Mochi Templates

Privacy Policy

Last updated: June 18, 2026

1. Introduction

Mochi Templates(“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or purchase our digital products (templates, themes, web pages, workflows, and other digital assets).

We are based in Mexico and comply with the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP). Additionally, because we serve users worldwide, this policy addresses requirements under the General Data Protection Regulation (GDPR) of the European Union and the California Consumer Privacy Act (CCPA/CPRA) where applicable.

Data Controller: Mochi Templates
Contact: mochitemplates@gmail.com

2. Information We Collect

We may collect the following categories of personal information:

2.1 Information You Provide Directly

  • Account Information: When you create an account, we collect your name and email address.
  • Purchase Information: When you make a purchase, we collect your billing name and email address. Payment card details are processed directly by our payment processor (Polar) and are never stored on our servers.
  • Communications: If you contact us via email or support channels, we collect the information you provide in your message.

2.2 Information Collected Automatically

  • Device Information: We may collect information about your device, including your IP address, browser type, operating system, and device type.
  • Usage Information: We collect information about how you interact with our Site, including pages visited, time spent, and referring URLs.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns. See Section 6 for more details.

3. How We Use Your Information

We use your personal information for the following purposes:

  • To create and maintain your account
  • To process and fulfill your purchases, including delivering digital products
  • To communicate with you about your purchases, account, and support requests
  • To send you occasional marketing communications (only with your consent, where required)
  • To improve our Site, products, and services
  • To detect, prevent, and address fraud, security issues, and technical problems
  • To comply with legal obligations

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our processing of your personal data is based on the following lawful grounds:

  • Contractual Necessity: Processing your data is necessary to fulfill our contract with you (e.g., processing purchases and delivering digital products).
  • Consent: Where you have given explicit consent (e.g., for marketing emails or non-essential cookies).
  • Legitimate Interests: Processing is necessary for our legitimate interests (e.g., improving our Site, preventing fraud) provided that your interests and fundamental rights do not override those interests.
  • Legal Obligation: Processing is necessary to comply with applicable legal obligations.

5. Data Sharing and Third Parties

We do not sell your personal information. We may share your data with trusted third-party service providers who help us operate our business, including:

  • Polar— Payment processing. Your payment data is handled directly by Polar in accordance with their privacy policy. We do not store full payment card details.
  • Cloudflare R2— File storage for digital products and images.
  • Resend— Email delivery for transactional emails and communications.
  • Analytics Providers— We may use analytics tools to understand Site usage patterns (anonymized where possible).

All third-party service providers are contractually obligated to protect your data and may only process it for the specific purposes we authorize. We require each provider to comply with applicable data protection laws, including entering into Data Processing Agreements (DPAs) where required.

We may also disclose your information if required to do so by law, in response to a valid legal request, or to protect our rights, property, or safety.

6. Cookies and Tracking Technologies

Our Site uses cookies and similar technologies to improve functionality, analyze traffic, and understand user behavior. Cookies are small text files stored on your device by your web browser.

Types of cookies we use:

  • Essential Cookies: Required for the Site to function properly (e.g., session management, authentication). These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our Site (e.g., page views, navigation paths).

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Site. For users in the EEA and UK, we request your consent before placing non-essential cookies via a cookie consent banner.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, or as required by applicable law (e.g., tax and accounting obligations in Mexico require retaining financial records for up to 10 years under the CFF). When the retention period expires, your data will be securely deleted or anonymized.

8. International Data Transfers

As a Mexico-based business serving a global audience, your personal data may be transferred to and processed in countries other than your own. When we transfer data from the EEA or UK to countries that have not been deemed adequate by the European Commission, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms.

Our service providers are located in various jurisdictions including the United States (Polar, Cloudflare, Resend). Where required, we have entered into DPAs and SCCs to ensure adequate protection of your personal data.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

9.1 Rights Under Mexican Law (LFPDPPP) — ARCO Rights

If you are in Mexico, you have the following ARCO rights:

  • Access (Acceso): Request confirmation of whether we process your personal data and access to that data.
  • Rectification (Rectificación): Request correction of inaccurate or incomplete data.
  • Cancellation (Cancelación): Request deletion of your data when it is no longer necessary for the purposes for which it was collected.
  • Opposition (Oposición): Object to the processing of your data for specific purposes.

To exercise your ARCO rights, please contact us at mochitemplates@gmail.com. We will respond within 20 business days as required by the LFPDPPP.

9.2 Rights Under GDPR (EEA & UK)

If you are located in the EEA or UK, you have the following rights:

  • Right of Access: Request access to your personal data and information about how we process it.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data under certain circumstances.
  • Right to Restriction of Processing: Request restriction of processing under certain circumstances.
  • Right to Data Portability: Request receipt of your data in a structured, commonly used, and machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise your GDPR rights, contact us at mochitemplates@gmail.com. We will respond within one month. You also have the right to lodge a complaint with your local data protection supervisory authority.

9.3 Rights Under CCPA (California Residents)

If you are a resident of California, you have the following rights:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information. We do not sell your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your CCPA rights, please contact us at mochitemplates@gmail.com. We will respond within 45 days.

10. Data Security

We implement appropriate technical, administrative, and physical security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit (TLS/SSL), secure data storage, and access controls. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

11. Children’s Privacy

Our Site and Products are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal data, we will take steps to delete it. If you believe we have collected data from a child, please contact us.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Changes will be effective immediately upon posting with an updated “Last updated” date. For material changes, we may provide additional notice (e.g., via email or a prominent notice on our Site). We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Mochi TemplatesMochi Templates is a curated collection of premium templates for modern frameworks and automation tools like React, Next.js, Vue, Nuxt, ComfyUI, and n8n.