Free shipping over $75 / premium blanks / limited drops
Concrete Loom

Privacy Policy

Last updated: [DATE]. This is a starter template: have it reviewed and complete the bracketed details before publishing. It is not legal advice. WHO WE ARE Concrete Loom is operated by [LEGAL BUSINESS NAME], [REGISTERED ADDRESS, Malta], VAT No. [VAT NUMBER], company registration [REG NUMBER]. We are the data controller for your personal data. Questions: support@concreteloom.com. WHAT WE COLLECT - Account data: your name, email, and a hashed password. - Order data: shipping and billing address, items, and order history. - Payment data: handled by Stripe — we never see or store your full card details. - Messages you send us for support. - Analytics data: pages visited and actions taken, via PostHog, only if you accept analytics cookies. WHY WE USE IT (LEGAL BASIS) - Processing and delivering your orders, and support — performance of a contract. - Order and account emails — performance of a contract. - Marketing emails — your consent (withdraw any time via the unsubscribe link). - Analytics and improving the store — your consent (the cookie banner). - Fraud prevention and meeting tax/accounting duties — legitimate interests and legal obligation. WHO WE SHARE IT WITH We share data only with providers that help us run the store: Stripe (payments), Printful (production and shipping), Supabase and Netlify (hosting and database), Resend (email), and PostHog (analytics, only with consent). Where a provider is outside the EU/EEA, transfers are covered by appropriate safeguards such as the EU Standard Contractual Clauses. HOW LONG WE KEEP IT Order records are retained as long as tax and accounting law require (typically up to [X] years). Account and marketing data are kept until you ask us to delete them or withdraw consent. YOUR RIGHTS (GDPR) You can access, correct, delete, restrict, or port your data, object to processing, and withdraw consent at any time — email support@concreteloom.com. You can also complain to Malta's Information and Data Protection Commissioner (IDPC) at idpc.org.mt. COOKIES See our Cookie Policy at /pages/cookies.