Privacy Policy
Effective Date: Dec 26 2025
​
This Privacy Policy (“Policy”) explains in detail how Soft Graphic Services INC (“Company,” “we,” “us,” or “our”) collects, uses, stores, protects, and discloses personal information when you access or use our website https://www.shopsoftgraphic.net/(the “Website”).
​
​
This Policy is intentionally drafted in a highly descriptive, enterprise-grade format to meet:
United States federal and state privacy and consumer protection laws
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
Additional U.S. State Privacy Disclosures, Colorado, Texas, Virginia, Connecticut and Utah.
General Data Protection Regulation (GDPR) for EU/EEA users (where applicable)
Microsoft Advertising (Bing Ads) policies, including Universal
1. Company Information
Legal Entity Name: Soft Graphic Services INC
Registered Office (USA):
518 Sams Hill Rd
41 El Cajon
CA 92021
Customer Support Contact: Phone: +1-(855) 978-6614
Email: sales@shopsoftgraphic.net
​
2. Scope and Applicability
​
This Privacy Policy applies to all visitors, customers, partners, and users who access, browse, interact with, or transact on our Website. It covers data collected online through the Website, email communications, customer support interactions, and lawful advertising technologies. This Policy does not apply to third-party websites, platforms, or services that may be linked from our Website. We are not responsible for the privacy practices of such third parties.
​
We use cookies and similar tracking technologies to enhance your experience. For detailed information about our cookie usage, please see our Cookies Policy.
​
3. Categories of Information We Collect
3.1 Information You Voluntarily Provide
​
We may collect personal information that you choose to provide, including but not limited to:
Full name
Email address
Telephone number
Billing and shipping addresses
Order, transaction, and payment-related details
Communications with customer support
​
3.2 Information Automatically Collected
​
When you access the Website, certain information may be collected automatically:
Internet Protocol (IP) address
Browser type and version
Device identifiers and operating system
Pages viewed, session duration, and navigation patterns
Referring URLs and timestamps
​
4. Cookie Preferences & User Control
We respect your privacy and believe in complete transparency about how cookies are used on our Website. When you visit our Website, you are provided with clear options to manage your cookie preferences through our cookie consent banner. You may accept all cookies, decline non-essential cookies, or customize your preferences by category. The types of cookies used on our Website are outlined below:
​​
4.1 Essential Cookies
​
These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt out of these cookies.
​
4.2 Functional Cookies
These cookies are required for:
Essential for the proper functioning of the Website
Enable core features such as page navigation and secure access
Store user preferences to improve usability
Without these cookies, certain Website services may not function correctly
​
4.3 Analytics Cookies
These cookies are required for:
Help us understand how visitors interact with the Website
Collect information such as pages visited and time spent on the site
Analyze user behavior patterns in an aggregated manner
Used only to improve Website performance, user experience, and content quality
​
4.4 Advertising Cookies
These cookies are required for:
Used to deliver relevant and personalized advertisements
Help ensure ads are aligned with user interests
May track browsing behavior across the Website for ad relevance purposes
​
4.5 Data Shared with Third Parties
These cookies are required for:
Some cookies may be set by trusted third-party service providers
Used to support analytics, advertising, or integrated services
Third parties are required to comply with applicable data protection and privacy regulations
CONTROLS FOR DO-NOT-TRACK FEATURES
​
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.
California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.
Global Privacy Control: We recognize and honor Global Privacy Control (GPC) signals. If you use a browser or extension that supports GPC, we will treat this as a valid request to opt out of the sale or sharing of your personal information for targeted advertising purposes under applicable state privacy laws, including the California Consumer Privacy Act (CCPA). When we detect a GPC signal from your browser, we will automatically apply your opt-out preference without requiring you to take any additional action. For more information about GPC and how to enable it, visit https://globalprivacycontrol.org/.
​​​​
​5. How We Use Personal Information, We process personal information for legitimate business purposes,including:
Order fulfillment and account management
Customer support and communications
Website security and fraud prevention
Legal and regulatory compliance
Limited, consent-based marketing where permitted by law
​
6. Legal Bases for Processing (GDPR)
For EU/EEA users, processing is based on:
User consent
Contractual necessity
Legal obligations
Legitimate business interests
Users may withdraw consent at any time.
