Privacy and Cookies Policy

Last updated: 14 July 2025

This Privacy & Cookies Policy explains how Fransiscus Asisi Herry, a sole trader operating under his own name (“we”, “our”, “us”), collects, uses, discloses and protects your personal information when you visit our website, purchase a licence key, or otherwise interact with us.

  1. About This Policy

This policy applies whenever we act as data controller, i.e. when we decide why and how your personal data is processed. It is written to meet the main privacy regulations that affect our users in 2025, including the EU GDPR (and UK GDPR), the Australia Privacy Act 1988, and comparable laws in other jurisdictions in which we operate.

If local law gives you stronger rights than those described here, we will honour the stronger right.

 

  1. Who We Are & How to Contact Us

Legal entity: Fransiscus Asisi Herry

Business structure: Sole trader (trading under own name)

Website: https://www.image2punch.com

Email (preferred): support at image2punch.com

Data Protection Officer: Fransiscus Asisi Herry (contact via the email above)

Note: As a sole trader operating from a private residence, I do not publicly disclose a business address. Please contact me via email for all inquiries.

  1. What Personal Data We Collect, Why We Collect It, and the Legal Basis

Identity & Contact Data – Name, email. Used for account creation, licence delivery, and product support. Legal basis: contract performance; legitimate interests (service administration).

Usage Data – IP address, browser, device, pages viewed, time on page. Used for site analytics, debugging, and security. Legal basis: legitimate interests (improving & securing services); consent (for non-essential cookies).

Transaction Data – Order ID, product, amount, date. No card data is stored or processed by us. Used for licence fulfilment, refunds, and tax/accounting. Legal basis: contract performance; legal obligation (tax).

Correspondence – Emails, support tickets, feedback. Used for customer service history. Legal basis: legitimate interests (service quality, dispute resolution).

Marketing Preferences – Opt-in/opt-out flags. Used to send you updates you have requested. Legal basis: consent; legitimate interests (promoting similar products).

No special-category data (e.g. health, biometrics) is intentionally collected.

  1. Cookies & Similar Technologies

We use cookies, local storage, and similar tracking technologies to: 1. Make the site work (e.g. remembering login); 2. Compile aggregated statistics via Google Analytics 4; 3. Show relevant, optionally enabled marketing messages.

Non-essential cookies are disabled until you give granular consent via the cookie banner. You can withdraw consent at any time using the “Cookie Settings” link or through your browser (see section 12).

  1. How We Share Your Data
  • Payment processing is handled entirely by FastSpring (Bright Market, LLC). They receive only the information needed to complete the transaction. FastSpring is certified under the EU-US Data Privacy Framework and the Swiss-US Framework. We do not store or process any credit card information.
  • Service providers – IT hosting, email, analytics, and customer support platforms. All providers are bound by confidentiality and data-processing agreements.
  • Legal & compliance – When required by law, to protect your vital interests, or to establish/defend legal claims.

We never sell or rent your personal data.

  1. International Transfers

When we transfer personal data outside the country where you live, we rely on one or more of:

  • Adequacy decisions (e.g. EU → Australia under GDPR Art 45);
  • European Commission Standard Contractual Clauses (SCCs);
  • The Australia Privacy Act’s cross-border disclosure rules;
  • Your explicit consent.
  1. How Long We Keep Your Data

Transaction & tax records – 7 years (statutory).

Customer accounts – While active + 2 years of inactivity.

Marketing consents – Until withdrawn + 30 days to implement.

Support correspondence – 3 years after the ticket is closed.

Cookie logs – 26 months (Google Analytics default).

If we must keep backups for technical reasons, we will isolate them and securely delete them at the next rotation cycle.

  1. Your Privacy Rights

Depending on where you live, you may have the following rights:

  • Access – Obtain a copy of the personal data we hold about you.
  • Rectification – Correct inaccurate or incomplete data.
  • Erasure – Request deletion of your data in certain circumstances (“right to be forgotten”).
  • Restriction – Ask us to stop processing temporarily.
  • Objection – Object to processing based on legitimate interests or direct marketing.
  • Data portability – Receive your data in a machine-readable format.
  • Withdraw consent – At any time, where processing is based on consent.
  • Complaint – Lodge a complaint with your local supervisory authority (e.g. the OAIC in Australia, ICO in the UK, or any EU data-protection authority).

We will respond within 30 days (GDPR) or the shorter period required by your local law.

  1. Security Measures

We implement administrative, technical and organisational measures such as:

  • Encryption in transit (TLS 1.3) and at rest;
  • Principle of least privilege and two-factor authentication for staff accounts;
  • Regular security patches, vulnerability scanning, and penetration testing;
  • Business continuity and incident-response plans.

 

  1. Children

Our services are not directed to children under 18. If we learn that we have inadvertently collected such data, we will delete it promptly.

  1. Third-Party Links

Our website may link to third-party sites that operate independently from us. We are not responsible for their content or privacy practices. Please review their policies before submitting any personal information.

  1. How to Control Cookies

You can:

  • Adjust your preferences in our Cookie Settings panel (bottom-left of every page); or
  • Use the following browser guides:
    • Chrome Help: https://support.google.com/chrome/answer/95647
    • Firefox Support: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
    • Edge Support: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

Blocking essential cookies may impair site functionality.

  1. Changes to This Policy

We may update this policy to reflect legal, technical or business developments. We will post the new version here and, where changes are material, notify you by email (if we have your address) or via in-app notice 14 days before the change takes effect.

________________________________________

Questions? Email us from Contact Page and we will be happy to help.