1. About Us

Redeem Innovations LLC (“we,” “our,” or “us”) is a limited liability company registered in the State of California, United States. We operate a multi-service digital and creative business providing:

• Creative Design — graphic design, branding, and visual content creation
• Custom Printing — business cards, banners, stickers, promotional products, and other printed materials
• Web Development — website design, development, and maintenance
• IT Support — technical support and consulting services
• Software & Web Applications — custom software and application development
• Automation & Admin Support — business process automation and administrative services
• Accounting Support Services — bookkeeping and accounting support (not tax or CPA services)

Mailing Address: Redeem Innovations LLC, 9110 Alcosta Blvd, Suite H PMB 2003, San Ramon, CA 94583

2. Legal Basis for Processing

We process your personal data in accordance with applicable data-protection laws, including the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and where applicable, the EU General Data Protection Regulation (GDPR). Our legal bases for processing are:

• Consent — When you create an account, place an order, subscribe to communications, or submit a contact form, you provide explicit consent for us to process the data you supply.
• Contractual necessity — Processing your account data, order details, and uploaded files is necessary to fulfill the services you requested.
• Legitimate interest — We process technical logs and use essential cookies to maintain platform security, prevent fraud, and improve site performance. These interests do not override your fundamental rights.
• Legal obligation — We may retain certain data (such as transaction records and consent logs) where required by applicable federal or state law.

You may withdraw your consent at any time by contacting us (see Section 17). Withdrawal does not affect the lawfulness of any processing carried out before the withdrawal.

3. What We Collect & Why

Account Registration

• First name, last name, and email address — to create and manage your account
• An encrypted password — we never store or view your plain-text password
• Company or organization name (optional)

Orders & Transactions

• Billing name, billing address, and email address — to process and confirm your order
• Shipping address — for delivery of physical printed products (business cards, banners, stickers, promotional products, etc.)
• Email address — for delivery of digital products and services (design files, web deliverables, software, and other digital outputs)
• Phone number — for order-related communications and delivery coordination
• Purchase and order history — for your records and our fulfillment operations

Payment Processing — Stripe

All payments are processed securely by Stripe, integrated with our WooCommerce store. We do not receive, store, or have direct access to your full credit or debit card number, CVV, or banking credentials. Stripe may share with us your name, email, order amount, and a partial card identifier (last 4 digits) solely for order record-keeping. All card details are encrypted and handled under Stripe’s PCI DSS Level 1 compliance. See Stripe’s privacy policy: stripe.com/privacy.

WooCommerce may store secure payment method tokens provided by Stripe (not your actual card number) if you choose to save a card for future orders. You can manage or remove saved payment methods from your account dashboard under “Payment Methods.”

Customer-Uploaded Files & Content

When you order design or printing services, you may upload files including images, logos, artwork, photographs, and text content. Uploaded files are used exclusively to fulfill your order, stored securely, and never shared publicly or used for any other purpose.

Subscriptions & Recurring Billing

Some of our services (such as web application access, IT support retainers, automation services, or ongoing admin support) may be offered on a subscription or recurring billing basis. If you subscribe to such a service:

• Your payment details are stored securely as a token by Stripe — we never store your actual card number
• Stripe will automatically charge the card on file on each renewal date using the agreed billing cycle (monthly or annual)
• You will receive advance notice before any renewal charge where required by applicable law
• You may cancel your subscription at any time from your account dashboard or by contacting us — cancellation takes effect at the end of the current billing period
• Refunds for subscription services are subject to our refund policy disclosed at the time of purchase

Contact & Support Communications

When you contact us via email, phone, or a contact form, we collect your name, email address, message content, and any optional information you provide (phone number, company name, file attachments). This data is used solely to respond to your enquiry.

Analytics & Technical Data

We use Google Analytics and standard server logs to understand how visitors use our site. Analytics data is anonymised and aggregated — it does not personally identify you. Server logs may record your IP address for security and performance purposes.

