Your cart is currently empty!.
You may check out all the available products and buy some in the shop.
Continue ShoppingLast updated: 11.05.2026
Welcome to Drawiso (the “Website”), owned and operated by DRAWISO LTD, Registration Number 17181859, located at 23 Sheen Road, London, United Kingdom, TW9 1BN (“Drawiso”, “we”, “us”, or “our”).
This Privacy Policy explains how we collect, use, store, protect, share, and process personal data when you visit https://drawiso.com/, create an account, purchase digital products, download PDF files, contact us, or otherwise interact with the Website.
We respect your privacy and are committed to protecting your personal data in accordance with applicable UK data protection laws, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.
By using the Website, creating an account, placing an order, downloading a product, or contacting us, you acknowledge that your personal data will be processed as described in this Privacy Policy.
1. Who We Are
The Website is operated by:
DRAWISO LTD
Registration Number: 17181859
Registered Address: 23 Sheen Road, London, United Kingdom, TW9 1BN
Email: [email protected]
For the purposes of applicable data protection laws, DRAWISO LTD is the data controller of the personal data we collect and process through the Website, unless otherwise stated.
This means that we determine why and how your personal data is processed.
2. Scope of This Privacy Policy
This Privacy Policy applies to personal data collected when you:
a. visit or browse the Website;
b. create or manage an account;
c. purchase digital products;
d. download PDF files or other digital content;
e. receive order confirmations or download links by email;
f. contact customer support;
g. subscribe to newsletters or marketing communications, where available;
h. submit reviews, comments, messages, or feedback;
i. interact with our cookies, analytics, or Website tools; or
j. otherwise communicate with us.
This Privacy Policy does not apply to third-party websites, payment platforms, applications, or services that we do not control. Where you use a third-party payment provider or external service, their own privacy policy and terms may apply.
3. Personal Data We May Collect
We may collect different types of personal data depending on how you use the Website.
3.1 Account Data
When you create an account, we may collect:
a. your name;
b. email address;
c. username or account identifier;
d. password or encrypted login credentials;
e. account preferences;
f. account creation date;
g. account status;
h. login history and security-related account activity; and
i. information linked to your purchase and download history.
We use this information to create and manage your account, give you access to purchased products, protect your account, and provide customer support.
3.2 Order and Purchase Data
When you place an order, we may collect:
a. your name;
b. email address;
c. billing address, where required;
d. order number;
e. products purchased;
f. order date and time;
g. order value;
h. selected currency;
i. payment status;
j. transaction reference provided by the payment provider;
k. refund or dispute status, where applicable; and
l. records of download access linked to your order.
We use this data to process orders, provide digital delivery, issue invoices or order confirmations, handle support requests, prevent fraud, and keep accounting records.
3.3 Payment-Related Data
Payments on the Website are processed by third-party payment providers.
We do not collect, process, or store full payment card details on our Website. This means we do not store your full card number, CVV/CVC code, full bank account details, or complete payment authentication credentials.
The payment provider may collect and process your payment information directly, including card details, payment method information, fraud checks, authentication data, and transaction security information.
We may receive limited payment-related information from the payment provider, such as:
a. payment confirmation;
b. payment status;
c. transaction ID or payment reference;
d. last four digits of a card, where provided by the payment provider;
e. card brand or payment method type, where provided;
f. billing country or payment location, where required;
g. fraud screening result or risk indicator; and
h. refund, chargeback, or payment dispute status.
This information is used only to confirm payment, fulfil your order, provide support, comply with legal obligations, prevent fraud, and manage refunds or disputes.
3.4 Digital Delivery and Download Data
Because our products are digital goods, we may collect information connected with product delivery and downloads, including:
a. products purchased;
b. download links issued;
c. date and time of download;
d. number of download attempts;
e. file access status;
f. account from which the file was accessed;
g. IP address used for security and fraud prevention;
h. device or browser information; and
i. unusual or excessive download activity.
