Privacy Policy
Last updated: May 8, 2026
PoloStew is a small, independent vintage clothing shop based in Austin, Texas. This policy explains what information we collect when you use polostew.com, why we collect it, and the choices you have.
1. Information we collect
You give us
- Account details — name and email address when you register.
- Shipping and billing addresses when you place an order.
- Payment information — handled and stored by Stripe; we never see or store your full card number.
- Communications — anything you send us via email, contact forms, or customer support.
We collect automatically
- Browsing analytics — pages viewed, products clicked, time on site, device type, approximate location, and referring URL.
- Cookies and similar technology — for keeping you signed in, remembering your cart, and basic analytics.
- Server logs — IP address, user-agent, timestamps for security and debugging.
2. How we use your information
- To fulfill and ship orders, process payments, and provide customer support.
- To send transactional emails (order confirmations, shipping updates, password resets, email verification).
- To send marketing emails only if you've opted in — unsubscribe any time.
- To improve the site (which categories sell, which pages confuse people, which images load slowly).
- To detect fraud and prevent abuse.
- To comply with legal obligations (tax records, lawful requests).
3. Third parties we share with
We don't sell your data. We do share information with the small set of services that make the shop run:
- Stripe — payment processing. Stripe receives your payment details directly. See stripe.com/privacy.
- Vercel — hosting and infrastructure. Receives request logs and runtime data. See vercel.com/legal/privacy-policy.
- eBay — inventory sync; we pull product listings from our eBay store.
- Resend — transactional email delivery (order confirmations, password resets, verification).
- Anthropic — used internally to draft product descriptions; product photos and titles may be sent to Anthropic's API. We don't send your personal details.
- Shipping carriers (USPS, UPS, etc.) — we share your shipping address with the carrier so they can deliver your order.
We also disclose information when legally required (subpoena, court order) or to protect rights, property, or safety.
4. Cookies and analytics
We use a small number of cookies for essential site function (cart, login session) and lightweight analytics so we can understand which categories and products people enjoy. You can disable cookies in your browser settings, but parts of the checkout flow may stop working.
5. Your rights
You can:
- Access the data we hold about you — email us and we'll send it.
- Correct your account info from the Account page or by emailing us.
- Delete your account and personal data — email us and we'll process it within 30 days. We may retain limited records (order history) for tax and legal purposes.
- Opt out of marketing emails by clicking unsubscribe in any email.
- If you're in the EU/UK or California, you may have additional rights under GDPR or CCPA — same email works for those requests.
6. Data retention
Account info: as long as your account is active. Order records: 7 years for tax purposes. Server logs: 90 days. Marketing data: until you unsubscribe.
7. Security
Passwords are stored as bcrypt hashes. Payment data is handled by Stripe (PCI-compliant). Traffic to and from polostew.com runs over HTTPS. No system is perfectly secure — if we discover a breach affecting you, we'll notify you promptly.
8. Children
We don't knowingly collect data from anyone under 13. If you believe a child has given us their information, please email us and we'll delete it.
9. Changes to this policy
We'll update this page when our practices change. The "last updated" date at the top reflects the most recent revision. Significant changes will be communicated via email if you have an account.
10. Contact
For privacy questions, data requests, or just to say hi, email us at privacy@polostew.com.