PUSHING SQUARES_
PrivacyCookiesTermsRefundsContact
Contact

Privacy Policy

Ari Leavesley (“Pushing Squares”) — Version 3.0 — Effective 28 May 2026 — https://pushingsquares.com

1. Data Controller

The controller responsible for the processing of your personal data is:

Ari Leavesley, trading as Pushing Squares
United Kingdom (sole trader; no registered company)
Privacy contact: ari@pushingsquares.com

Data Protection Officer: None appointed. The scale and nature of processing on this site does not meet the Art. 37(1) thresholds for mandatory DPO designation. Imprint and full service-provider information: Legal Notice.

2. Scope

This policy describes how Ari Leavesley processes personal data when you use pushingsquares.com — including purchasing plugins via Stripe Checkout, creating or using a locker account, downloading plugin binaries, sending a contact-form message, accepting or declining the cookie banner, or simply browsing the site. It applies to all data subjects whose personal data is processed in connection with the site.

3. Personal Data Collected

CategorySpecific items
Contact dataEmail address you enter on the contact form
Submission contentSubject and message body you write on the contact form
Uploaded filesAny files or images you attach to a contact form message, and the contents of those files
Third-party data inside uploadsNames, faces, addresses, or messages of other people that appear in your screenshots, recordings, or documents (see warning below)
Account dataEmail address, salted-hashed password (bcryptjs), account creation timestamp, last login timestamp
Purchase dataStripe customer ID, payment method brand and last-4 digits, invoice IDs, amounts paid, currency, country of card, billing email
Order dataPlugin SKU(s) purchased, order timestamp, fulfilment status
Download dataDownload token IDs, salted IP hash + user-agent at download time (anti-piracy), download timestamp
Technical dataSalted hash of your IP address (not the raw IP), user-agent string
Consent recordsTimestamp of consent given, value of the ps_consent cookie
Analytics (with consent only)Anonymous PostHog events and page views. No autocapture, no IP retention, no cross-site identifiers.

Card numbers, CVCs, and full PANs never reach Pushing Squares servers. Payment is collected by Stripe-hosted Checkout and only tokenised references return to us.

Sources (Art. 14(2)(f))
Directly from you, via the contact form, cookie banner, account registration, and checkout. From your browser, in the case of technical data and analytics events.

Third-party personal data in uploads. If a file you upload contains other people’s personal data, Ari becomes a controller for that data too. Please redact names, faces, addresses, and messages that aren’t relevant before uploading. If someone identifiable in an upload contacts Ari directly, their data will be deleted on request regardless of the underlying retention schedule.

Special category data. Please do not upload special category data within the meaning of Art. 9 UK GDPR (health, racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, sex life or sexual orientation). If special category data is received unsolicited, it will be deleted on sight and not used for any purpose.

4. Purposes and Legal Bases

#PurposeData categoriesLegal basisRetention
1Receive and read your contact-form submissionEmail, subject, body, uploadsConsent (Art. 6(1)(a))12 months from last contact, then deleted. Uploads: 30 days.
2Email follow-up to your contact-form messageEmail, subject, bodyConsent (Art. 6(1)(a))Same as row 1
3Operate the site (hosting, edge delivery via Vercel)Standard web request metadataLegitimate interests (Art. 6(1)(f))Per Vercel’s processor retention
4Detect and block abusive or automated submissionsSalted IP hash, user-agentLegitimate interests (Art. 6(1)(f))90 days
5Anonymous analytics (PostHog)Anonymous events, page viewsConsent (Art. 6(1)(a)) — only after Accept on cookie bannerPostHog defaults; deletion on request within 30 days
6Demonstrate consent under Art. 7(1)ps_consent cookie value, consent timestampLegal obligation (Art. 6(1)(c))As long as the related cookie choice exists
AOperate locker accounts (sign-up, login, password reset)Account dataContract (Art. 6(1)(b))Until account deletion + 30 days
BProcess plugin purchasesPurchase, Order, AccountContract (Art. 6(1)(b))Per row D (HMRC)
CIssue receipts, deliver download link, transactional emailsAccount email, OrderContract (Art. 6(1)(b))Per row D
DTax and accounting record retentionPurchase, Order, billing emailLegal obligation (Art. 6(1)(c)) — UK HMRC6 years from end of relevant tax year
EFraud prevention on purchasesPurchase, salted IP hash, UALegitimate interests (Art. 6(1)(f))12 months
FAnti-piracy on plugin downloadsDownload dataLegitimate interests (Art. 6(1)(f))30 days
GRespond to contact-form messages requiring legitimate-interest handlingContact form dataLegitimate interests (Art. 6(1)(f))12 months from last contact

Withdrawal of consent (Art. 7(3)): You can withdraw consent at any time by emailing ari@pushingsquares.com. Withdrawal does not affect the lawfulness of processing carried out before withdrawal. Withdrawal is processed within 30 days.

Legitimate Interests Assessments (Art. 6(1)(f))

Row 3 — Hosting (Vercel).

  • Interest: Operating a secure, available site.
  • Necessity: Hosting is required to serve the site.
  • Balancing: Vercel operates under an Art. 28 DPA. Data passing through is the minimum needed. Low impact.

