Privacy Policy

We know your privacy matters.

At Mockspark Inc. (“Mockspark,” “we,” “us,” or “our”), we care about how your personal information is used, shared, and protected. This Privacy Policy describes how we collect, use, and disclose your personal information through our website (mockspark.com), services, apps, and any related content that links to or references this Privacy Policy (collectively, the “Mockspark Services” or “Services”).

By using the Mockspark Services, you agree to the privacy practices described in this Policy. Where required by law, we will ask for your specific consent before collecting or processing your personal information.

This Privacy Policy explains:

• What personal information we collect

• How we use your information

• Cookies and tracking technologies

• When and how we share your information

• Your rights and choices

• How we safeguard your data

• Data retention

• Data processing on behalf of merchants

• International data transfers

• Changes to this Policy

• How to contact us

What Information We Collect

We collect personal information for the purpose of providing, improving, and customizing the Mockspark Services.

We collect the following categories of information:

1. Information You Provide to Us

We collect information when you register for an account, use our Services, or communicate with us. This may include:

• Name

• Email address

• Contact information

• Company/store details

• Payment or billing information (where applicable)

• Files, text, or data you upload when personalizing content or creating projects

2. Information We Automatically Collect

We automatically collect data about your activity when you interact with our website or platform. This includes:

• IP address

• Browser type and version

• Device type and operating system

• Usage details (such as pages visited and features used)

• Date/time stamps

• Referring and exit URLs

We may also use cookies, pixels, and other tracking technologies to enhance your experience. See the “Cookies & Tracking” section below for more information.

3. Information from Third Parties

If you access our platform through a third-party service (e.g., the Shopify App Store), we may collect additional information such as:

• Platform/store IDs

• Integration settings

• Order or checkout data needed to process your projects or transactions

4. End-Customer Personalization Data (from Merchants)

When you use Mockspark to power customer-facing personalization experiences (e.g., letting buyers design their own product), we process data such as:

• End-customer name

• Personalized input (text, images, or selections)

• Order details

In doing so, we act as a “Data Processor” on your behalf, the Merchant, who is the “Data Controller.” See Section 8 for more on this.

How We Use Your Information

We use personal information only as necessary for legitimate business and service delivery purposes:

As a Data Controller (for Merchants and users of our platform):

• Provide and manage your account

• Deliver core platform services, including personalization and design

• Administer payments and renewals (when applicable)

• Communicate updates, product info, and provide support

• Comply with legal or tax obligations

• Prevent fraud, abuse, or security issues

• Analyze usage to improve service offerings

As a Data Processor (for end-customer personalization data):

• Facilitate product personalization and preview generation

• Enable completion and fulfillment of orders placed with Merchants

• Support Merchants in troubleshooting customer issues

• Only act on documented instructions from the Merchant and under a valid Data Processing Agreement (DPA)

We do not use Merchant end-customer data for our own analytics, advertising, or product development.

Cookies & Tracking Technologies

Mockspark uses technologies like cookies, log files, and pixels for essential functionality, personalization, performance tracking, and marketing purposes.

Cookies help us:

• Remember user logins or input

• Improve loading times and app performance

• Analyze which parts of the platform are most used

• Serve relevant product updates or materials

You can control cookie preferences via your browser settings or opt out of certain trackers through tools like the Digital Advertising Alliance (www.aboutads.info).

Sharing Your Personal Information

We do not sell your personal information.

We may share your information in the following ways:

1. Service Providers (Sub-processors)

We work with carefully selected third parties who help us operate our Services, including:

• Cloud hosting providers (e.g., AWS, Supabase)

• Payment gateways

• Email communication tools (e.g., Mailchimp, Intercom)

• Analytics and diagnostics tools (e.g., Google Analytics)

These vendors only receive information necessary for the specific tasks we’ve hired them for. They must safeguard the data and may not use it for personal benefit.

For data processed on behalf of Merchants, we ensure that all sub-processors operate under the obligations in our DPA.

2. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be part of the transferred assets under a privacy framework no less protective than those stated here.

3. Legal Compliance and Protection

We may disclose your personal information to comply with the law, respond to subpoenas, protect the legal rights of Mockspark or others, enforce our Terms of Service, or detect/prevent fraud.

4. With Your Consent

We may share information for other reasons only when you instruct or consent us to do so.

Data Security

We take data protection seriously and use a combination of physical, technical, and administrative safeguards to help secure your personal data.

These include:

• Encryption in transit (HTTPS/SSL)

• Data segregation

• Access control standards based on role and need

• Secure authentication methods

• Routine platform security reviews

Payment data, if collected directly, is processed according to PCI-DSS standards either by us or industry-approved gateways.

Despite our efforts, no system is 100% immune from breaches. If there is a data breach that requires notification, we will do so in accordance with applicable law.

Data Retention

We retain personal information only as long as necessary for the purposes described in this Privacy Policy or to comply with legal requirements.

Our general retention policy:

• Account information: Retained for the life of the user’s account or until otherwise requested

• Customer-uploaded personalization content: Automatically deleted 90 days after submission, unless configured otherwise

• Order metadata: Retained up to 12 months for fulfillment and support purposes

Merchants may request early deletion of end-customer data at any time, subject to any legal or operational constraints.

Your Rights and Choices

Depending on your location and applicable laws, you may have certain privacy rights, including to:

• Access your personal data

• Request data correction or deletion

• Object or restrict certain data processing

• Withdraw consent at any time (where applicable)

• Request data portability

If you are a Mockspark customer, you can manage most personal details through your account dashboard.

If we process your data on behalf of a Merchant, you should contact that Merchant directly. We will assist Merchants with data subject access requests in line with our Data Processing Agreement.

Mockspark as a Data Processor (for Merchants)

If you use Mockspark to collect and manage data from your own customers (e.g., to personalize a product), you are the Data Controller, and Mockspark acts as a Data Processor.

When we process data on your behalf, we:

• Act solely on your instructions and behalf

• Do not process the data for any unrelated purposes (e.g., analytics or advertising)

• Offer security, encryption, and access controls as outlined in our DPA

• Support you in fulfilling obligations under data privacy laws (e.g. GDPR, CCPA)

• Allow review of our sub-processors and data practices upon request

Acceptance of our Data Processing Agreement (DPA) is required to use personalization features. Our DPA can be accessed here: [Insert Link to Data Processing Agreement].

International Transfers

If you use Mockspark from outside the United States, please note that your data may be stored or processed in the U.S. or other countries with different data protection laws.

For jurisdictions with applicable cross-border transfer regulations (e.g., GDPR in the EU), we rely on mechanisms like:

• Standard Contractual Clauses (SCCs)

• Vendor-provided transfer frameworks

• Other legally approved transfer tools

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or legal obligations.

If changes are material, we will notify you by email or via the Service. Continued use of the Service after any revisions means you accept the updated policy.

We encourage you to review this Privacy Policy periodically.

Contact Us

Have questions about this Privacy Policy or how we handle your data?

Email: support@mockspark.com

Business Address: 151 Queen's Road Central, Central, Hong Kong

Effective Date: 01-09-2025