— Legal
PRIVACY POLICY
Last updated: [DATE]
1. What we collect
- Account info: name, email, phone (when you sign up).
- Order info: items, shipping address, order history.
- Payment info: handled entirely by Stripe. We never see or store card numbers.
- Technical info: IP address, browser, pages visited (via analytics).
2. How we use it
- Process and fulfill your orders.
- Contact you about your account or purchases.
- Improve the Site and product selection.
- Prevent fraud and abuse.
- Send marketing emails only if you opt in; unsubscribe any time.
3. Who we share with
We share data only with service providers who need it to run the Site:
- Stripe — payment processing
- Supabase — database + authentication
- Resend — transactional email (order confirmations)
- Shipping carriers — to deliver your order
4. Cookies
We use essential cookies for login sessions and cart state. Analytics cookies are used only if you consent.
5. Your rights
You can request a copy of your data, correction of inaccuracies, or deletion of your account at any time. Email privacy@archiveshops.com. For EU/UK residents, GDPR rights apply. For California residents, CCPA rights apply.
6. Data retention
Order records are kept for 7 years for tax and accounting reasons. Account info is retained until you request deletion.
7. Security
Data is encrypted in transit (HTTPS) and at rest. We use Supabase's managed Postgres with Row-Level Security enforcing that customers can only access their own orders.
8. Changes
If this Policy changes materially we'll notify you by email or site banner before the change takes effect.
9. Contact
Template only. A privacy lawyer should review before publishing, especially if you operate in EU/UK/California.