Privacy

Privacy policy

Hook Of Treasures only asks for the data needed to sell handmade crochet pieces, deliver digital patterns, and keep orders traceable.

What we collect

  • Account details from OAuth providers, such as name, email address, avatar, and provider id.
  • Checkout and order details, including cart items, prices, delivery address, shipping rate, and order status.
  • Wishlist, saved address, and review content you choose to add.
  • Guest order lookup emails so the shop can send a private order link without exposing whether an email has orders.

How it is used

  • To run checkout, send order links, create digital downloads, and show order history.
  • To save baskets, wishlists, addresses, and reviews for signed-in customers.
  • To protect the shop with session checks, CSRF headers, rate limiting, CORS allow-lists, and audit-friendly server logs.

Trusted services

  • Stripe handles payment checkout. The shop stores order references, not card numbers.
  • Shipping providers are used only when delivery quotes, labels, or tracking are needed.
  • Email delivery is used for order lookup and pattern download messages.
  • Image hosting may be used for product and pattern media managed by the admin panel.

Your choices

  • You can browse public products and patterns without signing in.
  • You can request guest order links using the checkout email.
  • You can ask for saved addresses, reviews, wishlist entries, or account-linked data to be corrected or removed.

Security

Security notes and responsible reporting guidance live on the security policy.