Skip to main content
Save 70% per year compared to other platforms

.item.stores/

BlogPricing
Log inStart for free

Privacy Policy

Effective date: March 3, 2026

Itemstores, Inc. ("Itemstores," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you use the Itemstores platform, including our websites (including itemstores.com and item.store), applications, and related services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the Services. This Privacy Policy should be read in conjunction with our Terms of Service.

1. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our websites
  • Businesses ("Store Owners") that create accounts on our platform
  • Users authorized under Business accounts
  • Buyers who purchase products from Stores created using Itemstores
  • Individuals who contact us

The Services are not available to individuals or entities located in the European Economic Area (EEA), the United Kingdom, or Switzerland. This Privacy Policy does not address the requirements of European data protection laws.

If you purchase products from a Store created using Itemstores, the Business operating that Store controls your personal data as it relates to order fulfillment. Please review that Business's privacy policy for information about how your data is used.

2. Roles Under Data Protection Law

Itemstores acts in different roles depending on context:

A. As Data Controller

We act as a controller when processing:

  • Business account and billing information
  • Website analytics and usage data
  • Marketing communications
  • Information submitted through contact, demo request, and migration request forms

B. As Data Processor

We act as a processor when Businesses use our Services to collect personal data from their Buyers. In that case:

  • The Business is the data controller.
  • We process Buyer data only on the Business's instructions pursuant to our Data Processing Addendum (DPA).
  • Businesses using our platform are responsible for compliance with applicable data protection laws regarding their Buyers.

3. Information We Collect

3.1 Information You Provide to Us

We collect information you voluntarily provide when you use our Services, including:

  • Account information: Name, email address, password, and other registration details when you create an account. If you sign in using a third-party provider (such as Google), we may receive your name, email address, and profile image from that provider.
  • Profile and store information: Business name, store name, product listings, descriptions, images, and other content you upload
  • Transaction information: Purchase history, order details, shipping addresses, billing addresses, and payment information (processed by our third-party payment provider, Stripe)
  • Communications: Messages, emails, support requests, and other correspondence you send to us or through the platform
  • Contact form submissions: Information submitted through our contact, demo request, and migration request forms

3.2 Customer Data (Processed on Behalf of Businesses)

Businesses may collect through their Stores:

  • Buyer names and email addresses
  • Shipping and billing addresses
  • Phone numbers
  • Order details
  • Payment-related information (processed via Stripe)
  • Responses to custom checkout questions configured by the Business (such as personalization requests or special instructions)

We process this data solely to provide the Services on behalf of the Business.

3.3 Information Collected Automatically

When you access or use our Services, we automatically collect certain information, including:

  • Device information: IP address, browser type and version, operating system, device identifiers, and screen resolution
  • Usage data: Pages viewed, features used, time spent on pages, click patterns, and referral URLs
  • Location data: Approximate geographic location derived from your IP address
  • Cookies and similar technologies: Information collected through cookies, web beacons, pixels, and similar tracking technologies (see Section 7)

3.4 Information from Third Parties

We may receive information about you from third-party services, including:

  • Payment processors (transaction confirmation and fraud prevention data)
  • Shipping carriers (delivery status and tracking information)
  • Authentication providers (profile information when you sign in via Google or other third-party accounts)
  • Address validation services (corrected or standardized address data)
  • Analytics providers (aggregated usage and traffic data)

4. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Services
  • Process transactions, orders, payments, and shipping labels
  • Create and manage your account and provide customer support
  • Send transactional communications (order confirmations, shipping updates, receipts, and account notifications)
  • Improve, personalize, and develop new features for the Services
  • Analyze usage patterns and trends to enhance user experience
  • Detect, prevent, and address fraud, abuse, security incidents, and technical issues
  • Comply with legal obligations and enforce our Terms of Service
  • Communicate with you about updates, promotions, and news related to the Services (with your consent where required)
  • Calculate and process applicable taxes and shipping rates

We do not sell personal information.

5. Payment Information

Payment processing is handled by Stripe. We do not store full credit card numbers. Stripe is PCI DSS-compliant and handles all sensitive payment data directly. Payment data is subject to Stripe's Privacy Policy.

6. Information Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes. We may share your information with the following categories of recipients:

6.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf, including:

  • Payment processing: Stripe processes payment transactions and receives payment-related data
  • Shipping services: Carrier partners (via Shippo, including USPS) receive shipping addresses and package details to facilitate delivery
  • Cloud infrastructure and storage: Amazon Web Services (AWS) provides file storage and content delivery services
  • Hosting: Vercel provides application hosting and performance analytics
  • Email delivery: Resend delivers transactional emails on our behalf, including order confirmations, shipping updates, account notifications, and security alerts
  • Address services: Google provides address validation and autocomplete services to verify and standardize shipping and billing addresses
  • Database hosting: Supabase provides managed database hosting services
  • Analytics: Vercel Analytics helps us understand how the Services are used

We require all service providers to use appropriate safeguards when handling personal data.

6.2 Store Owners and Buyers

When a Buyer places an order, the Store Owner receives the Buyer's name, shipping address, email address, and order details necessary to fulfill the order. Store Owners are responsible for handling this data in accordance with applicable privacy laws.

