Icon User
$ USD
  • $ USD
  • € EUR
  • £ GBP
  • $ CAD

PRIVACY POLICY


 Effective date: 23/12/2025
Last updated: 23/12/2025

Data protection is a priority to GD EQUESTRIAN LTD  (Company number 14818864, legal address: Dept 5447a 126 East Ferry Road, Canary Wharf, London, United Kingdom, E14 9FP) (the “Company”, “Templfly”, “we”, “us”, “our”), the operator of templfly.com (the “Website” or “Platform”). We process personal data in accordance with the United Kingdom data protection law (UK GDPR) and EU General Data Protection Regulation (“GDPR”).

By using the Website, you acknowledge that you have read this Privacy Policy. If you do not agree with any part of it, please stop using the Website and contact us.

1. General information

This Privacy Policy explains the nature, scope, and purposes of the personal data we collect, use, and otherwise process, and describes your rights as a data subject.

Unless stated otherwise, the Company acts as the data controller for personal data processed through the Website and in connection with our services.

2. Types of information we collect

We collect certain information about visitors and users of the Platform. The type and amount varies depending on your interaction with the Website and whether you are a customer, a collaborator, or a partner.

2.1 Information we receive from collaborators (contributors/creators)

We may collect: name, company name (if applicable), IP address, email address, phone number(s), identity verification details (e.g., photo ID where legally required), social media URLs, payment details necessary to pay commissions/royalties, and responses to surveys (where applicable).

We use this information to: administer collaborator accounts, verify identity, manage payouts (commissions/royalties), provide support, communicate, handle billing/records, prevent fraud, and improve our services.

2.2 Information we receive from customers

We may collect: name, username, email address, phone number(s), billing country, and other contact information. We may also collect technical data about the device(s) used to access the Website (browser, referring source, IP address), account activity, purchase history, support inquiries, and analytics data.

We may receive limited payment-related data from payment providers (e.g., cardholder name, PayPal email, billing country), transaction status, and basic transaction identifiers. We do not store full payment card details on our servers if processing is handled by third-party payment providers.

We use this information to: process purchases, deliver access to digital products, provide customer support, send service/technical notices, security alerts, policy change notices, prevent fraud, and enforce our Terms and policies.

2.3 Information we receive from partners

We may collect: partner names, company names, website URLs, phone numbers, billing addresses, company types, email addresses, identity verification details (where needed), and payout/payment information.

We use this information for: partner onboarding, identity verification, communications, billing, support, and risk/fraud monitoring.

2.4 Information we receive from website visitors

We may collect: device type, browser, network connection details, IP address, cookies and similar technologies, and web analytics data. We may also collect personal information you provide via forms (chat, ticketing, subscription, contact forms).

2.5 Information we receive via chat, phone calls and other indirect means

We may collect: names, email addresses, device/browser details, chat transcripts, call notes/recordings (where lawful and disclosed), and any other information you provide during a chat or call. We may request additional information to verify identity or troubleshoot issues.

3. Means of collecting personal data

We collect personal data when you: register, create an account, make a purchase, contact support, subscribe to updates, submit feedback, enter a survey, or otherwise interact with the Website.

We also automatically collect certain technical data when you navigate the Website, including via third-party sources that link to our Website.

4. Receiving information from third parties

We may receive personal data from:

  • Payment providers to process transactions and confirm payments;

  • Identity verification and fraud-prevention services (where necessary) to detect suspicious activity;

  • Social login providers (e.g., Google) if you choose to connect or log in using those services (the scope depends on the provider and your settings).

5. Purposes and legal bases for processing

We process personal data for the purposes below, under one or more legal bases (GDPR Art. 6), such as: performance of a contract, legal obligations, legitimate interests, and consent (where required).

5.1 Order processing and account administration

We process personal data to create and manage accounts, process purchases on our Platform, deliver access to digital products, provide receipts, handle refunds (if any), and manage customer support.

5.2 Provision and improvement of services

We may process personal data to:

  • provide and maintain the Platform and its features;

  • verify identity and secure accounts;

  • provide general and technical support;

  • send service messages (security alerts, policy updates, administrative notices);

  • review activity to prevent fraud and ensure compliance with Terms/policies;

  • analyze usage to improve the interface, product quality, and performance;

  • manage legal/operational affairs and risk.