We use this data to deliver purchased products, maintain access through your account, prevent unauthorised sharing, protect download links, and investigate misuse.
3.5 Customer Support and Communication Data
If you contact us by email, contact form, or other communication method, we may collect:
a. your name;
b. email address;
c. order number;
d. account details relevant to your request;
e. message content;
f. screenshots, attachments, or error messages you provide;
g. records of our replies; and
h. support history.
We use this data to respond to your requests, resolve problems, verify purchases, provide download assistance, and maintain records of customer service communication.
3.6 Technical and Usage Data
When you use the Website, we may automatically collect technical information, including:
a. IP address;
b. browser type and version;
c. device type;
d. operating system;
e. time zone setting;
f. pages visited;
g. referring website or source;
h. session duration;
i. click and browsing behaviour;
j. error logs;
k. security logs; and
l. cookie identifiers or similar technologies.
We use this data to operate the Website, improve performance, detect errors, prevent fraud, maintain security, analyse usage, and improve user experience.
3.7 Marketing Data
Where marketing features are available and you choose to receive communications from us, we may collect:
a. email address;
b. marketing preferences;
c. date and method of consent;
d. email open and click activity, where applicable; and
You can unsubscribe from marketing emails at any time by using the unsubscribe link in the email or by contacting us at [email protected].
3.8 User-Submitted Content
If the Website allows reviews, comments, feedback, or other submissions, we may collect:
a. your name or display name;
b. submitted review or comment;
c. rating;
d. images or files you choose to upload;
e. date of submission; and
f. moderation history.
You should not submit sensitive personal data, confidential information, or information about other people unless you have permission to do so.
4. Personal Data We Do Not Intentionally Collect
We do not intentionally collect unnecessary sensitive personal data.
Unless specifically required for a lawful reason, you should not provide us with information about:
a. racial or ethnic origin;
b. political opinions;
c. religious or philosophical beliefs;
d. trade union membership;
e. genetic or biometric data;
f. health information;
g. sex life or sexual orientation;
h. criminal convictions or offences; or
i. information about children without appropriate parental or guardian consent.
If you send us this type of information voluntarily, we may delete it where it is not necessary for the purpose of your communication.
5. How We Collect Personal Data
We may collect personal data in the following ways:
a. directly from you when you create an account, place an order, contact us, or submit information;
b. automatically when you browse or use the Website;
c. from payment providers when they confirm payment, refund, or dispute status;
d. from email service providers when order confirmations or download links are sent;
e. from analytics or cookie tools, where used;
f. from fraud prevention or security tools; and
g. from legal, regulatory, or payment-related sources where required.
6. How We Use Your Personal Data
We use personal data for the following purposes:
6.1 To Operate the Website
We use data to:
a. display Website content;
b. maintain Website functionality;
c. manage accounts;
d. process login sessions;
e. improve navigation and usability;
f. identify errors; and
g. keep the Website secure.
6.2 To Process Orders
We use data to:
a. receive and confirm orders;
b. verify payment status;
c. generate order records;
d. send order confirmation emails;
e. provide access to digital products;
f. manage refunds or disputes; and
g. maintain purchase history.
6.3 To Deliver Digital Products
We use data to:
a. provide download links;
b. make products available in your account;
c. allow you to access purchased PDF files;
d. resend access details where needed;
e. verify that you are the purchaser;
f. monitor download issues; and
g. prevent unauthorised sharing or misuse.
6.4 To Provide Customer Support
We use data to:
a. answer questions;
b. resolve download or access issues;
c. confirm order ownership;
d. investigate complaints;
e. provide replacement links where appropriate; and
f. keep records of support communication.
6.5 To Maintain Security and Prevent Fraud
We use data to:
a. detect suspicious activity;
b. prevent unauthorised account access;
c. identify unusual download behaviour;
d. protect download links;
e. prevent payment fraud;
f. prevent chargeback abuse;
g. protect intellectual property; and
h. enforce our Terms and Conditions.
