Privacy.

What we keep, what we don’t, and how your curator handles your memory.

What we keep

• — Your email + shipping address when you order. Required to ship.
• — Order details — required for VAT, returns, refunds.
• — If you’ve made an account: pieces you’ve saved, walls you’ve scanned, your preferences. Stored on your device and on our UK server.

What we share

Nothing with third parties for advertising. Three exceptions, all functional:

• — Stripe handles payment data. We never see your card.
• — Resend sends transactional emails on our behalf.
• — Cloudflare delivers the site and processes anonymous analytics — no cookies, no fingerprinting.

Cookies

Strictly off by default. We use one cookie to remember your consent choice. If you accept:

• — One cookie to remember pieces and walls (your curator’s memory).
• — One auth cookie if you sign in. HttpOnly, never readable by JavaScript.

Your rights

UK GDPR and EU GDPR apply. You can:

• — See what we hold — write to [email protected] with “data request” in the subject.
• — Delete your account and history — same address, “delete me”.
• — Object to processing — same.

We answer within 30 days. Usually within 24 hours.

Honest brevity

This isn’t legal advice. We’ll publish a lawyer-reviewed version before card payments go live. Until then, treat this as the working spec.

Last updated 2026-05-20 · Working draft