5.3 Marketing (where permitted)

Where required by law, we will request your consent before sending marketing communications. You can withdraw consent at any time (e.g., via unsubscribe links) or by contacting us atsupport@templfly.com.

5.4 Legal requests

We may process and disclose information where required to comply with a legal obligation, respond to lawful requests by authorities, protect our rights, or prevent harm.

5.5 Statutory Rights and Digital Content

We process your purchase data to fulfill our legal obligations under the UK Consumer Rights Act 2015. This includes maintaining records of your “right to repair” or replacement if a digital template is found to be defective, and processing data for the 14-day cancellation period (unless you have started the download and waived this right)

6. Disclosure of personal information

Personal data may be accessed by:

  • Company employees and contractors who need it to perform their duties;

  • service providers that process data on our behalf (e.g., hosting, analytics, support tools), under appropriate contractual safeguards;

  • payment providers and financial institutions to process transactions;

  • authorities or third parties where required by law or necessary to protect rights and safety.

Where third-party providers are located outside the EEA, we use appropriate safeguards (e.g., adequacy decisions or Standard Contractual Clauses) where required.

7. Storage and protection of personal information

The Company is incorporated in the United Kingdom. While we may use  service providers and data centres located in the European Economic Area  (EEA) and globally, your data is primarily governed by UK data  protection standards. Where data is transferred outside the UK or EEA,  we ensure standard contractual clauses or adequacy regulations are in  place.

7.1 Storage time

We retain personal data only as long as necessary for the purposes described in this Policy, including legal, accounting, and fraud-prevention requirements. If you request deletion, we may need to retain certain data where required by law or for legitimate interests (e.g., fraud prevention, dispute resolution, compliance). Notwithstanding account inactivity, we are required by UK tax law (HMRC) to retain records of financial transactions (including name, address, and transaction details) for a minimum of six (6) years following the end of the relevant tax year.

7.2 Security measures

We use appropriate technical and organizational measures to protect personal data (e.g., access controls, encryption in transit such as SSL/TLS, least-privilege access, verification procedures for sensitive requests). No method of transmission or storage is 100% secure, but we work to protect your information.

8. Your rights (GDPR)

Depending on applicable law, you may have the right to:

  • access, correct, delete, or restrict processing of your data;

  • object to processing (including profiling for direct marketing);

  • data portability;

  • withdraw consent (where processing is based on consent);

  • lodge a complaint with the Information Commissioner’s Office (ICO). You have the right to complain to them at any time (www.ico.org.uk), though we appreciate the chance to deal with your concerns before you approach them.

To exercise your rights, contact us at support@templfly.com.

9. Marketing communications

If you opt in (or where permitted by applicable law), we may send marketing messages. You can opt out at any time using the unsubscribe option or contacting us at support@templfly.com.

9.1 Google Analytics

We may use Google Analytics (or similar analytics tools) to understand how users interact with the Website. Analytics tools may use cookies and similar technologies. You can control cookies via your browser settings and, where available, our cookie preferences.

10. Cookies

Cookies are small files placed on your device when you visit a website. We use cookies to provide core functionality, security, and (where enabled) analytics and personalization.

Where required by law, we will request your consent for non-essential cookies (e.g., analytics/advertising) and provide a cookie preferences mechanism. Strictly necessary cookies may be enabled to ensure the Website functions and requested services are provided.

11. Third-party links

If you click a link to a third-party website, you leave our Website. We are not responsible for how third parties process your data. Please review their privacy policies.

12. Deleting data and account closure

You may request deletion of your account and personal data by contacting us at support@templfly.com. We may need time to process deletion requests due to backups and third-party service dependencies. Some data may be retained where required by law or necessary for legitimate interests (fraud prevention, dispute resolution, compliance).

We may deactivate or delete accounts that have been inactive for six (6) months or more, subject to applicable law and legitimate retention needs.

13. Children’s privacy

The Website is not intended for children. If you are under the age required to consent to data processing in your country, you should not use the Website or provide personal data. If we become aware that we have collected personal data from a child contrary to applicable law, we will take steps to delete it.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be posted on templfly.com and will apply from the date it is published. If we make material changes, we may notify you by email or through the Website, where appropriate.

If you have questions about this Privacy Policy or believe your privacy rights have been violated, contact us at support@templfly.com. We aim to respond within a reasonable period.