​
7. Enterprise Data Protection Standards
We adhere to enterprise-level data protection requirements frameworks, implementing 67 comprehensive security controls designed to safeguard personal information throughout its lifecycle. Our commitment includes:
End-to-end data protection measures Encryption standards including TLS 1.3 for data in transit and AES-256 for data at rest
Secure access controls and role-based permissions
Continuous monitoring and logging
Supplier and partner security alignment
8. Incident Response
We maintain documented incident response procedures aligned with enterprise-grade requirements, including:
Rapid identification and containment
Impact assessment
Regulatory notification where required
Remediation and preventive controls
​
9. Disclosure of Personal Information
We may disclose personal information to:
Authorized service providers
Payment processors
Shipping and logistics partners​
​
10. Data Retention Personal information is retained only for as long as necessary to:
Fulfill contractual obligations
Meet legal and accounting requirements
Resolve disputes and enforce agreements
11. Data Security Safeguards
We implement administrative, technical, and physical safeguards to protect personal data. While we strive to use commercially acceptable means to protect information, no system is completely secure. Note that we cannot guarantee that unauthorized or unintended access to the data will not occur, and we cannot be held responsible for such cases. We make no warranty, express, implied, that we will be able to prevent such access. If you believe that your privacy rights has been mishandled, or if you become aware of any unauthorized attempt by a third party to access your Personal Data, please reach out to us by submitting Privacy Rights Form. In the event of a security incident involving your Personal Data, we will make reasonable efforts to notify you and, if required by applicable law, to the appropriate authorities.
​
12. International Data Transfers
Your information may be transferred to and maintained on servers located outside of your jurisdiction. By using our services, you consent to the transfer of information to countries that may have different data protection laws than your country of residence.In such event, we will comply with the law requirements to ensure that your Personal Data receives an adequate level of protection upon its transfer. Notwithstanding the foregoing, where we transfer Personal Data that was collected within the, outside the EEA, we will take appropriate measures to protect the Personal Data and ensure that during the transfer sufficient safeguards are provided, such as pursuant with the EU standard contractual clauses as approved by the European Union (SCCs).
​
13. Your Privacy Rights
​
13.1 GDPR Rights (EU/EEA Users)
You have the right to:
Access personal data
Correct inaccuracies
Request deletion
Restrict or object to processing
Request data portability12.2 CCPA / CPRA Rights (California Residents)
​
California residents may:
Request disclosure of data collection practices
Access or delete personal information
Opt out of the sale or sharing of data
Limit use of sensitive personal information
Exercise rights without discrimination
​
13. 2 Third-Party Service Providers & Vendors (CCPA/CPRA Disclosure)
​
​As required by California law, we disclose all third-party service providers who may process your personal information:
​
Payment Processing: Stripe Inc. - Processes credit/debit card payments and manages transactions
Shipping Partners: USPS, UPS, FedEx - Fulfills product deliveries (receives name/address only)
Live Chat INC, Live Chat for Customer inquiry, System Development, Operation, and Maintenance
(Cookie Banner)- Cookie Consent Management, Displays a customizable banner to inform users about cookies and get their explicit permission.: Allows users to accept, decline, or customize cookie categories (e.g., analytics, marketing).
13.3 State-Specific Privacy Rights
​Virginia (VCDPA)
Virginia residents have rights under the Virginia Consumer Data Protection Act, including the right to access, correct, delete, and obtain a copy of personal information, and to opt out of targeted advertising and sales of personal data.
Colorado (CPA)
Colorado residents have rights under the Colorado Privacy Act, including similar rights to access, correct, delete personal data, and opt out of targeted advertising, sale of personal data, and certain profiling activities.
Connecticut (CTDPA)
​
Connecticut residents have rights under the Connecticut Data Privacy Act, including the right to confirm whether we process personal data, access personal data, correct inaccuracies, delete personal data, and opt out of processing for targeted advertising or sales.
Utah (UCPA)
​
Utah residents have rights under the Utah Consumer Privacy Act to access and delete personal data, and to opt out of the processing of personal data for targeted advertising or the sale of personal data.
Texas ( TDPSA)
​
Texas resident can request access, correction, deletion, and portability of their data, and opt-out of sales, targeted ads, and profiling
14. Sensitive Personal Information
​
We do not intentionally collect or use sensitive personal information(including health data, political opinions, or biometric identifiers) for advertising or profiling.
15. Children’s Privacy
​
We do not knowingly collect personal information from children.The Service and its content are not directed at children under the age of 13. Lotus Web Services LLC does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register as Users. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us using privacy rights form.
16. Personal Information Requests
I am submitting a request to:
Confirm whether my personal information is being processed
Access my personal information
Correct or update my personal information
Request deletion of my personal information
Restrict processing of my personal information
Ask a question about this Privacy Policy
Withdraw consent to data processing
Deny use of my data for direct marketing or profiling
Other (specified in the request)
Requests may be submitted via Privacy Rights Form.
17. Important Legal Links
• Do Not Sell My Personal Information
• End User License Agreement (EULA)
18. Updates to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will take effect immediately upon posting. Users are encouraged to review this Policy periodically.This Privacy Policy exceeds standard compliance requirements and is suitable for enterprise partnerships, advertising approvals, and a Wix-powered e-commerce website.​​​​​