Legal

Privacy Policy

At CutterForge, we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information.

Last Updated: January 6, 2026

Contents

1. Who is CutterForge?

CutterForge is an instant cookie cutter creation platform that turns any photo, text, or AI prompt into 3D-printable STL files in seconds, eliminating the need for CAD skills or expensive designers.

CutterForge is operated by WobbleSoft B.V., a company registered in the Netherlands, located in Enschede.

You may interact with CutterForge when you:

  • Create an account and use our service
  • Subscribe to our Pro plan
  • Visit our website
  • Contact our support team

2. Our Responsibilities

For all activities and purposes described in this Privacy Policy, CutterForge (WobbleSoft B.V.) acts as the data controller as defined in the EU General Data Protection Regulation 2016/679 ("GDPR") and the UK GDPR.

As the data controller, CutterForge:

  • Determines what personal data is necessary to provide our services
  • Determines how personal data is processed for the correct operation of our platform
  • Ensures compliance with applicable data protection laws
  • Has established terms and conditions that apply to all users

3. What Personal Data Do We Collect?

CutterForge collects personal data when you use our services and/or when you provide information to us directly. Below is an overview of the personal data we may collect:

Account Information

  • Your name (display name)
  • Email address
  • Account login credentials (encrypted)
  • Profile preferences and settings

Payment Information

When you subscribe to our Pro plan:

  • Billing information (processed by our payment provider Mollie)
  • Subscription status and history
  • Transaction records

Note: We do not store your full payment card details. All payment processing is handled by Mollie B.V., which is PCI-DSS compliant.

Usage Data

  • Projects you create and save
  • Images you upload for processing
  • AI prompts you submit
  • Download history

Technical Data

  • IP address
  • Browser type and version
  • Device type and operating system
  • Referring website
  • Pages visited and time spent on our website

Communication Data

  • Any correspondence you send to our support team
  • Feedback and survey responses

4. Do We Process Sensitive Personal Data?

CutterForge's services are not designed for activities that require the processing of special categories of personal data (as defined in Article 9 of the GDPR). We ask that you do not provide such information to us.

CutterForge is intended for users aged 16 years and older. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete such information.

5. Why Do We Process Your Personal Data?

We process your personal data for the following purposes:

To Provide Our Services

  • Create and maintain your account
  • Process your cookie cutter designs and AI generations
  • Deliver STL files for download
  • Process payments and manage subscriptions

To Communicate With You

  • Send transactional emails (account confirmation, password reset, etc.)
  • Notify you about subscription status and renewals
  • Respond to your support inquiries
  • Send service updates and important notices

To Improve Our Services

  • Analyze usage patterns to improve our platform
  • Conduct statistical analysis
  • Develop new features and functionality

To Ensure Security and Prevent Abuse

  • Protect against fraud and unauthorized access
  • Enforce our terms of service
  • Comply with legal obligations

Legal Basis for Processing

We process your personal data based on:

  • Contract performance: Processing necessary to provide our services to you
  • Legitimate interests: To improve our services, ensure security, and manage our business
  • Legal obligations: Where required by applicable law
  • Consent: Where you have given explicit consent (e.g., for marketing communications)

6. How Long Do We Keep Your Data?

CutterForge retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law.

  • Account data: Retained while your account is active and for a reasonable period afterward to allow for account recovery
  • Payment records: Retained as required by tax and financial regulations (typically 7 years in the Netherlands)
  • Project data: Retained while your account is active; you can delete projects at any time
  • Technical logs: Typically retained for up to 90 days for security and debugging purposes

When you request account deletion, we will delete or anonymize your personal data, except where retention is required by law.

7. How Do We Protect Your Data?

The protection of your personal data is very important to us. CutterForge has implemented various technical and organizational security measures to protect your data:

Technical Measures

  • All data is encrypted in transit using HTTPS/TLS
  • Data at rest is encrypted using AES-256 encryption
  • Secure authentication with session management
  • Regular security updates and vulnerability monitoring

Infrastructure

  • Hosted on Google Cloud Platform (Firebase) with ISO 27001, SOC 2, and SOC 3 certifications
  • Physical data centers have 24/7 security, biometric access controls, and video surveillance
  • Built-in redundancy and automatic failover for high availability

8. Do We Share Your Data with Third Parties?

CutterForge works with trusted third-party service providers to deliver our services. These providers process your data on our behalf and according to our instructions.

Our Subprocessors

Google LLC (USA)

Cloud infrastructure, authentication, analytics, and database services

OpenAI, Inc. (USA)

AI content generation for creating cookie cutter designs from prompts

Mollie B.V. (Netherlands)

Payment processing for subscriptions

Resend Inc. (USA)

Email delivery for transactional and account-related emails

International Data Transfers

Some of our subprocessors are located outside the European Economic Area (EEA), particularly in the United States. When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

Legal Requirements

We may disclose your personal data if required by law, regulation, or legal process, or to protect the rights, property, or safety of CutterForge, our users, or others.

For more details about our data processing arrangements, please see our Data Processing Agreement.

9. Do We Use Cookies?

Yes, CutterForge uses cookies and similar technologies to provide, improve, and protect our services.

Types of Cookies We Use

  • Essential cookies: Required for the website to function properly, including authentication and session management.
  • Analytics cookies: We use Google Analytics to understand how visitors use our website and to improve our services. These cookies collect information in an aggregated form.

For more information about how we use cookies, please see our Cookie Policy.

10. Automated Decision-Making

CutterForge does not use automated decision-making that produces legal effects or significantly affects you.

When you use our AI-powered features, the content generation is processed by OpenAI, which may automatically reject prompts that violate their content policies. This is a safety measure to prevent the generation of harmful or inappropriate content. If your prompt is rejected, you can modify it and try again, or contact our support team for assistance.

11. What Are Your Rights?

Under the GDPR and other applicable data protection laws, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you
  • Right to rectification: You can ask us to correct inaccurate or incomplete data
  • Right to erasure: You can request deletion of your personal data (subject to legal retention requirements)
  • Right to restriction: You can ask us to restrict processing of your data in certain circumstances
  • Right to data portability: You can request your data in a structured, machine-readable format
  • Right to object: You can object to processing based on legitimate interests
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, please contact us at info@cutterforge.com. We will respond to your request within one month, as required by law.

If you are not satisfied with our response or believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

12. How Can You Contact Us?

If you have any questions about this Privacy Policy or our use of your personal data, please contact us:

WobbleSoft B.V.

Enschede, The Netherlands

Email: info@cutterforge.com

We will do our best to address your concerns and resolve any issues you may have.