or sale of assets

4. Data Security

We employ appropriate technical and organizational measures to safeguard your personal data from unauthorized access, alteration, disclosure, or destruction. However, no online transmission or storage method can be guaranteed to be completely secure.

5. Third-Party Services and Integrations

Authentication Services (Auth0)

We use Auth0 by Okta as our authentication service provider to securely manage user accounts and login processes. When you create an account or log in, Auth0 may collect and process:

  • Email address and basic profile information
  • Authentication credentials and session data
  • Login history and security events
  • Device and browser information for security purposes

Auth0's handling of your data is governed by their privacy policy and security standards. We automatically create user profiles and organizations in our system based on information provided by Auth0.

Design Processing and File Storage

When you submit design URLs for order processing, we:

  • Capture screenshots of your design URLs using automated browser tools
  • Store design images securely on Amazon Web Services (AWS S3) with public-read access for order processing
  • Retain design files and screenshots for the duration of your order plus 7 years for business records
  • May temporarily store design files locally during processing before uploading to secure cloud storage

Google Services

If you connect your Google account or use Google services through our platform, we handle your Google user data strictly in accordance with Google's Limited Use Policy, including:

  • Requesting only the minimum access necessary for functionality
  • Not using Google data for advertising purposes
  • Restricting human access to your data without your explicit consent or security necessity
  • Not transferring Google data to third parties except to provide/improve services, comply with law, or as part of business transactions, with your consent

Data Handling

Google user data accessed via our services is used solely to deliver requested features. We retain this data only as long as needed and protect it with appropriate security safeguards.

6. Data Retention and Order Management

Order Data Retention

We retain order and customer data for the following periods:

  • Active Account Data: Retained while your account is active and for 3 years after last activity
  • Order Records: Retained for 7 years for tax, accounting, and warranty purposes
  • Design Files and Screenshots: Retained for 7 years or until deletion request, whichever comes first
  • Payment Information: Not stored directly; handled by secure payment processors with their own retention policies
  • Communication Records: Retained for 3 years for customer service and quality purposes

Multi-Tenant Data Organization

Your data is organized within your organization's account. Each organization's data is logically separated and secured from other organizations. Organization administrators can manage user access and data within their organization, but cannot access data from other organizations.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyze site usage, and personalize content. The types of technologies we use include:

Essential Cookies

  • Authentication: Session cookies from Auth0 to maintain your login state
  • Security: CSRF protection and security tokens
  • Functionality: Cookies that remember your preferences and settings

Analytics and Performance

  • Usage Analytics: Information about how you use our website and services
  • Performance Monitoring: Data to help us improve site speed and functionality
  • Error Tracking: Information to help us identify and fix technical issues

Managing Cookies

You can manage your cookie preferences through your browser settings. Please note that disabling essential cookies may affect the functionality of our services, including your ability to log in and place orders.

8. Your Rights

You have the right to:

  • Access and update your personal information
  • Request deletion of your data (subject to legal requirements)
  • Opt out of marketing communications
  • File a complaint with relevant data protection authorities

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal data from children under 13, and will promptly delete any such data if discovered.

10. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated by updating the policy on our website and revising the "last updated" date.

11. Contact Us

If you have any questions about this privacy policy, please contact us:

The Swan Brothers
33 Whipple St
Pittsfield, MA 01201
Phone: (413) 344-9199
Email: info@theswanbrothers.com