Privacy Policy

Last updated 22 May 2026

STUB — plain-language draft only, not legal advice. Have counsel review and add your company name, contact, and any region-specific rights (GDPR/CCPA) before relying on this.

Short version: we collect what we need to print your card and mail it, and nothing for the fun of hoarding data. The longer version:

This policy explains what [petalpost legal entity name] ("petalpost", "we") collects when you use petalpost.io, why, and what choices you have.

What we collect

• Order details — the card you design (flowers, wrap, your note and signature) and the artwork rendered from it.
• Addresses — the recipient's mailing address and your return address, used to print and mail the card.
• Your email — to send order confirmation and a tracking link. No account or password is required.
• Payment info — handled by Stripe. We never see or store full card numbers; Stripe shares only a confirmation and limited metadata with us.
• Basic technical data — request logs (e.g. IP address) used to operate the site and prevent abuse.

How we use it

To print and mail your card, verify deliverability of the recipient address, take payment, send you tracking updates, provide support, prevent abuse, and meet legal obligations. We do not sell your personal information.

Who we share it with

Only the service providers needed to fulfill your order:

• Lob — printing, address verification, and mailing.
• Stripe — payment processing.
• Postmark — sending transactional email (confirmation, tracking).
• Tigris / cloud storage & hosting — storing order records and artwork so we can fulfill and support orders.

Each handles your data under its own terms. We may also disclose information if required by law.

Retention

We keep order records and artwork as long as needed to fulfill the order, provide support, and meet legal/accounting requirements, then delete or anonymize them. STUB: state a concrete retention window if you have one.

Your choices

You can ask us to access or delete your personal data by emailing us. Depending on where you live you may have additional rights (for example under GDPR or CCPA). STUB: spell out those rights / a verification process if you serve those regions.

Cookies

petalpost itself doesn't use advertising or tracking cookies. Stripe and the hosting layer may set strictly-necessary cookies needed for secure payment and to run the site. STUB: confirm and add a cookie banner if your jurisdiction requires one.

Contact

Questions about privacy or a data request? Contact us.