Privacy Policy
Last updated: June 2026
1. Introduction
Sploothy ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Services.
2. Information We Collect
We collect the following personal information:
- Name, email address, and shipping address (for order fulfillment).
- Account information, if you create an account: your email address (used to sign you in and as your account identifier), an optional username and profile photo, and basic account activity such as login timestamps, creation/usage counts, and whether you have made a purchase.
- Uploaded images (retained only briefly for processing, and not stored for long-term use unless you are signed in and save them to your account — see "Accounts, Profiles, and Saved Creations" below).
- Generated images (stored after purchase, or when you save them to your account while signed in).
- Review submissions, if you leave a customer review: the email address you provide, an optional display name, your star rating, your written review, and any photos you choose to attach.
- Email subscription preferences, if you sign up for updates or opt in to marketing: your email address, optional name, and whether you have consented to promotional emails.
We do not collect or store payment details. Payments are processed through third-party services such as Stripe.
3. How We Use Information
We use your information to:
- Process and fulfill your orders (digital and physical).
- Communicate with you regarding orders, refunds, and support.
- Create and manage your account, including passwordless sign-in by emailing you one-time verification codes.
- Save and display the designs ("creations") you generate while signed in, and power related features such as favorites, trash, weekly creation limits, and promotions.
- Operate optional public profiles and enforce our Terms (including content moderation, account suspensions, and bans).
- Publish and display customer reviews you submit, including any display name and photos you choose to include (we review reviews before they appear publicly, and your review email is never shown publicly).
- Send you transactional and service emails (such as one-time sign-in codes, order confirmations, and important service updates) and, where you have opted in, promotional or marketing emails. You can unsubscribe from marketing emails at any time using the link in those emails or our unsubscribe page.
- Ensure compliance with legal and intellectual property obligations.
We use cookies and tracking technologies (such as Meta Pixel) to measure advertising performance and deliver relevant ads. By default, Meta Pixel is enabled when you visit our site; you may opt out at any time using the Do Not Sell My Info link in the footer or by enabling Global Privacy Control (GPC) in your browser. We also use Vercel Analytics to collect anonymous, aggregated usage data (such as page views and referral sources) to improve our Services. Vercel Analytics is cookieless and does not track individual users.
4. Sharing of Information
We share your data only with trusted partners reasonably necessary to operate the Services:
- StickersAndPosters.com: For printing and shipping physical products.
- Stripe: For payment processing.
- OpenAI: For AI processing of images.
- Google Firebase (Cloud Firestore and Cloud Storage): For storing account information, saved creations, profile photos, and customer reviews (including any review photos).
- Resend: For sending transactional and service emails (such as one-time sign-in codes and order confirmations) and, where you have opted in, promotional or marketing emails.
- Vercel: For website hosting and supporting infrastructure.
- Meta (Facebook): For advertising measurement and optimization via two channels: (1) Meta Pixel (browser-side JavaScript that records page views and on-site actions) and (2) Meta's Conversions API ("CAPI"), a server-to-server integration in which our backend sends Purchase events directly to Meta after an order is completed. Both channels are enabled by default; you can opt out at any time (see below). When you opt out, both Pixel and CAPI are disabled — your data is not shared with Meta through either channel.
We do not sell your information to third parties. However, sharing browsing data with Meta through Meta Pixel or the Conversions API may be considered a "sale" or "sharing" under certain state privacy laws such as the CCPA. You may opt out at any time by visiting our Do Not Sell My Personal Information page or by enabling the Global Privacy Control (GPC) signal in your browser, which we honor as a binding opt-out.
5. Cookies, Tracking, and Analytics
We use the following tracking and analytics tools:
- Vercel Analytics: Gathers anonymous, aggregated website usage data (e.g., page views, referral sources, and general geographic region). Vercel Analytics does not use cookies, does not collect personally identifiable information, and does not track individual users across sessions.
- Meta Pixel (browser-side): We use Meta Pixel to measure the effectiveness of our advertising on Meta platforms (Facebook, Instagram). Meta Pixel places cookies on your browser and collects data such as pages visited, actions taken (e.g., purchases), and device information. This data is shared with Meta and may be used for ad targeting.
- Meta Conversions API ("CAPI", server-side): When you complete a purchase, our server sends a record of that purchase directly to Meta to support advertising attribution and measurement. The data sent includes: a one-way SHA-256 hashed version of your email address, name, city, state, postal code, and country (Meta cannot reverse these hashes to recover the original values); your IP address and browser user-agent string (not hashed, used for matching only); the Meta first-party cookie identifiers
_fbcand_fbpif present in your browser; and non-personal order details (amount, currency, item count). We do not send your shipping address, phone number, or payment information through CAPI. CAPI runs in addition to (not instead of) Meta Pixel, with deduplication via a shared event ID so the same purchase is not counted twice.
