Legal

Privacy Policy

Last updated: February 15, 2026

At designless.studio ("Company", "we", "us", or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our platform (collectively, the "Service").

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using the Service, including:

Account Information: Name, email address, and password when you create an account
Profile Information: Professional title, company name, and role
Content Data: Design expressions, prompts, preferences, and other content you input into the Expression Resolver
Communication Data: Messages, feedback, and support requests you send to us
Payment Information: Billing details processed through our third-party payment provider (we do not store full payment card numbers)
Waitlist Data: Email address provided when requesting early access

1.2 Information Collected Automatically

When you access the Service, we may automatically collect:

Device Information: Browser type, operating system, device type, and screen resolution
Usage Data: Pages visited, features used, time spent, click patterns, and interaction data
Log Data: IP address, access times, referring URLs, and error logs
Cookies and Similar Technologies: Session identifiers, preferences, and analytics data (see Section 6)

1.3 Information from Third Parties

We may receive information about you from third-party services you connect to your account, such as design tools, code repositories, or authentication providers.

2. How We Use Your Information

We use the information we collect for the following purposes:

Purpose	Legal Basis
Provide and operate the Service	Contract performance
Process your expressions through the LESS Resolver	Contract performance
Send service updates and administrative messages	Legitimate interest
Improve and optimize the Service	Legitimate interest
Analyze usage patterns and trends	Legitimate interest
Detect, prevent, and address security issues	Legitimate interest
Send marketing communications (with consent)	Consent
Comply with legal obligations	Legal obligation

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

Service Providers: With trusted third-party vendors who assist us in operating the Service (hosting, analytics, payment processing, email delivery), bound by contractual obligations to protect your data
Legal Requirements: When required by law, legal process, or government request
Safety and Rights: To protect the rights, property, or safety of the Company, our users, or the public
Business Transfers: In connection with a merger, acquisition, or sale of assets, in which case your information may be transferred to the acquiring entity
With Your Consent: When you have given us explicit permission to share your information

4. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

Account Data: Retained while your account is active and for 30 days after deletion
Content Data: Design expressions and outputs are retained while your account is active. You may delete your content at any time
Usage Data: Aggregated and anonymized usage data may be retained indefinitely for analytics
Communication Data: Support correspondence is retained for up to 2 years
Waitlist Data: Email addresses are retained until you unsubscribe or the beta period ends

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention procedures.

5. Data Security

We implement industry-standard security measures to protect your information, including:

Encryption of data in transit (TLS 1.3) and at rest (AES-256)
Regular security assessments and penetration testing
Access controls and role-based permissions for our team
Secure development practices and code review processes
Incident response procedures and breach notification protocols

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. The types of cookies we use include:

Essential Cookies: Required for the Service to function (authentication, security, preferences)
Analytics Cookies: Help us understand how users interact with the Service (page views, feature usage)
Functional Cookies: Remember your settings and preferences for a personalized experience

We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Service functionality.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data, subject to legal retention requirements
Portability: Request your data in a structured, machine-readable format
Objection: Object to the processing of your data for certain purposes
Restriction: Request restriction of processing in certain circumstances
Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise any of these rights, contact us at privacy@designless.studio. We will respond to your request within 30 days.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission where applicable.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly.

10. Third-Party Links

The Service may contain links to third-party websites and services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party services before providing your information.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

The right to know what personal information is collected, used, shared, or sold
The right to delete personal information held by us
The right to opt out of the sale of personal information (we do not sell personal information)
The right to non-discrimination for exercising your CCPA rights

To exercise your CCPA rights, contact us at privacy@designless.studio.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR), including the rights described in Section 7 above. Our legal bases for processing are described in Section 2.

You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

designless.studio
Email: privacy@designless.studio

For data protection inquiries in the EU, you may also contact our Data Protection Officer at dpo@designless.studio.