Privacy Policy

This policy explains how Lucky Caps ("we", "us") handles personal information when you browse, create an account, or buy from luckycapsshop.com.

We use Stripe for payments, Shippo for labels and tracking, Resend for transactional emails, Neon Postgres for our database, and NextAuth for account sessions.

• Account details if you sign in (email and name you provide via NextAuth).
• Order and checkout details- items, shipping address, email, phone (if provided), and chosen delivery options.
• Payment confirmations from Stripe (we do not store full card numbers).
• Device and log data such as IP address, browser type, and interaction timestamps for security and fraud prevention.
• Photos you upload for custom work or reviews (stored via Cloudinary).

• Fulfill and deliver orders, including creating shipping labels with Shippo.
• Send order confirmations, shipping updates, and account-related notices via Resend from Lucky Caps <orders@luckycapsshop.com>.
• Provide customer support and respond to questions sent to support@luckycapsshop.com.
• Authenticate accounts and keep sessions active via NextAuth.
• Maintain and improve site performance, prevent fraud/abuse, and protect the service.
• Send marketing emails only if you opt in to "Stay in the loop"; you can unsubscribe anytime.

Marketing email signups are optional and separate from transactional emails. Unsubscribe links are included in each marketing email.

You may also email support@luckycapsshop.com to be removed. Transactional emails for orders will still arrive as needed.

We use essential cookies for things like keeping your session, cart, and language preference.

You can manage cookies through your browser settings; disabling some cookies may affect checkout or login.

We share data only with service providers needed to run Lucky Caps-

• Stripe for payment processing and fraud prevention.
• Shippo for shipping rates, labels, and tracking.
• Resend for sending emails.
• Neon Postgres (via Netlify) to store orders, accounts, and product data.
• Cloudinary to host product and user-uploaded images.
• Netlify/Next.js infrastructure to host the storefront.

We do not sell personal information. If we need to share data for legal compliance or to protect the service, we will do so as permitted by law.

We keep order and account records for as long as necessary to operate the store, comply with law, resolve disputes, and maintain tax/financial records.

If you request deletion, we will remove or de-identify data we are not required to keep. Some records may remain in backups for a limited period.

We use reasonable technical and organizational measures (access controls, encrypted transport, role-based admin tools) to protect data stored in Neon Postgres and our providers.

No method of transmission or storage is 100% secure. If we learn of a security issue that affects you, we will reach out using your contact details.

Lucky Caps is not directed to children under 13. If you believe a child provided personal information, contact us at support@luckycapsshop.com and we will delete it where required.

You can request access, correction, or deletion of your information by contacting support@luckycapsshop.com.

If you are in a region with specific privacy rights (e.g., EU/UK/California), let us know in your request so we can apply the appropriate process. TODO- add region-specific language once targeting is confirmed.

We may update this policy and will change the "Last updated" date when we do. If changes are significant, we will provide a brief notice on the site.

Questions about privacy- Email support@luckycapsshop.com.