Both Meta Pixel and CAPI are enabled by default. You can opt out of both at any time by visiting our Do Not Sell My Personal Information page, by enabling the Global Privacy Control (GPC) signal in your browser (which we honor automatically), or by using browser-level cookie blocking. When you opt out, neither Pixel nor CAPI will share your data with Meta.
- Account session cookie: If you sign in, we set a first-party, HTTP-only session cookie (named
sploothy_session) so we can keep you logged in for up to 30 days. This cookie is strictly necessary for account functionality and is not used for advertising or cross-site tracking.
Minimal technical cookies may also be placed by hosting or payment providers (e.g., Stripe) as required to operate the service.
6. GDPR and International Compliance
For users in the EU/UK:
- Legal basis for processing includes contract fulfillment, legitimate interest, and consent (for cookies and tracking technologies such as Meta Pixel).
- You have the right to access, rectify, or erase your personal data.
- You may withdraw consent for advertising tracking at any time by visiting our Do Not Sell My Personal Information page or by enabling Global Privacy Control (GPC) in your browser.
- Contact us at stuck@sploothy.com to exercise these rights.
- We may transfer your data outside the EU/UK to trusted providers with adequate protections (e.g., Standard Contractual Clauses).
7. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Opt out of the "sale" or "sharing" of your personal information.
Our use of Meta Pixel may constitute a "sale" or "sharing" under the CCPA. To opt out, visit our Do Not Sell My Personal Information page or enable the Global Privacy Control (GPC) signal in your browser — we honor GPC as a binding opt-out signal in accordance with California Code of Regulations §7026. To submit a data request, contact us at stuck@sploothy.com.
8. Data Retention
- Uploaded images: not retained, unless you save a creation to your account while signed in.
- Generated images: retained to fulfill purchased orders, or for as long as you keep them saved to your account.
- Account information and saved creations: retained while your account is active. You may delete individual creations at any time. You can also delete your entire account at any time from your Account settings page, or request deletion by contacting stuck@sploothy.com. Deleting your account permanently removes your account information, saved creations, profile photo, and username.
- Customer reviews: reviews you submit (including any display name and photos) are retained and, once approved, may be displayed publicly for as long as we operate the review feature. Reviews are not automatically removed when you delete your account; you may request removal of a review at any time by contacting stuck@sploothy.com.
- Email subscriptions: your email preferences are retained to manage what messages we send you. You can unsubscribe from marketing emails at any time, after which we stop sending you promotional messages.
- One-time sign-in codes: retained only briefly and expire within 15 minutes. Account session cookies expire after 30 days.
- Contact and shipping information: retained as required for business and tax purposes.
9. Security
We use reasonable technical and organizational measures to protect your data. However, no system is completely secure.
10. Children's Privacy
Our Services are not directed at children under 13, and we do not knowingly collect personal data from them.
11. Accounts, Profiles, and Saved Creations
Creating an account is optional. We use passwordless sign-in: you provide your email address and we send a one-time code to verify it. Your email is used to identify your account and is never shown publicly.
While you are signed in, the designs you generate ("creations") are saved to your account so you can access them across devices. You can favorite creations, move them to trash, or delete them. If you created designs before signing in, your local browser history may be merged into your account on first login; this sync is one-way (from your browser to your account).
If you choose to set a public username, you receive a public profile page (for example, /@yourname) that displays your username, profile photo, and saved creations to anyone who visits it. Your email address is never displayed on your public profile. Please do not include personal or sensitive information in content you choose to make public. You can contact us at stuck@sploothy.com to make your profile private or to remove it.
We may review or moderate usernames, profile photos, and creations, and may suspend or restrict accounts, in order to enforce our Terms of Service.
You can delete your account at any time from your Account settings page. Deleting your account permanently removes your account information, saved creations, profile photo, and username. Reviews you have posted publicly may be retained unless you also request their removal (see "Customer Reviews" below).
12. Customer Reviews
You may submit a customer review without creating an account. When you submit a review, we collect the email address you provide (used to verify and manage your review, and never displayed publicly), an optional display name, your star rating, your written review, and any photos you choose to attach.
Reviews are moderated before they appear. Once approved, your display name, rating, review text, and any attached photos may be displayed publicly anywhere on our site. Please do not include personal or sensitive information in a review or its photos. You can request removal of your review at any time by contacting stuck@sploothy.com.
13. Changes to Privacy Policy
We may update this Privacy Policy periodically. Continued use of our Services constitutes acceptance of the updated policy.
14. Contact Us
For privacy questions, please contact: stuck@sploothy.com
