What we collect

• Email address. When you buy a piece or request a free sample.
• Order details. Which pieces you bought, when, and at what price.
• Marketing consent state. Whether you ticked the “send me occasional emails” box at checkout or at sample request. We record the moment you confirmed it and the source.
• Basic web analytics. Page views, country, referrer. We do not use third-party tracking pixels; analytics is server-side and aggregated.

What we don’t collect

• Credit card details. Stripe handles payment; we don’t see card numbers.
• Cross-site tracking. We don’t use Facebook Pixel, Google Ads remarketing, etc.
• Anything that isn’t necessary for the order or for the marketing consent you gave.

How we use it

• To deliver the file you bought (transactional email).
• To send marketing email if — and only if — you opted in. No more than four messages per month. Every message has a working one-click unsubscribe.
• To run the business: tax records, customer support, reseller-leak detection on watermarked files.

How long we keep it

• Order records: as required by applicable tax law (usually 5–7 years).
• Marketing list membership: until you unsubscribe.
• Free-sample requests that never confirm via the verification email: deleted within 30 days.

Your rights

You can ask us to:

• Tell you what we hold on you.
• Correct it.
• Delete it (subject to tax-record retention obligations).
• Stop sending you marketing email at any time (the one-click unsubscribe does this automatically; you can also write to us).

Write to hello@coffeeposters.com.

Where the data lives

Order data lives in our WooCommerce database on Hostinger (EU data center). Marketing list data lives in MailerLite. Payment data lives in Stripe. R2 (Cloudflare) stores the image files.

Cookies

We use only functional cookies (cart state, session). No advertising or analytics cookies.