Privacy policy

[Nom de la société], 3 rue de l’épine, 67000 Strasbourg, France, reachable at contact@ufozz.com.

We only collect strictly necessary data:

• Identity: first name, last name.
• Contact details: email, phone, postal address.
• Order details: selected products, embroidery text, size.
• Payment data: handled directly by Stripe; we never see the full card number.
• Technical data: IP address, browser type (server logs, kept briefly).

Data is used solely to:

• Process and ship your order.
• Send transactional emails (confirmation, tracking).
• Reply to your enquiries via the Contact page.
• Comply with our legal obligations (accounting, tax).

Processing relies on the performance of the sales contract, on consent (when you reach out to us), and on compliance with our legal obligations.

Order data is kept for as long as required to perform the contract, then for the legal duration (up to 10 years for accounting documents). Support emails are kept for 2 years.

Data is only shared with the providers required to fulfil the order:

• Stripe — payment.
• Colissimo / La Poste — shipping.
• OVH / Resend — transactional email delivery.
• Vercel & Neon — site and database hosting.

No data is sold or used for third-party marketing.

Under the GDPR, you have the following rights:

• Access, rectification, and erasure of your data.
• Restriction and objection to processing.
• Data portability.
• Lodge a complaint with the CNIL (cnil.fr).

To exercise these rights, write to us at contact@ufozz.com.

The site does not currently use any advertising cookies or third-party analytics. We only use the browser's local storage to keep your cart contents, your theme choice, and your language. None of these are transmitted to a third party.

The site is served over HTTPS. Payments are delegated to Stripe (PCI-DSS). Application secrets and credentials are stored in non-versioned secrets.