Privacy policy
Last updated: May 2026
We take your privacy seriously. This page explains what data we collect, why, and how you can control it.
1. What we collect
When you order
- Name, delivery address, phone number, email
- Items ordered, total, payment method (we never store card numbers)
- Order notes you optionally provide
When you create an account
- Email + hashed password (managed by Supabase Auth)
- Saved addresses, order history
When you chat with our AI assistant
- The messages you type
- Your IP address (for rate limiting and abuse prevention)
When you browse
- Standard server logs: IP, browser, pages visited, timestamps
- Essential cookies (cart contents, session) — no third-party advertising trackers as of today
2. Why we collect it
- Fulfill your order and contact you about it (status updates, delivery)
- Operate the site (auth, cart, checkout)
- Improve the AI assistant's answers
- Detect and prevent fraud or abuse
- Comply with our legal obligations
3. Who we share it with
We share only what's needed for these processors to do their job:
- Supabase — database, auth, file storage
- Resend — transactional email delivery (order confirmations, etc.)
- OpenRouter / Anthropic / Google — AI model inference for chat & product copy
- Vercel — hosting and edge delivery
- Your courier (name, address, phone) so they can deliver your order
We never sell your data. We don't share it with advertising networks.
4. How long we keep it
- Order data: 7 years (for tax/accounting requirements)
- Account data: until you delete the account
- AI chat logs: 90 days for quality & abuse review, then deleted or anonymized
- Server logs: 30 days
5. Your rights
You can ask us to: see what we have on you, correct it, delete it, or export it. Email privacy@fun2buy.ttand we'll respond within 30 days.
Note: we can't delete data we're required to keep by law (e.g. invoices for tax records).
6. Children
Fun2Buy is not directed to people under 18. If you believe a minor has given us data, contact us and we'll delete it.
7. Cookies
We use only essential cookies needed for the site to work (your cart, your login session). No advertising or behavioral tracking cookies as of this version.
8. Security
We use HTTPS site-wide, Supabase Row-Level Security to scope database access, and store no card numbers ourselves. No system is bulletproof — if we ever have a security incident affecting you, we'll notify you within 72 hours.
9. Changes
Material updates are flagged here with a new "Last updated" date.
10. Contact
Privacy questions: privacy@fun2buy.tt