PimpMyCAD

Privacy

Types of Data Collected

Account Information

Users can register on PimpMyCAD either locally or through the Onshape OAuth2 protocol. When registering via Onshape, we collect the following data (non-exhaustive list) :

  • Email address
  • First name
  • Last name
  • Avatar image
  • Company name

OAuth tokens are stored in the user session and are never saved to disk, ensuring enhanced security.

Purpose for Data Collection

Login and Authentication

Users can log in using an email/password combination or the Onshape OAuth2 protocol. The OAuth2 process only accesses personal information necessary for identification and authentication.

Document Import

Users can import their personal documents from Onshape using the OAuth2 protocol. This process requires read access to all documents associated with the user’s Onshape account. Please note: When using the import feature, we gain access to metadata of all user documents (including public and private documents). However, we do not access the content within these documents. The metadata includes (non-exhaustive list):

  • Elements
  • Workspaces
  • Versions
  • Featurescripts
Preview and Storage

To enhance user experience, a copy of preview images of all documents (public and private) are stored locally on our servers, regardless of whether the documents are imported to PimpMyCAD or not.

Designers and Public Sharing

We use Onshape user IDs to maintain a list of "designers" (users who created or modified public Onshape documents). This ID is also used to associate PimpMyCAD accounts with Onshape users. Onshape emails maybe used for account login purposes.

Documents can be imported in three ways:

  • Through the Onshape OAuth2 import protocol (for personal documents only).
  • By providing the public URL of the document.
  • Using the integrated app within Onshape.

When a document is imported, it becomes publicly available to anyone, including non-Onshape users. Users are solely responsible for ensuring they have the rights and permissions to share a document before importing it to PimpMyCAD.

Technical Logs and Analytics

We collect technical logs, including IP addresses and timestamps, for debugging and analytics purposes. Cookies are also used for session management, security, and analytics.

How Data Is Used and Shared

  • Onshape data is accessed solely to display or manipulate documents through PimpMyCAD’s interface.
  • We do not modify Onshape data or share/sell personal data to third parties.
  • Personal data may be disclosed if required by law, legal processes, or to address violations of our terms.
  • Once a document and its metadata are imported, they are publicly available. Users may request the deletion of shared documents, in which case the document will be disabled but not removed from PimpMyCAD for technical reasons.

Data Storage and Retention

  • All servers and data are stored in Europe.
  • Data are retained as long as necessary unless a deletion request is made.
  • Users can delete their account at any time, and their associated data will be removed accordingly. However, some data may not be fully deleted due to technical reasons, such as backups or system logs, but we ensure that such data is no longer accessible or linked to the user's account.

Security Measures

  • All data transfers between users and our servers, as well as communications with Onshape, are encrypted via SSL.
  • Access to databases and logs is restricted to authorized personnel only, ensuring secure handling of sensitive data.

User Rights

Access and Deletion

Users have the right to request access to or deletion of their personal data. Deletion requests can be made through our contact form or its profile page.

Opt-Out

We use cookies and analytics to improve the platform. Users can opt out by managing their browser settings or declining cookies via the cookie banner.

Withdrawal of Consent

Users can revoke the OAuth2 permissions granted to PimpMyCAD directly from their Onshape account settings at Onshape.com.

Children’s Privacy

Our platform is intended for all users, but users must comply with their local laws. While we strive to manage and moderate content, some unexpected content may still appear. We take prompt action to address any reported issues.

Compliance with Regulations

  • All servers and data processing occur in Europe, ensuring compliance with GDPR.
  • We also strive to adhere to other applicable regulations, such as CCPA and state-specific privacy laws.

Policy Updates

Our Privacy Policy may be updated periodically. Any changes will be posted on this page, along with the updated effective date.

Contact Information

For privacy-related questions or to request data deletion, please contact us via email at contact at pimpmycad.com or use the contact form available on our website.

Version date: Jan 20, 2025

  • Initial release