COLOUR MATCHER

Privacy Policy

Version 2026-05-06 · Effective from launch

This Privacy Policy explains how W4D, trading as Colour Matcher, collects, uses, stores and protects your personal data when you use Colour Matcher.

W4D is the data controller for the personal data described in this policy. You can contact us at hello@colourmatcher.com.

What we collect

We may collect and process the following types of personal data:

Account data
This includes your name, email address, password, which is stored in hashed form, and the IP address used when you create your account.

Usage data
This includes palettes, gradients, boards, uploaded images, saved settings, project content and information about which features you use.

Technical data
This includes session cookies, browser type, device information, IP addresses, security logs and error logs.

Payment data
If you subscribe, payment is processed by Paddle, our merchant of record. We do not see or store your full card details. We may receive and store limited billing information from Paddle, such as your customer token, subscription status, invoice records and payment status.

How we use your data

We use your personal data for the following purposes:

To provide and operate Colour Matcher
This includes creating your account, saving your projects, processing uploaded content, providing AI features and allowing you to access the service.
Lawful basis: contract.

To send transactional emails
This includes account verification, password resets, billing notices, service updates and important account messages.
Lawful basis: contract and legitimate interests.

To improve and develop Colour Matcher
We may review usage patterns, error logs, feature performance and user feedback to improve the service, fix issues and develop new features. Where possible, we use aggregated or anonymised information for this purpose.
Lawful basis: legitimate interests.

To process AI features
When you use AI features, relevant prompts, uploaded content and generated outputs may be sent to Google's Gemini API so the requested feature can be performed.
Lawful basis: contract.

To keep the service secure and prevent abuse
This includes logging IP addresses, monitoring suspicious activity, preventing misuse and protecting our systems and users.
Lawful basis: legitimate interests.

To comply with legal obligations
This includes tax, accounting, regulatory and legal record-keeping requirements.
Lawful basis: legal obligation.

AI model training

We do not use your private uploaded content, palettes, boards or images to train public AI models.

We may use aggregated, anonymised usage information to understand how Colour Matcher is used and to improve the service.

If we introduce optional training or improvement features that use customer content in the future, we will update this Privacy Policy and provide appropriate notice and controls before doing so.

Who we share your data with

We only share personal data where needed to provide, operate or improve the service.

Fasthosts
Our hosting provider. Data is stored using UK/EU hosting infrastructure where available.

Google Gemini API
Used to provide AI features. Content sent to Gemini is processed to deliver the requested AI function. For paid Gemini API services, Google states that prompts, files and responses are not used to improve Google's products, subject to Google's applicable terms and retention rules.

Paddle
Used for subscription billing and payment processing. Paddle acts as merchant of record and receives the information needed to process payments, manage subscriptions, issue invoices and meet legal obligations.

Email providers
Used to send service emails such as account verification, password resets and billing messages.

People you choose to share with
If you share a board or project with another person, that recipient may see your name, email address and the content you choose to share.

We do not sell your personal data.

How long we keep your data

Account data is kept while your account remains active.

If you delete your account, we aim to delete or anonymise your personal data within 30 days, except where we need to keep certain records for legal, accounting, security or dispute-resolution purposes.

Billing and invoice records may be retained for up to 6 years where required for tax and accounting purposes.

Backups containing your data are typically overwritten or deleted within 90 days.

Your rights under UK GDPR

You have the right to:

To exercise your rights, email hello@colourmatcher.com.

You can also contact the Information Commissioner's Office at ico.org.uk.

Cookies

We use essential session cookies needed to keep you signed in, secure your account and operate the service.

We do not currently use advertising cookies, tracking cookies or analytics cookies.

If we add analytics or non-essential cookies in the future, we will update this policy and, where required, ask for your consent first.

International transfers

Some service providers, including Google and Paddle, may process data outside the UK or European Economic Area.

Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses, data processing agreements or other lawful transfer mechanisms.

Children

Colour Matcher is not intended for users under 18.

We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will take steps to delete it unless we are legally required to keep it.

Security

We use reasonable technical and organisational measures to protect personal data, including password hashing, access controls, secure hosting, logging and regular maintenance.

No online service can be guaranteed to be completely secure, but we take appropriate steps to protect your information against unauthorised access, loss, misuse or alteration.

Changes to this policy

We may update this Privacy Policy from time to time.

If we make material changes, we will notify users by email or through the service and update the version date at the top of this page.

Contact

For questions, requests or complaints, contact hello@colourmatcher.com.

You can also contact the Information Commissioner's Office at ico.org.uk.