4. How We Use Your Information

• Create, manage, and maintain your account
• Process, fulfill, and deliver your orders — both physical and digital
• Manage subscriptions and process recurring billing via Stripe
• Communicate with you regarding your order, account, or service
• Fulfill design, print, IT, web, software, and other service requests
• Send marketing communications (only if you have opted in)
• Detect fraud, prevent spam, and maintain platform security
• Analyse site usage to improve performance and user experience
• Comply with applicable legal and regulatory requirements

5. Who We Share Your Data With

We share data only where necessary to operate our services:

• Stripe — all payment processing, including one-time and recurring billing. Stores payment tokens for saved cards. See: stripe.com/privacy
• WooCommerce / Automattic — store management, order records, and Stripe payment tokens
• Shipping carriers — name and shipping address, for physical product delivery only
• Print fulfillment partners — order data only, where third-party production is required
• Digital delivery services — email and order reference only, where used to deliver digital files or software
• Email & marketing platforms — name and email, only if you have opted in
• Google Analytics — anonymised usage statistics only
• WordPress.com / hosting — infrastructure provider for site operation
• Legal authorities — only where required by applicable law, court order, or government request

Note: if you request a password reset, your IP address is included in the system-generated reset email as a standard WordPress security measure.

6. Customer-Uploaded Files & Artwork

By uploading files to our platform, you represent and warrant that:

• You own all rights to the content, or hold all necessary licenses and permissions to use it for the intended purpose
• The content does not infringe any copyright, trademark, or other intellectual property rights
• The content does not violate any applicable law or regulation
• You are solely responsible for the accuracy, legality, and appropriateness of what you upload

We do not proofread or pre-approve uploaded content prior to production. You are responsible for reviewing and approving your designs before placing an order. We are not liable for errors in content you have provided or approved.

7. International Data Transfers

Redeem Innovations LLC is based in California, United States. By using our services, you acknowledge that your data will be processed in the US. Some third-party providers (including Stripe, WooCommerce, and Google Analytics) may also process data in other countries. We take reasonable steps to ensure your data is handled securely regardless of location. EEA and UK users retain all rights under their applicable local data-protection laws, and transfers to the US rely on Standard Contractual Clauses approved by the European Commission where applicable.

8. Cookies

Cookies are small files stored in your browser that help the site function correctly and improve your experience. Redeem Innovations LLC uses the following types of cookies:

9. Security of Your Data

Provided Automatically by WordPress.com Business Plan

The following protections are active on this site by default, entirely managed by WordPress.com. We did not set these up ourselves — they are included in the Business plan and cannot be disabled:

• SSL/TLS encryption — all data transmitted between your browser and our servers is encrypted via HTTPS. WordPress.com enforces SSL on every site including custom domains and does not permit it to be turned off
• Password hashing & salting — WordPress core automatically hashes and salts every user password. Plain-text passwords are never stored anywhere on the server
• Automatic core security updates — WordPress.com applies security patches to the WordPress core automatically, without any action required from us
• Daily malware & vulnerability scanning — Jetpack Scan, included with the Business plan, scans the site every day for malicious plugins, themes, malware, and known vulnerabilities
• Web Application Firewall (WAF) — server-level firewall provided by WordPress.com infrastructure, active on all Business plan sites without configuration
• DDoS protection — network-level attack mitigation built into WordPress.com’s hosting infrastructure
• Brute-force login protection — provided automatically by Jetpack, included with the Business plan
• Real-time backups — WordPress.com Business plan includes real-time site backups, enabling restoration if data is lost or the site is compromised
• Role-based access controls — WordPress’s built-in user role system restricts access to customer data and site settings to administrators only, by default

Provided by Stripe (Payment Security)

We use Stripe to process all payments. Stripe is certified to PCI DSS Level 1 — the highest level of payment card security. We do not handle, store, or ever see your full card number, CVV, or banking details. All payment data goes directly to and from Stripe’s secure infrastructure. This is managed entirely by Stripe and requires no security configuration on our part.

Consent & Agreement Logs

When you agree to this Privacy Policy, a record is saved using WordPress’s standard built-in user database (wp_usermeta) — a database table that exists in every WordPress installation automatically. The decision of what to record and when is handled by custom code installed on the site, but the data is stored entirely within WordPress’s own database. No third-party logging service, external database, or additional storage system is involved.

10. Data Breach Notification

In the unlikely event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required by law
• Notify affected users without undue delay if the breach is likely to result in a high risk to your personal rights and freedoms
• Take immediate steps to contain and remediate the breach, and implement measures to prevent recurrence

Breach notifications will include a description of the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address it.

11. How Long We Keep Your Data

• Account data: While your account is active. You may edit or delete your profile at any time.
• Order & transaction records: As required by applicable law — typically 7 years under California tax and business regulations.
• Subscription records: For the duration of your subscription and the applicable legal retention period thereafter.
• Uploaded files & artwork: For the period necessary to fulfill your order, then deleted. All print orders are non-refundable and custom-produced — files are not retained for reprints. You may request earlier deletion once your order is complete.
• Consent records: For the life of your account, as a legal compliance record. Includes date, policy version, and IP address at the time of agreement.
• Contact & support submissions: A reasonable administrative period, then deleted.
• Analytics data: Retained by Google Analytics in anonymised form per their own retention policy.