Row 4 — Spam and abuse prevention.

  • Interest: Maintaining the integrity of a public submission form.
  • Necessity: Some signal is required to detect repeat abuse; pseudonymised IP (salted hash) is the minimum effective.
  • Balancing: IP is hashed, never stored raw. Retained 90 days only. No cross-site identifiers. Low impact on the data subject.

Row E — Fraud prevention on purchases.

  • Interest: Preventing chargeback fraud and stolen-card abuse on plugin purchases.
  • Necessity: Minimal pseudonymised signal is needed to detect repeat abuse.
  • Balancing: IP is hashed, never raw. 12-month limit. No cross-site identifiers. Low impact on legitimate customers.

Row F — Anti-piracy on plugin downloads.

  • Interest: Protecting paid plugin downloads from token sharing and unauthorised redistribution.
  • Necessity: A per-download record is needed to invalidate abused tokens and detect mass-distribution events.
  • Balancing: Salted IP hash only. 30-day limit. Never tied to identity beyond the order ID.

Row G — Contact-form messages.

  • Interest: Answering customer questions efficiently.
  • Necessity: Requires the sender’s email and message content.
  • Balancing: Deletion on request, 12-month auto-purge. Low impact.

5. Recipients of Personal Data

Personal data is processed on Ari’s behalf by the following processors, each under a written data processing agreement that meets the requirements of Art. 28 UK GDPR.

RecipientRolePurposeCountry
Vercel Inc.Processor (Art. 28)Hosting and edge deliveryUnited States
Neon Inc.Processor (Art. 28)Postgres database; stores accounts, orders, contact-form submissionsUnited States (US-East)
Cloudflare, Inc.Processor (Art. 28)Object storage (R2) for plugin binaries and download delivery; bot challenge (Turnstile, where used); admin access gating (Access, where used)United States / North America
Stripe, Inc.Processor (Art. 28)Payment processing, hosted checkout, fraud signals (Radar), refundsUnited States
PostHog Inc.Processor (Art. 28)Anonymous analytics; loads only after cookie consentUnited States

Personal data is not shared with anyone outside these processors except where required by law or with your explicit prior written permission.

What is not done with your data:

  • Submissions are not used to train AI models.
  • Data is not sold.
  • Data is not used for advertising.

6. International Data Transfers

All processors above are based in the United States. Transfers from the UK rely on the UK Extension to the EU-US Data Privacy Framework (the “UK-US Data Bridge”) for processors that are certified, supplemented by Standard Contractual Clauses where appropriate.

RecipientCountryMechanismVerified at
VercelUnited StatesUK Extension to the EU-US Data Privacy Framework (DPF-certified) + SCCs as fallbackhttps://vercel.com/docs/security/compliance
NeonUnited StatesUK Extension to the EU-US Data Privacy Framework (DPF-certified)https://neon.com/blog/gdpr-compliance-and-neon
CloudflareUnited StatesUK Extension to the EU-US Data Privacy Framework (DPF-certified) + SCCshttps://www.cloudflare.com/trust-hub/gdpr/
StripeUnited StatesUK Extension to the EU-US Data Privacy Framework (DPF-certified) + SCCs as fallbackhttps://stripe.com/legal/dpa
PostHogUnited StatesUK Extension to the EU-US Data Privacy Framework (DPF-certified) + SCCshttps://posthog.com/dpa

A transfer impact assessment has been conducted with reference to each processor’s published security and disclosure posture. You may request a copy of the safeguards relied on by contacting ari@pushingsquares.com.

7. Retention

Personal data is retained only for as long as necessary for the purposes described in Section 4. Specific periods are listed in the table in Section 4. Additional retention notes:

  • Purchase and invoice records: 6 years from end of the relevant tax year (HMRC statutory).
  • Account data: until account deletion + 30 days.
  • Download tokens and download log entries: 30 days.

Where a basis is consent, you can request earlier deletion at any time and it will be actioned within 30 days.

8. Your Rights

Subject to the conditions in UK GDPR, you have the following rights:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure / “right to be forgotten” (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right not to be subject to a solely automated decision (Art. 22)
  • Right to withdraw consent at any time (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise any of these, email ari@pushingsquares.com. Responses are provided within 30 days.

9. Automated Decision-Making and Profiling

No solely automated decision-making, including profiling, that produces legal effects or similarly significant effects is carried out.

10. Cookies and Similar Technologies

A small ps_consent cookie records your choice on the cookie banner. Anonymous PostHog analytics load only after you click Accept. Full enumeration and details: Cookie Policy.

11. Changes to This Policy

The version and effective date at the top reflect the latest revision. Material changes will be communicated via a banner at the top of this page for 30 days.

12. Contact and Complaints

Questions or complaints about this policy: ari@pushingsquares.com.

You also have the right to lodge a complaint with a supervisory authority. The lead supervisory authority for this site is the Information Commissioner’s Office (ICO), ico.org.uk.

Full service-provider information: Legal Notice.


End of policy — version 3.0, effective 28 May 2026.

PUSHING SQUARES_

Workflow engineering for creative businesses.

ContactPrivacyCookiesTermsRefunds