Privacy Policy

Effective date: October 8, 2025
Who we are: Tamutamu (“we,” “us,” “our”) — Vancouver & Lower Mainland, BC
Contact: admin@tamutamu.co · +1-236-863-7334

Quick Summary

• We don’t sell or rent your data.
• We don’t store card numbers—payments go through Stripe.
• We only collect info needed to fulfill and deliver your order.
• We keep data only as long as needed for delivery, support, and legal/tax.
• You can ask us to access, correct, or delete your info anytime at admin@tamutamu.co.

1) Scope

This policy applies to our website tamutamu.co and our Tamutamu mobile app (together, the “Services”).

2) What we collect (minimal)

We aim to keep data collection lean:

• Order & delivery details you provide: name, phone, email, delivery address, optional delivery instructions, items ordered, price paid.
• Payment details: handled by Stripe. We never see or store your full card number or CVV.
• Operational logs: basic server/app logs (e.g., IP address, timestamps, device/app version) to keep the Services secure and working.
• Newsletter (optional): email address if you subscribe (managed via SendGrid).

We do not require you to create a customer account to shop.

3) Why we collect it (lawful purposes)

• Provide and deliver orders you request.
• Customer support (e.g., order status, delivery issues, refunds).
• Fraud/security monitoring and troubleshooting.
• Legal/tax compliance and record-keeping.
• Email communications you opt in to (e.g., newsletter).

4) Legal bases (Canada)

We follow PIPA (BC) and PIPEDA (Canada). We collect, use, and disclose personal information with your knowledge and consent and only for reasonable purposes a customer would expect (fulfilling orders, delivery, support, legal compliance).

5) Payments

Payments are processed by Stripe. Stripe acts as our payment processor and independently handles your payment credentials. We receive only limited payment metadata (e.g., success/failure, last 4 digits, brand) to reconcile orders and provide support.

6) Service providers (disclosure)

We use trusted vendors solely to run the Services:

• Stripe (payments)
• Supabase (database/storage)
• Vercel (website hosting)
• Expo (mobile app tooling)
• SendGrid (newsletter emails)
• GitHub (admin authentication for private admin pages)

These providers may process data on our behalf under contracts that limit their use to providing the contracted services.

7) Data retention

• Orders & delivery records: kept only as long as needed for delivery, support, and legal/tax requirements.
• Operational logs: short retention unless needed for security or debugging.
• Newsletter emails: kept until you unsubscribe or request deletion.

When data is no longer needed, we securely delete or anonymize it.

8) Cookies and tracking

We keep tracking light. We may use strictly necessary cookies for site/app functionality (e.g., cart). If we adopt analytics, we will use privacy-respecting configurations and update this policy.

9) Your rights

Subject to applicable law, you can:

• Access the personal information we hold about you.
• Correct inaccurate or incomplete information.
• Withdraw consent and/or request deletion (except where we must keep certain data for legal/tax reasons).

To exercise these rights, email admin@tamutamu.co. We’ll respond as required by law.

10) Security

We use administrative, technical, and organizational safeguards appropriate to the sensitivity of the information (e.g., encryption in transit, access controls, least-privilege admin access). No system is 100% secure, but we work to protect your data.

11) Children

Our Services are not directed to children under 13. If you believe a child provided us personal information, contact us to remove it.

12) International transfers

Our service providers may store or process information outside BC or Canada (e.g., the United States). Where that occurs, your data may be subject to foreign laws and lawful access by foreign authorities.

13) Changes to this policy

We may update this policy to reflect operational or legal changes. We’ll post the updated version with a new “Effective date.” Your continued use of the Services means you accept the updated policy.

14) Contact us

Questions or requests about privacy:
Email: admin@tamutamu.co
Phone/WhatsApp: +1-236-863-7334