Temply Studio respects your privacy. This policy explains what personal information we process, why we process it, who may receive it, how long we keep it, and the choices and rights available to people in the Philippines.
This policy is a notice about our practices. It is not, by itself, a request for or record of consent.
Who operates Temply
Temply Studio is the personal information controller for the processing described in this policy. This policy applies to templystudio.shop and Temply's order, checkout, order-status, and invite experiences.
For privacy questions or verified data-subject requests, email templystudiosupport@gmail.com.
Information we collect
Information customers provide
Depending on the product, this may include:
- Your email address.
- Recipient names, endearments, sender names, greetings, personalized questions and answers, messages, letters, PINs, and PIN hints.
- Photos you upload and file details such as content type and size.
- Product selection, order code and status, amount, applied promo code, and order timestamps.
- A GCash or bank payment reference number and the screenshot or image you upload as proof of payment.
- Messages you send to our support address.
Temply does not collect your GCash account credentials or connect directly to a GCash API. We receive only the payment reference and proof image you choose to submit.
Personalized content can contain information about recipients and other people, not only the purchaser. Submit and share only content that you are authorized to use.
Information collected automatically
- Page views, timestamps, referring site or origin, approximate location, browser, operating system, and device category.
- Product-view and checkout events.
- Product slug, name, category, PHP value, promo code, discount value, and payment-proof-submitted event data sent to Google Analytics.
- Technical request information ordinarily processed by our hosting and infrastructure providers.
Our custom Google Analytics setup normalizes dynamic order and checkout routes. We do not intentionally send customer emails, raw customer access tokens, order codes, uploaded content, or payment proof images as custom analytics event values.
How we use information
We use information to:
- Create and maintain draft and finalized orders.
- Validate template customization and uploaded images.
- Provide previews, checkout, order status, and approved invite experiences.
- Review proof of payment and resolve rejected submissions.
- Apply promotions and calculate the amount due.
- Generate share links and deliver order-approval emails.
- Respond to support and privacy requests.
- Prevent unauthorized order access and maintain service security.
- Maintain audit, idempotency, and operational records.
- Understand aggregate storefront and checkout usage.
- Comply with legal obligations and establish or defend legal claims.
We process this information as necessary to provide the service and transaction you request, for legitimate operational and security interests, and where required by law.
Important sharing notice
Public invite links and recipient information
An approved order receives a share URL and QR code. Anyone who obtains that link can view the approved invite and its personalized content.
That content can include recipient names, messages, questions, answers, letters, PIN-protected template content, and uploaded photos. The purchaser controls who receives the link and should treat it as shareable, not as private authentication for order management.
Link-preview services and social platforms may receive the URL and preview metadata when it is shared. Approved invite metadata may include the recipient's name. Temply uses time-limited signed image URLs internally, but copying or sharing an invite can still expose displayed content to its recipients.
Service providers and disclosures
We use providers to operate Temply. They may process information outside the Philippines using their infrastructure and applicable contractual safeguards.
- Vercel — application hosting and privacy-oriented web analytics.
- Google Cloud Storage — customer photos and proof-of-payment images.
- MongoDB-backed database infrastructure — orders, customization data, payment records, invite records, audit records, and notification state.
- Google Analytics — page, device, approximate-location, and ecommerce-style event analytics.
- Resend — transactional approval emails and email-delivery metadata.
Information may also be provided to administrators reviewing orders and payment proofs; when legally required; to protect users, Temply, or others from fraud, abuse, or security threats; or as part of a business transfer subject to applicable privacy requirements.
Temply does not sell personal information.
Retention and deletion
- Draft, pending-payment, and proof-rejected orders are eligible for automatic hard deletion after seven days without an update. The purge includes associated order-scoped customer photos and payment-proof objects.
- Proof-submitted orders awaiting review are not part of the seven-day stale-order purge.
- Approved orders and public invite content are retained to keep the purchased experience available until Temply completes a verified deletion request, an administrator deletes the order, or retention is no longer necessary for legitimate business or legal purposes.
- Manual order deletion removes the order, payment submissions, published invite, email-notification state, associated idempotency records, and order-scoped storage objects.
- Idempotency-key records have a database expiry of approximately 24 hours. Functional order cookies expire after one year unless cleared or rewritten sooner.
- Google Analytics cookies follow provider-defined retention. Resend, Google, Vercel, MongoDB infrastructure, and Google Cloud may retain processor-side records according to their settings and obligations.
- Audit records may remain after order deletion where required for security, accountability, fraud prevention, legal compliance, or legal claims.
Deletion may therefore require verification and may not remove every audit record, backup, provider log, or record that Temply must lawfully retain immediately.
Security
Our safeguards include:
- Requiring a customer access token—not the visible order code alone—for customer order-management requests, while storing a hash of that token on the server.
- Using an HTTP-only customer-order cookie that is Secure in production.
- Order-scoped, purpose-specific upload signing and content-type and size restrictions for customer photos and payment proofs.
- Expiring signed URLs for storage reads.
- Restricting administrator routes to the configured Google-authenticated administrator email.
- Recording administrative payment decisions and deletions in audit records.
No internet transmission or storage system can be guaranteed to be completely secure.
Your Philippine privacy rights
Subject to applicable law, you may have the right to:
- Be informed about processing.
- Object to processing.
- Access your personal information.
- Correct inaccurate or incomplete information.
- Request erasure or blocking where applicable.
- Data portability where applicable.
- Claim damages where legally available.
- File a complaint with the National Privacy Commission.
Send a request to templystudiosupport@gmail.com. We may need to verify your identity and authority before exposing, correcting, or deleting an order, especially when a request concerns another person's content.
Changes and contact
We may update this policy when our practices, providers, or legal requirements change. We will update the effective date at the top when we publish a material revision.
