Last updated: 30 June 2026.
Who we are and how to contact us
This website (https://3dmarvels.ie) is operated by Filamenthub Ltd, trading as 3D Marvels.
- Registered office: Unit 6, Ballincollig Commercial Park, Ballincollig, Co. Cork, P31 F651, Ireland
- Email: info@3dmarvels.ie
- Phone: +353 89 257 2984
For the purpose of the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018, Filamenthub Ltd is the data controller for personal data collected through this website.
Data Protection Officer. We are a small business and are not required to appoint a Data Protection Officer under Art. 37 GDPR. For any privacy question, write to info@3dmarvels.ie.
What personal data we collect, why, and on what legal basis
| Purpose | Data we collect | Legal basis (GDPR Art. 6) | How long we keep it |
|---|---|---|---|
| Producing an instant 3D-print quote you request | The 3D model file you upload (STL/3MF/OBJ), the options you choose (material, finish, colour, quality, quantity, supports) | Contract — necessary to take pre-contract steps you’ve asked for (Art. 6(1)(b)) | Model file deleted from the quoting server immediately after slicing; abandoned uploads on this website purged after 180 days |
| Sending you a written quote and following up | Your name, email, optional phone number and any notes you provide | Contract (Art. 6(1)(b)) | While we may need to follow up, in line with our customer-records retention; on request we will delete sooner |
| Fulfilling an order placed via the shop | Billing details, shipping address, model file, order line items | Contract (Art. 6(1)(b)) | Order files: 180 days; transactional records: 7 years (Irish tax obligations) |
| Receiving customer payments | Order amount and billing details handed to the payment provider | Contract (Art. 6(1)(b)) and legal obligation (Art. 6(1)(c)) — accounting records | Per payment provider’s policy; we retain transaction references for 7 years |
| Site security and abuse prevention | Visitor IP address, timestamps, request size, user-agent, error/exception logs | Legitimate interest in keeping the site secure (Art. 6(1)(f)) | Nginx access log: 14 days (system logrotate); abuse-flag records: up to 30 days |
| Analytics and marketing cookies | Behavioural data via Google Analytics 4, Google Tag Manager, Google Ads conversions, Yotpo reviews widget, Jetpack site stats | Consent (Art. 6(1)(a)) — we only set these after you accept on the cookie banner | Per each cookie’s expiry — listed at /cookie-policy-eu/ |
| Replying to messages submitted via the contact form or live chat | Whatever you type into the form / chat (name, email, message) | Contract — pre-contract steps (Art. 6(1)(b)) | Until the matter is resolved, then archived per our normal customer-records retention |
| Comments left on blog articles | Comment text, IP address and user-agent (for spam filtering) | Legitimate interest in moderating the site (Art. 6(1)(f)) | While the post is published, unless you ask us to remove the comment |
We do not make any decisions about you using purely automated means (Art. 22 GDPR — automated individual decision-making, including profiling). Our instant-quote calculator gives you an automated price, but the order itself involves a human reviewing the file and confirming the job.
Who we share your data with (sub-processors)
We use the following service providers (sub-processors) to operate the website and the quote service. All process data inside the EU/EEA:
| Provider | What they see | Purpose | Location |
|---|---|---|---|
| Hostinger | The website itself, the quote API, customer data in transit and at rest | Hosting | EU data centres |
| Zoho Corporation (zoho.eu, org 20114648996) | Customer name / email / phone / notes / quote summary; model file as an attachment on a Zoho Books estimate when you request one | CRM, Books, Mail, Forms, contact form | EU data centre |
| WooCommerce / payment provider | Order amount + billing details, only when you place an order | Order processing and payment | Per provider |
| Google (Analytics, Tag Manager, Ads, Merchant Center) | Behavioural pageview / event data (only if you accept marketing or statistics cookies) | Site analytics and advertising measurement | Google EU servers; some processing may occur in the US under EU-US Data Privacy Framework |
| Automattic / Jetpack | Visitor pageview data for site stats (only if you accept statistics cookies) | Site stats | Worldwide CDN |
| Yotpo | Product review interactions (only if you accept marketing cookies) | Product reviews widget | EU + US |
The instant-quote service itself does not transfer your data outside the EU/EEA. Google Analytics, Google Ads and Yotpo may process data in the US under the EU-US Data Privacy Framework; we only enable them after you opt in via the cookie banner.
Cookies and tracking
We use cookies and similar technologies to operate the website, remember your preferences, and (with your consent) measure how visitors use the site. The full list of cookies — what each one does, who sets it, and how long it lasts — is at https://3dmarvels.ie/cookie-policy-eu/.
We respect the Do Not Track signal: if your browser sends DNT, we do not show you the consent banner and we treat all optional cookies as declined.
You can change or withdraw your consent at any time by clicking the cookie banner’s “Manage consent” link in the footer of any page, or by clearing your browser’s cookies for this site and reloading.
Your rights
Under the GDPR (Arts. 15–22) you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data
- Erase your data (“right to be forgotten”), subject to limits where we must retain it (e.g. tax records)
- Restrict processing while a dispute is resolved
- Object to processing based on legitimate interest
- Portability of data you provided to us, in a structured machine-readable format
- Withdraw consent at any time, where processing is based on consent. Withdrawing consent does not affect the lawfulness of any processing we already did based on your earlier consent.
To exercise any of these rights, email info@3dmarvels.ie. We will respond within 30 days as required by GDPR Art. 12(3).
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Irish supervisory authority:
Data Protection Commission (DPC)
21 Fitzwilliam Square South, Dublin 2, D02 RD28
https://www.dataprotection.ie
Security
We use TLS (HTTPS) to encrypt data in transit. Customer model files on our quoting server are deleted immediately after slicing. We do not log the contents of files or full customer details to persistent log surfaces. Access to admin areas is restricted to authorised staff with unique accounts.
If a personal-data breach occurs that is likely to risk your rights, we will notify the Data Protection Commission within 72 hours per GDPR Art. 33, and contact affected individuals where required by Art. 34.
Changes to this policy
We may update this policy from time to time. Material changes will be flagged at the top of this page with the effective date.
