Storefront data use

The storefront stores order records, delivery logs, and the email address required to send payment and download confirmations. Stripe processes payment details directly; card data does not pass through the storefront server.

Download logs may include a hashed IP value, user agent, timestamps, and the purchased package slug so private file delivery can be audited and abuse can be investigated.

Newsletter consent is optional and should only be stored when the checkbox is explicitly selected before checkout. That consent state is attached to the order record.

Operational providers may include Vercel, Stripe, Neon, Resend, and Google Workspace, depending on the part of the transaction or support flow involved.