Privacy Policy for Loopi

Last Updated: July 11, 2026

Introduction

This Privacy Policy describes how Loopi ("we", "us", or "our") collects, uses, and shares information when you use our web application (the "App"). We are committed to protecting your privacy and being transparent about our data practices.

Information we collect

1. Information you provide directly

When you create an account and use Loopi, we may collect:

  • Account information: Name and email address, provided when you register or sign in
  • Commission & client data: Client details, commission descriptions, quotes, and related project information you enter to manage your work
  • Project & inventory data: Yarn library entries, patterns, designs, and calculator inputs you create or save
  • Feedback: Any messages, feature requests, or support requests you submit
  • Subscription data: Information about your trial and subscription status

2. Information automatically collected

  • Device & browser information: Browser type, operating system, and device characteristics
  • Usage analytics: How you interact with the App, collected through PostHog analytics
  • Session recordings: PostHog may record user sessions to help us improve the App experience
  • Purchase information: Subscription and payment data processed through Stripe

3. Information stored locally in your browser

The following data may be stored only in your browser (for example, in local storage) and is not necessarily transmitted to our servers unless you sign in and choose to save it:

  • Unsaved canvas patterns and designs (auto-save drafts)
  • Calculator inputs and tool preferences
  • Selected language and interface settings

How we use your information

We use the collected information for the following purposes:

  • Service delivery: To provide the calculators, canvas designer, commission tools, and client portal, and to save your work across sessions
  • App improvement: To analyze usage patterns and improve functionality, design, and user experience
  • Customer support: To respond to your feedback and support requests
  • Subscription management: To process and manage your subscription
  • Error monitoring: To identify and fix technical issues and bugs
  • Communication: To send you important updates about the App (where permitted)

Third-party services

We use the following third-party services that may collect information:

Supabase

  • Purpose: Authentication and backend database for storing your account, commissions, and project data
  • Data shared: Account information and any data you save while signed in
  • Privacy policy:supabase.com/privacy

Stripe

  • Purpose: Subscription and payment processing
  • Data shared: User identifier, purchase information, and subscription status (card details are handled directly by Stripe and are not stored on our servers)
  • Privacy policy:stripe.com/privacy

PostHog

  • Purpose: Product analytics and session recording (hosted in the EU)
  • Data shared: Usage patterns, user interactions, session replays, and device information
  • Privacy policy:posthog.com/privacy

Data retention

  • Account data: We retain your account and project data for as long as you use the App. You can request deletion at any time.
  • Analytics data: Analytics and error tracking data is retained according to our third-party providers' policies (typically 90 days to 2 years).
  • Local data: Data stored in your browser remains until you clear your browser data.

Data security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encrypted connections (HTTPS/TLS) for all data transmission
  • Secure storage practices for data on our servers
  • Regular security assessments and updates
  • Limited access to personal data by authorized personnel only

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your privacy rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable format
  • Opt-out: Opt out of analytics and marketing communications
  • Withdraw consent: Withdraw consent for data processing where we rely on consent

To exercise these rights, please contact us at the email address provided below.

Children's privacy

The App is not intended for children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to this privacy policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy in the App
  • Updating the "Last Updated" date
  • Sending you a notification (if required by law)

Your continued use of the App after changes become effective constitutes acceptance of the revised policy.

European Users (GDPR)

Loopi is operated from the Netherlands, within the European Union, and we comply with the General Data Protection Regulation (GDPR).

Your GDPR Rights

As an EU resident, you have the following rights:

  • Right of access (Article 15): Obtain confirmation of data processing and access to your data
  • Right to rectification (Article 16): Correct inaccurate or incomplete data
  • Right to erasure (Article 17): Request deletion of your data ("right to be forgotten")
  • Right to restriction (Article 18): Limit how we use your data
  • Right to data portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to object (Article 21): Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time without affecting prior processing
  • Right to lodge a complaint: File a complaint with your local data protection supervisory authority

Data protection authority

For users in the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority):

If you are elsewhere in the EU, you may also contact your local supervisory authority.

Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, including exercising your GDPR rights, please contact us at:

  • Email:baklava_stitches@pm.me
  • Developer: Salah
  • App: Loopi — digital tools for tufting & textile makers
  • Location: Netherlands

For GDPR-related requests, please clearly indicate "GDPR Request" in your subject line and specify which right you wish to exercise. We will respond within one month of receipt of your request, as required by GDPR.

Cookie policy

The App uses essential cookies that are necessary for functionality, such as keeping you signed in (authentication). Our third-party analytics provider (PostHog) may use cookies or similar technologies for analytics purposes. You can control non-essential cookies through your browser settings.

By using the Loopi app, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and sharing of your information as described herein.