6.6 To Comply with Legal Obligations
We use data to:
a. keep accounting and tax records;
b. respond to lawful requests;
c. comply with consumer protection requirements;
d. manage disputes;
e. prevent unlawful activity; and
f. meet regulatory or legal obligations.
6.7 To Improve Our Products and Services
We may use data to:
a. understand which products are popular;
b. improve product descriptions;
c. improve Website design;
d. identify technical issues;
e. improve checkout and download experience; and
f. develop new digital products.
6.8 To Send Marketing Communications
Where permitted by law and where you have consented or where another lawful basis applies, we may send you updates about:
a. new coloring books;
b. new PDF products;
c. promotions;
d. product bundles;
e. seasonal collections;
f. Website updates; and
g. special offers.
You may opt out of marketing communications at any time.
7. Lawful Bases for Processing Personal Data
We process personal data only where we have a lawful basis under applicable data protection laws.
Depending on the situation, our lawful bases may include:
7.1 Contract
We process your data where necessary to perform a contract with you, including to:
a. create and manage your account;
b. process your order;
c. deliver purchased digital products;
d. provide download links;
e. maintain access to your purchase history; and
f. respond to order-related support requests.
7.2 Legal Obligation
We process data where necessary to comply with legal duties, including:
a. tax and accounting record keeping;
b. fraud prevention obligations;
c. consumer rights obligations;
d. legal claims and dispute handling; and
e. regulatory or lawful authority requests.
7.3 Legitimate Interests
We may process data where necessary for our legitimate business interests, provided your rights do not override those interests.
Our legitimate interests may include:
a. operating and improving the Website;
b. preventing fraud;
c. protecting digital products from unauthorised sharing;
d. maintaining security;
e. responding to customer enquiries;
f. analysing Website performance;
g. enforcing our Terms and Conditions; and
h. protecting our legal rights.
7.4 Consent
We rely on consent where required, including for:
a. certain cookies or tracking technologies;
b. optional marketing communications; and
c. any other processing where consent is legally required.
You may withdraw consent at any time where processing is based on consent.
8. Payment Processing, PSD2, and Strong Customer Authentication
All payments made through the Website are processed by third-party payment providers.
Drawiso does not collect or store full payment card data. When you complete a payment, your payment details are submitted directly to the payment provider or handled through secure payment infrastructure provided by third parties.
8.1 Third-Party Payment Providers
Payment providers may process personal data such as:
a. cardholder name;
b. card number;
c. expiry date;
d. CVV/CVC code;
e. billing address;
f. payment method;
g. device and browser information;
h. transaction risk information; and
i. authentication details.
This information is processed by the payment provider according to its own privacy policy, legal obligations, security standards, and payment processing requirements.
8.2 Strong Customer Authentication
Where required, online payments may be subject to Strong Customer Authentication (“SCA”).
SCA is designed to improve payment security by requiring additional verification during the payment process. This may involve two or more authentication elements, such as something you know, something you have, or something you are.
Examples may include:
a. password or PIN verification;
b. one-time passcode;
c. banking app approval;
d. card issuer confirmation;
e. device-based authentication; or
f. biometric verification, where supported by your bank or payment provider.
Drawiso does not control the exact SCA process. Authentication is usually handled by your bank, card issuer, or payment provider.
8.3 PSD2 Requirements
Where applicable, payment providers and financial institutions may apply PSD2-related requirements, including SCA for certain online transactions.
Drawiso works with third-party payment providers that are responsible for applying required payment security controls. If your payment requires additional verification, you must complete the steps requested by your bank, card issuer, or payment provider.
If authentication fails or payment is declined, we may not be able to complete your order or deliver the digital product until payment is successfully confirmed.
9. Cookies and Similar Technologies
The Website may use cookies and similar technologies to:
a. operate the Website;
b. remember user preferences;
c. keep users logged in;
d. manage carts and checkout sessions;
e. measure Website traffic;
f. improve performance;
g. support analytics;
h. detect security issues; and
i. support marketing, where applicable.