6.3 Legal Requirements

We may disclose your information if required to do so by law or in good faith belief that such disclosure is necessary to:

  • Comply with a legal obligation, subpoena, or court order
  • Protect and defend the rights or property of Itemstores
  • Prevent or investigate fraud or other illegal activity
  • Protect the personal safety of users or the public

6.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your interactions with the Services. Cookies are small text files stored on your device by your web browser.

7.1 Types of Cookies We Use

  • Essential cookies: Required for the basic functionality of the Services, such as authentication, session management, and security. These cannot be disabled.
  • Functional cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
  • Analytics cookies: Help us understand how visitors interact with the Services by collecting usage data in aggregate form.

7.2 Local Storage

In addition to cookies, we use browser local storage to maintain certain information across sessions. This includes a persistent visitor identifier (a randomly generated ID) used to track page views and deduplicate analytics data on Store websites, as well as shopping cart contents and user preferences. Local storage data persists until cleared by the user through their browser settings.

7.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can configure your browser to refuse cookies or alert you when cookies are being sent. Please note that disabling certain cookies may impact the functionality of the Services.

7.4 Do Not Track

Some browsers offer a "Do Not Track" feature. There is currently no uniform standard for handling Do Not Track signals. At this time, we do not respond to Do Not Track signals.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

  • Account data: Retained for the duration of your account and for a reasonable period thereafter to comply with legal obligations and resolve disputes
  • Transaction data: Retained for at least seven (7) years to comply with tax, accounting, and legal requirements
  • Usage and analytics data: Retained in aggregated or de-identified form for analytics and service improvement purposes
  • Communications: Retained for as long as necessary to provide support and resolve issues

Businesses control retention of Buyer data collected through their Stores in their capacity as data controllers.

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • SSL/TLS encryption for all data transmitted between your browser and our servers
  • Secure payment processing through PCI DSS-compliant providers (Stripe)
  • Password hashing using industry-standard cryptographic algorithms
  • Role-based access controls to limit employee access to personal data
  • Security headers including Content Security Policy, Strict Transport Security, and X-Content-Type-Options
  • Regular security reviews and updates

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you acknowledge that you transmit information at your own risk.

10. Your Rights

Depending on your location, you may have certain rights regarding your personal information.

10.1 Rights for US Residents

Various US states have enacted comprehensive privacy laws (including California, Colorado, Connecticut, Virginia, and others). Depending on your state of residence, you may have the right to:

  • Know what personal information is collected and how it is used
  • Request deletion of your personal information
  • Opt out of the sale or sharing of your personal information (we do not sell personal information)
  • Request correction of inaccurate personal information
  • Not be discriminated against for exercising your privacy rights

10.2 Exercising Your Rights

To exercise any of these rights, please contact us at support@itemstores.com or through our contact form. We will respond to your request within the timeframe required by applicable law (typically 45 days for US state privacy law requests). We may need to verify your identity before processing your request.

If you are a Buyer of a Store, please contact the Business operating that Store for rights requests related to data they control. If the Business directs you to us, or if your request relates to data we control, we will assist you directly.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with additional rights regarding your personal information.

11.1 Categories of Personal Information Collected

In the preceding twelve (12) months, we have collected the following categories of personal information:

  • Identifiers: name, email address, IP address, account name
  • Commercial information: purchase history, transaction data, products purchased
  • Internet or network activity: browsing history, interaction with the Services
  • Geolocation data: approximate location derived from IP address

11.2 Sale and Sharing of Personal Information

We do not sell your personal information as defined under the CCPA/CPRA. We do not share your personal information for cross-context behavioral advertising purposes.

11.3 Your California Rights

As a California resident, you have the right to:

  • Request disclosure of the categories and specific pieces of personal information we have collected about you
  • Request deletion of your personal information
  • Request correction of inaccurate personal information
  • Opt out of the sale or sharing of personal information (not applicable as we do not sell or share)
  • Limit the use of sensitive personal information (if applicable)
  • Not be discriminated against for exercising your privacy rights

To exercise these rights, contact us at support@itemstores.com. You may also designate an authorized agent to make a request on your behalf.

12. Children's Privacy

The Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete that information. If you believe a child has provided us with personal information, please contact us at support@itemstores.com.

13. International Data Transfers

Itemstores is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your jurisdiction. By using the Services, you consent to the transfer of your information to the United States and other jurisdictions where we or our service providers operate.

14. Third-Party Services

The Services may contain links to or integrations with third-party websites and services that are not operated by Itemstores. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you interact with. Key third-party services we integrate with include:

  • Stripe — Payment processing (Stripe Privacy Policy)
  • Amazon Web Services (AWS) — Cloud storage and content delivery
  • Shippo — Shipping API and carrier integrations
  • Resend — Transactional email delivery
  • Google — Address validation, address autocomplete, and OAuth authentication
  • Vercel — Application hosting and analytics
  • Supabase — Database hosting

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by email or by posting a prominent notice on the platform prior to the changes becoming effective.

We encourage you to review this Privacy Policy periodically. The "Effective Date" at the top of this page indicates when this policy was last updated. Your continued use of the Services after any changes constitutes your acceptance of the updated Privacy Policy.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Itemstores, Inc.

Email: support@itemstores.com

Contact form: itemstores.com/contact