Privacy Policy

Threed.Systems (“we”, “us”, “our”) operates the threed.systems platform. This policy explains what personal data we collect, how we use it, and your rights in relation to it.

1. Data we collect

Account and authentication data. When you log in we collect your email address to authenticate you via magic link. We store your email alongside a provider slug and role in a session token.

Business and pipeline data. Data you enter into the platform — enquiries, quotes, orders, tasks, customer contact details — is stored in our Postgres database and scoped to your provider account.

Court design data. Configurations created in Court Lab (dimensions, colours, sport layers, equipment) are stored against your account and, where you choose, shared via a public link.

Usage data. We may collect anonymised analytics (page views, feature usage) to improve the platform. No personally identifiable information is included in analytics events.

2. How we use your data

• To authenticate you and maintain your session
• To operate the platform and provide the services you have subscribed to
• To send transactional emails (magic links, order notifications)
• To improve and develop platform features
• To comply with legal obligations

We do not sell your personal data to third parties.

3. Third-party services

We use the following third-party services which may process personal data on our behalf:

• Vercel — hosting and edge functions
• Supabase — Postgres database hosting
• Resend — transactional email delivery
• Sanity — content management
• Loops — CRM and email automation (Scale and Network plans)
• Stripe — payment processing (where checkout is enabled)

4. Data retention

We retain your data for as long as your provider account is active. On account closure we delete or anonymise personal data within 90 days, unless we are required by law to retain it longer.

5. Your rights

Depending on your jurisdiction you may have the right to access, correct, or delete the personal data we hold about you, or to request a copy of it. To exercise any of these rights, contact us at scott@threed.systems.

6. Cookies

We use a session cookie to maintain your authentication state. We do not use tracking or advertising cookies. Analytics, if enabled, use privacy-preserving methods that do not require consent under most jurisdictions.

7. Security

We use industry-standard security practices including HTTPS, encrypted database connections, and short-lived authentication tokens. No system is completely secure; if you believe your account has been compromised, contact us immediately.

8. Changes to this policy

We may update this policy from time to time. Material changes will be communicated to registered providers by email. The effective date at the top of this page indicates when the current version was last updated.

9. Contact

Questions about this policy? Email us at scott@threed.systems.