Some cookies are necessary for the Website to function. Others may require your consent, depending on applicable law.
You can manage cookies through your browser settings or through any cookie preference tool provided on the Website.
For more information about cookies used on the Website, please see our Cookies Policy.
10. Sharing Personal Data with Third Parties
We do not sell your personal data.
We may share personal data with trusted third parties only where necessary for the operation of the Website, order fulfilment, legal compliance, security, or business administration.
10.1 Service Providers
We may share data with:
a. website hosting providers;
b. ecommerce platform providers;
c. payment processors;
d. email delivery providers;
e. analytics providers;
f. customer support tools;
g. fraud prevention tools;
h. IT maintenance providers;
i. cloud storage providers; and
j. professional advisers.
These providers may process data only as needed to provide services to us, unless they act as independent controllers under their own legal obligations.
10.2 Payment Providers
Payment providers process payment information to complete transactions, authenticate payments, prevent fraud, manage refunds, and handle disputes.
We receive limited payment confirmation information but do not receive or store full card data.
10.3 Legal and Regulatory Recipients
We may disclose personal data where necessary to:
a. comply with applicable law;
b. respond to lawful requests from authorities;
c. protect our legal rights;
d. enforce our Terms and Conditions;
e. prevent fraud or misuse;
f. respond to claims or disputes; or
g. comply with tax, accounting, or regulatory obligations.
10.4 Business Transfers
If Drawiso is involved in a merger, sale, restructuring, acquisition, transfer of assets, or similar business transaction, personal data may be transferred as part of that transaction where lawful and appropriate.
11. International and Extra-EEA Transfers of Personal Data
Some of our service providers may process personal data outside the United Kingdom, the European Economic Area (“EEA”), or your country of residence.
Where personal data is transferred internationally, we take steps designed to ensure that your data remains protected in accordance with applicable data protection laws.
These safeguards may include:
a. transferring data to countries recognised as providing an adequate level of protection;
b. using standard contractual clauses or equivalent approved contractual safeguards;
c. working with service providers that apply recognised data protection standards;
d. limiting transfers to data necessary for the relevant service;
e. requiring appropriate confidentiality and security commitments; and
f. conducting reasonable checks on service providers where appropriate.
International transfers may occur when we use hosting, payment, email, analytics, cloud, support, or security providers located outside the UK or EEA.
12. Data Security
We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction.
These measures may include:
a. encryption where appropriate;
b. secure hosting environments;
c. access controls;
d. password protection;
e. limited staff or contractor access;
f. account security controls;
g. monitoring for suspicious activity;
h. secure payment integrations through third-party payment providers;
i. regular review of security practices;
j. technical maintenance and updates;
k. data minimisation; and
l. internal confidentiality controls.
While we take security seriously, no website, online transmission, or digital storage system can be guaranteed to be completely secure. You are responsible for keeping your account password secure and for notifying us if you suspect unauthorised access.
13. GDPR and Data Protection Compliance
We process personal data in accordance with applicable data protection principles.
This means we aim to ensure that personal data is:
a. processed lawfully, fairly, and transparently;
b. collected for specified, explicit, and legitimate purposes;
c. limited to what is necessary for those purposes;
d. accurate and kept up to date where necessary;
e. kept only for as long as needed;
f. processed securely; and
g. handled with appropriate accountability.
We also apply technical and organisational measures to protect personal data, including access controls, security reviews, data minimisation, staff awareness, and appropriate contractual controls with service providers.
14. How Long We Keep Personal Data
We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.
Retention periods may vary depending on the type of data and the reason we process it.
14.1 Account Data
We keep account data while your account remains active. If you request account closure, we may delete or restrict account data, subject to any legal, accounting, security, or dispute-related retention requirements.
14.2 Order Data
We keep order and transaction records for as long as needed for order management, customer support, accounting, tax compliance, fraud prevention, and legal record keeping.
