25% off through July 5  ·  SHOP THE COLLECTION →

Privacy Policy

Last updated: June 2026

What we collect

  • Name and email — for orders and (only if you subscribe) the Reading Room newsletter
  • Shipping address — used to fulfill your order, then kept with the order record for proof of delivery
  • Payment information — collected by Shopify Payments, never seen or stored by us
  • Browsing behavior — only with your cookie consent: pages viewed, clicks, cart events. Anonymous unless you check out
  • Diagnostic data — URL + action breadcrumbs when an error happens, via Sentry. No personal data is intentionally captured

How we use it

  • To fulfill and communicate about your order
  • To send the Reading Room newsletter — only if you subscribed
  • To understand which parts of the site work for visitors and improve them
  • To diagnose technical errors so the site stays working

Who processes your data on our behalf

  • Shopify — order management, payment processing, checkout (name, address, email, payment)
  • Printify — print-on-demand fulfillment partner (name, address, order contents)
  • Klaviyo — newsletter email delivery (email, only if you subscribed)
  • PostHog — anonymous product analytics, only if you accept cookies (browsing behavior, no name/email). Hosted in the EU
  • Sentry — error diagnostics (URL + breadcrumbs when an error occurs, no personal data)
  • Cloudflare — CDN + DDoS protection (standard server logs: IP address, user agent, request URL)
  • Judge.me — product reviews you voluntarily submit
  • We never sell your data. Ever.

Some of these providers (Shopify, Klaviyo, Sentry, Cloudflare, Judge.me) are based in the United States. Where they handle data from visitors in the EU or UK, those transfers are covered by Standard Contractual Clauses and/or the EU–US Data Privacy Framework.

Cookies & local storage

We use the following — most are essential and don't need consent:

  • slothisticated_cart_id (localStorage, essential) — keeps your cart between visits. We never read this until you add something to your bag.
  • cookie-consent (localStorage, essential) — remembers your choice on this banner so we don't ask again.
  • ph_distinct_id (cookie, analytics, only after consent) — stable anonymous ID PostHog uses to recognize a returning visitor across sessions. Cleared if you decline.
  • __Secure-shopify_y / _s (Shopify cookies, essential) — checkout session management, set by Shopify on payment pages.

You can change your mind any time via the "Cookie preferences" link in the footer.

How long we keep it

  • Order records — 7 years (tax/accounting requirement)
  • Newsletter subscription — until you unsubscribe
  • Anonymous analytics events — 1 year, then automatically deleted by PostHog
  • Error diagnostic events — 90 days, then automatically deleted by Sentry
  • Server logs (IP, request URL) — 30 days at Cloudflare

Your rights (GDPR / CCPA)

You have the right to access, correct, delete, or export your data.

Self-serve: sign into your account and visit /account/data to download or delete your data instantly.

Or email [email protected] and we'll handle it within 30 days.

Contact

Questions about this policy? [email protected]

← Back to shop