Privacy Policy

Last updated: April 14, 2026

Pocket Perfume & Cologne LLC ("we", "us") respects your privacy. This policy explains what we collect, why we collect it, and how we use it.

1. Information We Collect

You provide it directly: name, email, shipping address, phone number, and payment information when you place an order, sign up for emails, or contact support.

Automatically collected: device type, browser, IP address (hashed), pages visited, and referral source via cookies and similar technology.

2. How We Use It

• Fulfill orders and manage subscriptions
• Send order confirmations, shipping updates, and service messages
• Send marketing email, but only if you opted in (unsubscribe anytime)
• Detect fraud and secure the site
• Improve our products and website

3. Parties We Disclose Information To

We do not sell your personal information. We share it only with the following categories of third-party service providers, each of whom is contractually required to protect your data and use it only for the purpose of providing their service to us:

• Payment processors: Stripe, Inc. (for credit card processing, fraud detection, and payouts)
• Shipping carriers: USPS, UPS, and FedEx (for order fulfillment and tracking)
• Email and communications: Resend and Google Workspace (for transactional and support email)
• Hosting and infrastructure: Vercel (website hosting), Cloudflare (DNS and security), Supabase (database and server-side functions)
• Analytics: Aggregated, non-identifying visitor analytics to improve our site
• Legal compliance: Regulators, courts, or law enforcement when required by law

4. Method of Disclosure

Personal information is disclosed only through encrypted, authenticated channels:

• All data transmission to payment processors, shipping carriers, and service providers is sent over HTTPS/TLS 1.2+
• Payment card information is collected directly by Stripe in an iframe we never see; we do not store card numbers on our servers
• Shipping details are transmitted to carriers via their official API over encrypted connections
• Internal access to customer data is restricted to authorized staff and protected by unique credentials and two-factor authentication

5. Data Security Practices

We take security seriously and apply the following safeguards:

• Encryption in transit: All connections to pocketcologne.com and pocketperfume.com use TLS 1.2 or higher
• Encryption at rest: Customer data in our database is encrypted at rest by Supabase using AES-256
• PCI compliance: Payment processing is handled by Stripe, a PCI-DSS Level 1 certified processor. We never store, process, or transmit raw card numbers
• Access controls: Row-level security on our database ensures customers only ever see their own data; administrative access is protected by multi-factor authentication
• Minimization: We collect only the information we need to fulfill your order and run the business
• Incident response: In the event of a data breach affecting your personal information, we will notify affected users within 72 hours and comply with applicable breach notification laws

6. Cookies

We use cookies for cart persistence, affiliate referral tracking (30-day window), and basic analytics. You can disable cookies in your browser, though some features will not work.

7. Your Rights

You can request a copy of the data we hold about you, ask us to correct it, or ask us to delete it. Email [email protected] and we will respond within 30 days.

8. Children

Our site is not intended for anyone under 13. We do not knowingly collect information from children.

9. Changes

We may update this policy. Material changes will be announced by email or a banner on the site. The date above reflects the most recent update.

10. Contact

Questions about this policy? Email [email protected].