Printwhisk
← Back

Privacy Policy

Effective June 22, 2026 · Operated by Deep Thought Technologies Inc.

In plain English

We collect the minimum we need to print and mail your letters: your email, your mailing address, the document, and a payment reference. We don't sell your data, don't use it for ads, and your documents never train any AI model.

Documents are deleted within about 7 days. We keep transaction records for accounting. The short version lives on our security page; this is the full text.

1. Who we are

Deep Thought Technologies Inc. (d/b/a Printwhisk) is the controller of the personal information described here. When you print to our virtual printer, we receive your document, have it printed on paper, and mail it to your own registered address. This policy covers the app, the website, and the companion software.

2. What we collect

  • Account info — your email address, used for sign-in and transactional messages. We use passwordless sign-in links and/or a password you choose; passwords are stored only as a salted hash.
  • Mailing address — the name and US address a letter is sent to, verified against USPS data through our print partner.
  • Documents — the PDFs you submit, plus basic job details (title, page count, single- or double-sided, cost).
  • Payment references — your card is handled by Stripe; we never see your full card number. We keep payment identifiers and a wallet ledger of credits and debits.
  • Device & technical data — platform, a device label, app version, last-seen time, and, for guest prints, the IP address used (to prevent abuse). Authentication tokens are stored only as hashes.
  • Support messages — anything you send us.

3. How we use it

  • To authenticate you and run your account or guest session.
  • To print, mail, and track your documents.
  • To process payments and maintain your wallet balance.
  • To send transactional notifications (confirmations, delivery estimates, receipts).
  • To prevent fraud and abuse, and to comply with our legal obligations.

4. What we never do

  • We do not sell or rent your personal information.
  • We do not use your documents to train AI models — ours or anyone's.
  • We do not use document contents for advertising or profiling.
  • No employee opens your document unless you specifically ask support to help with a job and consent to it.
  • We do not proactively scan document content.

5. Who we share it with

We share data only with the service providers that let us run Printwhisk — for example Stripe (payments), our print-and-mail partner (which receives your PDF, name, and address to print and post the letter), our cloud storage and hosting providers, and our email provider. The full list, what each one receives, and where it is processed are on our subprocessors page.

We may also disclose information to comply with valid legal process, to enforce our terms, or to protect our rights and the safety of others (see Section 8 and our transparency report). If we are ever involved in a merger or sale of assets, information may transfer as part of that transaction.

6. How long we keep it

We keep personal data only as long as we need it. The timelines below are our current operating defaults and may be adjusted for legal, accounting, or fraud-prevention reasons.

Uploaded documents (PDFs)Deleted within ~7 days of upload — and as soon as the letter is produced.
Unpaid guest uploadRemoved within ~2 hours if it is never paid for.
Abandoned guest (no paid letter)Account and its data deleted within ~24 hours.
Guest letter — email & addressScrubbed ~30 days after the letter reaches a final state.
Closed-account personal dataScrubbed ~30 days after you delete your account.
Account email & addressKept while your account is open.
Wallet ledger (transactions)Kept indefinitely for tax, accounting, and fraud records.
Payment & delivery event dataDetailed payloads minimized to audit fields after ~90 days.
Login sessionsExpire after 72 hours idle, or 30 days — whichever comes first.
Sign-in & device-handoff links15 minutes (sign-in) / 30 minutes (handoff), single use.

7. Security

Documents are encrypted at rest (AES-256) and everything is encrypted in transit (TLS 1.2+). Passwords are hashed with scrypt, session and device tokens are stored only as SHA-256 hashes, and incoming payment and delivery webhooks are signature-verified. See our security page for the full posture. No system is perfectly secure, and we cannot guarantee absolute security.

8. Your rights and choices

You can request access to, a copy of, correction of, or deletion of your personal information at any time. You can delete your account from the app, or email privacy@printwhisk.com. We verify account ownership before acting. Details and timelines are on our data request page.

California residents have rights under the CCPA / CPRA, including to know, delete, correct, and limit the use of personal information, and to not be discriminated against for exercising them. We do not sell or share personal information as those terms are defined under that law. Users in the EU/UK: where that law applies, our legal bases are performance of our contract with you, your consent, and our legitimate interests in running and securing the service. To exercise any right, use the same channels above.

9. Guest prints

If you print without making an account, your email and mailing address are used only to deliver that letter and send a receipt. An unpaid guest upload is removed within about 2 hours; an abandoned guest with no paid letter is deleted within about 24 hours; and the email and address on a paid guest letter are scrubbed about 30 days after the letter reaches a final state. We keep the transaction record for accounting.

10. Children

Printwhisk is for adults. It is not directed to children under 18, and we do not knowingly collect their personal information. If you believe a child has used the service, contact privacy@printwhisk.com and we will delete the data.

11. Cookies and tracking

We use a single essential cookie to keep you signed in, and no advertising or third-party tracking cookies. Details are in our cookie notice.

12. International processing

We operate from the United States, and our service is intended for US delivery. Some providers may process data outside the US — for example, our print partner is based in Canada — under appropriate contractual protections. By using the service you understand your information may be processed in those locations.

13. Changes

We will notify registered users by email at least 14 days before material changes to this policy take effect.

14. Contact

Privacy questions: privacy@printwhisk.com. Deep Thought Technologies Inc., 257 E Woodland Rd, New Milford, NJ 07646.