14.3 Download Data
We may keep download records for as long as necessary to provide access to purchased products, prevent unauthorised sharing, investigate misuse, and support customer requests.
14.4 Support Communications
We may keep support messages for as long as necessary to resolve the issue, maintain customer service records, defend legal claims, and improve our services.
14.5 Marketing Data
We keep marketing preference data until you unsubscribe or withdraw consent, and we may keep a suppression record to ensure we do not contact you again.
14.6 Legal and Compliance Records
Some data may be kept longer where required by law, tax rules, accounting obligations, fraud prevention, payment disputes, chargebacks, or legal claims.
15. Your Data Protection Rights
Depending on your location and applicable law, you may have rights in relation to your personal data.
These may include the right to:
a. access the personal data we hold about you;
b. request correction of inaccurate or incomplete data;
c. request deletion of your personal data;
d. request restriction of processing;
e. object to certain processing;
f. request data portability;
g. withdraw consent where processing is based on consent;
h. object to direct marketing; and
i. lodge a complaint with a data protection authority.
These rights may be subject to limitations, exemptions, identity verification, and legal retention obligations.
To exercise your rights, contact us at [email protected].
We may need to verify your identity before responding to a request.
16. User Accounts and Privacy
If you create an account, you are responsible for keeping your login details confidential.
Your account may contain:
a. your name;
b. email address;
c. order history;
d. download history;
e. purchased products;
f. account preferences; and
g. support-related information.
You should not share your account login details with others. If another person accesses your account using your credentials, they may be able to view your personal data and download your purchased products.
If you suspect unauthorised access, contact us immediately at [email protected].
17. Account Closure and Personal Data
You may request account closure by contacting us at [email protected].
Before closing your account, you should download and save any purchased products that you want to keep.
After account closure, we may delete, anonymise, or restrict access to certain data. However, we may retain information where necessary for:
a. tax and accounting records;
b. order history;
c. payment dispute handling;
d. fraud prevention;
e. legal claims;
f. regulatory obligations;
g. security investigations; and
h. enforcement of our Terms and Conditions.
Account closure does not automatically remove all data where we have a lawful reason to retain it.
18. Fraud Prevention and Misuse of Digital Products
Because Drawiso sells digital goods, we may process certain data to protect our products from misuse, unauthorised sharing, resale, or excessive downloading.
This may include:
a. order records;
b. download activity;
c. IP addresses;
d. device information;
e. account activity;
f. payment dispute data;
g. suspicious access patterns; and
h. reports of unauthorised distribution.
We use this information to protect our intellectual property, enforce our Terms and Conditions, prevent fraud, and maintain the security of the Website.
19. Third-Party Links
The Website may contain links to third-party websites, services, or platforms.
We are not responsible for the privacy practices, security, content, or policies of third-party websites. You should review the privacy policy of any third-party website before providing personal data.
20. Complaints
If you have concerns about how we process your personal data, please contact us first at:
We will try to resolve your concern.
You may also have the right to lodge a complaint with the UK Information Commissioner’s Office or another relevant data protection authority, depending on where you live.
21. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our Website, products, legal obligations, payment providers, data processing practices, or security measures.
The updated version will be posted on this page with a revised “Last updated” date.
If changes are material, we may take reasonable steps to notify users, such as by email, account notice, or Website notice.
Your continued use of the Website after changes are posted means that you acknowledge the updated Privacy Policy.
22. Governing Law
This Privacy Policy and any related privacy matters are governed by the laws of England and Wales, subject to any mandatory data protection rights that may apply to you under the laws of your country of residence.
Nothing in this Privacy Policy limits any privacy or data protection rights that cannot be excluded under applicable law.
23. Contact Us
If you have questions about this Privacy Policy, your personal data, your account, your order, or your privacy rights, you can contact us at:
DRAWISO LTD
Registration Number: 17181859
Registered Address: 23 Sheen Road, London, United Kingdom, TW9 1BN
Email: [email protected]
