You have likely heard about GDPR extensively with endless e-mails and notices over the past few weeks.
Companies large and small are required to maintain transparency and be upfront with what they’re doing with your data in order to not face stiff penalties. Even small 2-person business like ours have to make it clear what we do with your data and gain your consent. We’ve never done shady things with your data, and never will, we’re far too busy making masks to have the time for such nonsense.
TL;DR – We don’t use ads, or newsletters. We don’t buy or sell your data. We have no choice but to share your data with payment processors like PayPal or Square in order to securely receive payments; and couriers like Canada Post in order to know where to ship your orders. We delete your account data after 5 years of inactivity and delete order data older than 7 years. Our server and our home computers are encrypted & secure. The only data we keep is what you give to us, and if you want us to delete it, tell us and we will ASAP.
We’re erring on the side of caution and deleting any account that has bouncing e-mails as well, since we cannot inform you of these changes via e-mail.
-Jason and Mark