12. Your Rights

Depending on your location, you may have the following rights under applicable data-protection laws (including the CCPA/CPRA and GDPR):

Contact us (Section 17) to exercise any right. We respond within 30 days (or 45 days where permitted by law). Some data may be retained where required by law or for legitimate security purposes.

13. California-Specific Privacy Rights

As a California-based business serving California residents, we comply fully with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Do Not Sell or Share My Personal Information

We do not sell your personal information to third parties for monetary consideration. We do not share your personal information for cross-context behavioral advertising. You may formally assert your right to opt out at any time by contacting us.

Sensitive Personal Information

We do not collect or process sensitive personal information (as defined under CPRA) for purposes of inferring characteristics about you, beyond what is necessary to fulfill your orders and service requests.

Shine the Light

California Civil Code Section 1798.83 permits California residents to request information regarding disclosure of personal information to third parties for their direct marketing purposes. We do not disclose your personal information to third parties for their own direct marketing purposes without your express consent.

Authorized Agent

You may designate an authorized agent to submit a privacy rights request on your behalf. We may require written proof of authorization and may directly verify your identity before processing the request.

Right to Appeal

If we decline to take action on your privacy rights request, you may appeal our decision by contacting us at sales@redeem-innovations.com. If your appeal is denied, you may contact the California Privacy Protection Agency at cppa.ca.gov or the California Attorney General at oag.ca.gov.

14. Right to Lodge a Complaint

If you believe our processing of your personal data violates applicable law, you have the right to file a complaint with a supervisory authority. California residents may contact the California Privacy Protection Agency or the California Attorney General. EEA residents may contact their EU Member State supervisory authority. UK residents may contact the Information Commissioner’s Office (ICO).

We encourage you to contact us first at sales@redeem-innovations.com — we aim to resolve concerns directly and promptly.

15. Children’s Privacy

Our services are not directed to, and we do not knowingly collect personal information from, children under the age of 13. Our platform and services are intended for use by adults and businesses. If you are under 13 years of age, please do not use our services or provide any personal information.

If we become aware that a child under 13 has provided personal information to us, we will promptly delete such information. If you are a parent or guardian and believe your child has submitted personal information to us, please contact us immediately at sales@redeem-innovations.com.

16. Intellectual Property & Your Content

By uploading content to our platform, you grant Redeem Innovations LLC a limited, non-exclusive, royalty-free license to use and process that content solely to fulfill your order. This license terminates upon completion and deletion of your files. You retain full ownership of your content. We will never use your artwork or designs for any purpose beyond your order without your written consent.

17. Contact Us

For any questions, data requests, privacy concerns, or to exercise your rights, please contact us:

We will respond to all requests within 30 days (or 45 days where permitted by applicable law).

18. Disclaimer & Limitation of Liability

Our services are provided on an “as is” and “as available” basis, without warranties of any kind, either express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. While we take reasonable measures to protect your data and maintain service availability, we do not warrant that the site will be uninterrupted, error-free, or completely secure.

To the fullest extent permitted by applicable law, Redeem Innovations LLC shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising out of or relating to your use of our services, the processing of your data, or the production and delivery of your orders. Our total liability to you for all claims shall not exceed the greater of (i) the total amount paid by you for the specific product or service giving rise to the claim, or (ii) $500 USD.

Nothing in this section limits our liability for gross negligence, wilful misconduct, or any matter that cannot be excluded or limited under applicable California or federal law.

19. Governing Law & Jurisdiction

This Privacy Policy and any disputes arising from it shall be governed by and construed in accordance with the laws of the State of California, United States, without regard to its conflict-of-law provisions. Any legal action or proceeding relating to this policy shall be brought exclusively in the state or federal courts located in Contra Costa County or San Francisco, California.

If you reside in the European Economic Area or United Kingdom, nothing in this section affects your right to bring a claim before the courts or supervisory authority in your jurisdiction of residence.

20. Changes to This Policy

We may update this Privacy Policy at any time to reflect changes in our services, business practices, or applicable law. The “Last Updated” timestamp in the header reflects the exact date and time of the most recent revision in Pacific Time. For material changes, we will notify registered users via email or a prominent site notice. All registered users are required to re-agree upon each login — any update is automatically acknowledged at your next session. Continued use of our services after any update constitutes acceptance of the revised policy.