Privacy Policy
Last updated: 1 April 2025
1. Who we are
This privacy policy applies to the WeShape Collaborator Programme website operated by Infigo ApS (CVR DK-42635480, Denmark). We operate 12 international storefronts including weshape.com, weshape.dk, weshape.de, we-shape.fr, and others (collectively "WeShape", "we", "us", or "our").
For questions about this policy or your personal data, contact us at: collaborator@wezhape.com
2. What data we collect
We collect personal data only when you actively provide it to us:
- Collaborator application form — full name, email address, portfolio/Printables link, design category, approximate number of designs, and a free-text message about your work.
- Payout onboarding (Stripe) — bank account details and identity information collected and processed directly by Stripe on our behalf (see section 5).
- Communications — any information you share with us via email or other direct correspondence.
We do not use tracking cookies, analytics scripts, or advertising pixels on this website.
3. How we use your data
| Purpose | Legal basis (GDPR) |
|---|---|
| Reviewing and responding to your collaborator application | Legitimate interest / pre-contractual steps |
| Onboarding accepted collaborators and managing the ongoing relationship | Performance of contract |
| Processing monthly revenue share payouts via Stripe | Performance of contract |
| Complying with tax and accounting obligations | Legal obligation |
| Sending you programme updates or changes to terms (collaborators only) | Legitimate interest |
4. Data retention
Application data from unsuccessful applicants is deleted within 12 months of our decision. Data relating to active collaborators is retained for the duration of the collaboration and for 5 years thereafter to satisfy accounting and tax obligations. You may request earlier deletion where permitted by law (see section 7).
5. Third-party processors
We share your data with trusted third parties only where necessary:
- Stripe — payment processing and payout disbursement. Stripe acts as a data processor under a Data Processing Agreement. Your financial data is governed by Stripe's Privacy Policy.
We do not sell, rent, or trade your personal data with any third party for marketing purposes.
6. International transfers
WeShape operates storefronts across Europe. Your data is stored within the EU/EEA where possible. Where processors transfer data outside the EEA, they do so under Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an adequate level of protection.
7. Your rights (GDPR)
If you are located in the EU/EEA, you have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — request deletion of your data where there is no overriding legal basis for retention.
- Restriction — ask us to limit how we process your data in certain circumstances.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interest.
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.
To exercise any of these rights, email collaborator@wezhape.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority (in Denmark: Datatilsynet).
8. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All data in transit is encrypted via TLS. Access to personal data is restricted to WeShape personnel who need it to perform their duties.
9. Changes to this policy
We may update this policy from time to time. Material changes will be communicated to active collaborators by email at least 14 days before taking effect. The "Last updated" date at the top of this page always reflects the most recent version.