Privacy Policy
Last Updated: June 22, 2026
Table of Contents
1. What Data We Collect
When you visit Mintello.shop, place an order, or register an account, we collect the minimum personal data necessary to provide our services. This includes:
- Account Information: Name, email address, password hashes, and profile settings.
- Shipping Information: Customer name, physical shipping address (street, city, state, postal code, country), and contact email.
- Order History: Record of items purchased, pricing totals, date of purchase, and fulfillment status logs.
- Technical Data: IP address, device type, operating system, and browsing behavior metadata collected during site visits.
2. Payment Security & Paddle
All checkout and payment transactions are handled entirely by our billing provider, **Paddle** (the Merchant of Record).
No Credit Card Storage: Mintello.shop never collects, processes, or stores your raw credit card numbers, CVVs, or PayPal credentials. That information is entered directly into Paddle’s secure iframe/overlay checkout. Paddle securely tokenizes the payment and passes back a transaction reference number. We store only this transaction reference ID alongside your order record for fulfillment and accounting purposes.
3. GDPR Compliance & EU Rights
For customers located within the European Economic Area (EEA) and the United Kingdom, we comply with the General Data Protection Regulation (GDPR) and UK Data Protection Act.
Legal Basis for Processing:
- Contractual Necessity: Processing shipping addresses and order logs is required to fulfill our contract with you (shipping your ordered items).
- Consent: Opting into newsletters, saving custom profile details, or writing product reviews.
- Legitimate Interests: Fraud prevention, analytics tracking, and basic security logging.
Your Rights under GDPR:
As a data subject, you have the right to **Access** the personal data we hold about you, request **Rectification** of inaccurate data, request **Erasure** (the right to be forgotten), request **Restriction** of processing, and request **Data Portability**. You also have the right to withdraw consent at any time. To exercise these rights, please submit a deletion request through your account page or email support.
4. Third-Party Data Sharing
We do not sell your personal data. We share your data only with trusted third-party processors required to run our e-commerce operations:
- Supabase: Our database and hosting provider. Your customer profile, order logs, and review records are securely stored on Supabase servers located in US-East (N. Virginia).
- Paddle: Handles secure payment checkouts, sales tax filing, and credit card compliance.
- Resend: Used to dispatch automated transactional emails (order confirmations, shipping updates, cancellation options, refunds).
- Analytics Providers: We do not use any third-party tracking pixels or marketing pixels to preserve customer privacy.
5. Account Deletion & Data Retention
Account Deletion: You can delete your customer profile at any time by visiting your Account settings page. Deleting your account will immediately purge your profile, saved shipping addresses, and credentials from our active database.
Data Retention: We purge customer profiles instantly upon request. However, please note that order logs, Paddle transaction references, and invoices must be retained for a period of up to **7 years** to comply with global tax, accounting, and legal requirements.
7. How to Contact Us
If you have questions regarding this Privacy Policy, your data rights, or wish to request data erasure manually, please contact our Data Protection Officer:
Email: **support@mintello.shop**
Registered Entity: **Mintello LLC**
Mailing Address: **123 Minimalist Way, Suite 100, Wilmington, DE 19801**