Privacy Policy

At design-tokens.io, we value your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you access our website and use our subscription-based enterprise SaaS web application and Figma plugin.

If you have any questions or concerns about this policy or your data, please contact us at: contact@design-tokens.io

Scope and Applicability

This Privacy Policy applies to all users of the design-tokens.io website, web application, and Figma plugin (collectively referred to as the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. This includes any data collected through our website, application, or plugin, whether you are accessing these services as a guest or a registered user.

The policy is designed to ensure transparency and to inform you about how your data is handled, providing you with the confidence to use our Services securely.

Data We Collect

Personal Data

We collect the following personal information:

  • User Data: Email, password, name, company name
  • Team Management Data: Team names, team members
  • Domain Data: Design tokens, themes, workspaces
  • Payment Data: Customer name, customer email, billing address, VAT number (for EU customers), payment details, company name

We collect this information through forms, cookies, and APIs.

Automatically Collected Data

We use cookies for authentication and analytics purposes. For more information, please refer to our Cookie Policy.

How We Use Your Data

We process your personal data for the following purposes:

  • User authentication
  • Managing and exporting design tokens
  • Team collaboration and management
  • Analytics and performance monitoring
  • Payment processing
  • Email notifications and updates

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. This includes using your data to comply with legal obligations, resolve disputes, and enforce our agreements.

Usage data is typically retained for a shorter period, unless it is required for security purposes or to enhance the functionality of our service, or if we are legally required to retain it for a longer duration.

Data will be stored on servers located in the U.S. or other regions where our third-party providers, such as Supabase, operate. If you are in a jurisdiction with different data protection laws, please be aware that your data may be transferred to countries that may not offer the same level of protection as those in your home country.

Data Sharing and Disclosure

We do not sell or share your personal data with third-party advertisers or retargeting services. However, we use the following third-party platforms to provide our Services:

Webflow

Webflow is the platform we use for hosting our website. It provides the infrastructure to deliver our site content to you. Webflow collects and processes the data necessary to serve the website, such as user interactions and analytics.

Webflow privacy policy: https://webflow.com/legal/privacy

Webflow DPA: https://webflow.com/legal/dpa

Firebase

Firebase is our hosting platform for the web application. Firebase collects and processes the data necessary to serve the website, such as user interactions and analytics.

Firebase privacy policy: https://firebase.google.com/support/privacy

Firebase DPA: https://firebase.google.com/terms/data-processing-terms

LemonSqueezy

LemonSqueezy is our payment service provider for processing subscriptions. During the checkout process, the following data is collected and stored on the LemonSqueezy platform:

  • Customer Name
  • Customer Email
  • Billing Address
  • VAT Number (for EU customers)
  • Payment Details (credit card, PayPal, etc.)
  • Company Name

LemonSqueezy privacy policy: https://www.lemonsqueezy.com/privacy

LemonSqueezy DPA: https://www.lemonsqueezy.com/dpa

Google Analytics

Google Analytics is our tool for tracking and analyzing website traffic. It collects data on user interactions, such as page views and session duration, to help us understand how visitors engage with our site.

Google Analytics privacy policy: https://policies.google.com/technologies/partner-sites

Google Analtics DPA: https://support.google.com/analytics/answer/3379636

Supabase

Supabase serves as our database, backend, and authentication provider. It stores the data for our application, including user details, team management, design tokens, and other app-related information. Supabase also manages the user authentication process.

The following data is stored on Supabase:

  • User Data: Email, Password, Name, Company Name
  • Team Management Data: Team Names, Team Members
  • App Data: Design Tokens, Themes, Workspaces
  • API access logs

Supabase privacy policy: https://supabase.com/privacy

Supabase DPA: https://supabase.com/legal/dpa

Data Security

The security of your data is a top priority for us at design-tokens.io. We implement a variety of security measures to protect your personal and business information, including encryption, secure data storage, and access controls. However, no method of data transmission or storage is 100% secure, and while we strive to use commercially reasonable means to protect your data, we cannot guarantee its absolute security.

We rely on our third-party service providers, such as Supabase, Firebase, and LemonSqueezy, to help maintain the security and integrity of your data. These providers employ robust security measures, including encryption and secure data practices, to safeguard your information.

In the event of a security breach that compromises your data, we will take appropriate steps to investigate the issue and, if necessary, notify affected individuals in compliance with applicable laws and regulations.

Your Rights

Under applicable privacy laws, you have the following rights regarding your personal information:

  • Right of Access: You have the right to request confirmation of whether we are processing your personal information, and to receive details on the types of data we process, the purposes for processing, retention periods, and any third parties with whom we share your data. You can also request a copy of the personal information we hold about you.
  • Right to Rectification: You have the right to request correction of any inaccurate or incomplete personal information we hold about you.
  • Right to Erasure: You may request that we delete your personal information when it is no longer necessary for the purposes it was collected, or if processing is not justified.
  • Right to Restriction: In certain cases, you may request the restriction of the processing of your personal information, such as if you contest its accuracy or if you have objected to the processing.
  • Right to Withdraw Consent: If we rely on your consent to process personal information, you can withdraw that consent at any time. This will not affect the legality of any processing based on consent before its withdrawal.
  • Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes, or where processing is based on legitimate interests, unless we have compelling reasons to continue processing your data.

Additionally, you have the right to lodge a complaint with your local data protection authority. If you are in the European Union, the UK, or Switzerland, you can contact your local authority for further information.

To exercise any of these rights, please contact us at contact@design-tokens.io. We may request verification of your identity for security purposes.

Account Deletion and Data Removal

You can request account deletion and data removal by contacting us via email at contact@design-tokens.io. We will process your request within a reasonable timeframe, in compliance with applicable laws.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance and personalize your experience on our website and web app.Cookies are small files stored on your device that allow us to recognize your browser and capture certain data. In addition to cookies, we may use other tracking technologies such as beacons, tags, and scripts to gather information and analyze usage patterns.You can manage cookies through your browser settings, which allow you to accept or refuse cookies, or receive alerts when cookies are sent. Please note that refusing cookies may affect the functionality of certain features on our site.

Types of cookies we use:

  • Authentication Cookies: These are essential for running the service and enabling basic functionality, such as authentication and session management.
  • Analytics Cookies: We use these cookies to gather information about how you use our service, helping us improve the user experience and identify issues.

We do not engage in targeted advertising or share your data with third-party advertisers.

By using our Services, you consent to the use of cookies. For more details on how you can manage cookies, please consult your browser’s settings or visit your device’s help guide.

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), where data protection laws may differ. We ensure adequate protection through standard contractual clauses or other lawful mechanisms.

Changes to this Privacy Policy

We reserve the right to update this Privacy Policy at any time. We will notify you of significant changes via email or through the Services. Your continued use of the Services after the changes take effect constitutes your acceptance of the revised policy.

Last updated: March 28, 2025

Contact Information

If you have any questions or concerns about this Privacy Policy or your data, please contact us at contact@design-tokens.io

Product
HomeFeaturesPricingFAQsSign in
Company
ContactTerms of ServicePrivacy Policy
Social
YouTubeX (Twitter)InstagramRedditFigma
© design-tokens.io 2024