← Zakhraf Studio

Privacy Policy

Last updated: 8 July 2026

Plain-language summary: the pattern designer runs entirely in your browser and needs no account. If you create an account we hold your email address to sign you in. If you subscribe, our payment processor handles your card details — we never see them. We do not sell your data.

1. Who is responsible for your data

Zakhraf Studio, operated as a sole trader in the United Kingdom, is the data controller for personal data processed through this service. For any privacy question or to exercise your rights, contact hello@zakhraf.studio.

2. What we collect and why

DataWhyLawful basis (UK GDPR)
Email addressTo create your account and send the magic-link sign-inContract
Subscription and billing recordsTo manage your Creator subscription (handled by Stripe; we store the subscription status, not card numbers)Contract
Anonymous usage eventsTo understand which features are used, so we can improve the toolLegitimate interests
Patterns and snapshotsStored in your own browser's local storage, not on our serversNot processed by us

3. Where your patterns are kept

The designs and snapshots you make are saved in your browser's local storage on your own device. They are not uploaded to us. Clearing your browser storage removes them; we cannot recover them for you.

4. Processors we use

Each processes data on our behalf under its own data-processing terms.

5. Cookies and local storage

We use local storage and essential cookies to keep you signed in and to remember your preferences and patterns. We do not use advertising or cross-site tracking cookies. Usage analytics, where enabled, are collected without identifying you personally.

6. How long we keep data

We keep your account email and subscription records for as long as you hold an account, and for a reasonable period afterwards to meet legal and accounting obligations. Ask us to delete your account and we will remove your personal data except where we must retain it by law.

7. Your rights

Under UK GDPR you have the right to access, correct, delete, restrict or object to our processing of your personal data, and to data portability. To exercise any of these, email us. You also have the right to complain to the Information Commissioner's Office (ico.org.uk).

8. International transfers

Some of our processors operate outside the UK. Where personal data is transferred abroad, it is protected by appropriate safeguards such as the UK International Data Transfer Agreement or equivalent adequacy provisions.

9. Changes

We may update this policy. Material changes will be posted here with a revised "last updated" date.

This is a good-faith baseline for a pre-launch product. Before scaling paid usage, have this policy reviewed against your final processor list, analytics setup and the jurisdictions of your users.