Sploothy
Sploothy

Privacy Policy

Last updated: May 2026

1. Introduction

Sploothy ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Services.

2. Information We Collect

We collect the following personal information:

  • Name, email address, and shipping address (for order fulfillment).
  • Uploaded images (retained only briefly for processing, not stored for long-term use).
  • Generated images (stored only after purchase).

We do not collect or store payment details. Payments are processed through third-party services such as Stripe.

3. How We Use Information

We use your information to:

  • Process and fulfill your orders (digital and physical).
  • Communicate with you regarding orders, refunds, and support.
  • Ensure compliance with legal and intellectual property obligations.

We use cookies and tracking technologies (such as Meta Pixel) to measure advertising performance and deliver relevant ads. By default, Meta Pixel is enabled when you visit our site; you may opt out at any time using the Do Not Sell My Info link in the footer or by enabling Global Privacy Control (GPC) in your browser. We also use Vercel Analytics to collect anonymous, aggregated usage data (such as page views and referral sources) to improve our Services. Vercel Analytics is cookieless and does not track individual users.

4. Sharing of Information

We share your data only with trusted partners reasonably necessary to operate the Services:

  • StickersAndPosters.com: For printing and shipping physical products.
  • Stripe: For payment processing.
  • OpenAI: For AI processing of images.
  • Meta (Facebook): For advertising measurement and optimization via two channels: (1) Meta Pixel (browser-side JavaScript that records page views and on-site actions) and (2) Meta's Conversions API ("CAPI"), a server-to-server integration in which our backend sends Purchase events directly to Meta after an order is completed. Both channels are enabled by default; you can opt out at any time (see below). When you opt out, both Pixel and CAPI are disabled — your data is not shared with Meta through either channel.

We do not sell your information to third parties. However, sharing browsing data with Meta through Meta Pixel or the Conversions API may be considered a "sale" or "sharing" under certain state privacy laws such as the CCPA. You may opt out at any time by visiting our Do Not Sell My Personal Information page or by enabling the Global Privacy Control (GPC) signal in your browser, which we honor as a binding opt-out.

5. Cookies, Tracking, and Analytics

We use the following tracking and analytics tools:

  • Vercel Analytics: Gathers anonymous, aggregated website usage data (e.g., page views, referral sources, and general geographic region). Vercel Analytics does not use cookies, does not collect personally identifiable information, and does not track individual users across sessions.
  • Meta Pixel (browser-side): We use Meta Pixel to measure the effectiveness of our advertising on Meta platforms (Facebook, Instagram). Meta Pixel places cookies on your browser and collects data such as pages visited, actions taken (e.g., purchases), and device information. This data is shared with Meta and may be used for ad targeting.
  • Meta Conversions API ("CAPI", server-side): When you complete a purchase, our server sends a record of that purchase directly to Meta to support advertising attribution and measurement. The data sent includes: a one-way SHA-256 hashed version of your email address, name, city, state, postal code, and country (Meta cannot reverse these hashes to recover the original values); your IP address and browser user-agent string (not hashed, used for matching only); the Meta first-party cookie identifiers _fbc and _fbp if present in your browser; and non-personal order details (amount, currency, item count). We do not send your shipping address, phone number, or payment information through CAPI. CAPI runs in addition to (not instead of) Meta Pixel, with deduplication via a shared event ID so the same purchase is not counted twice.

Both Meta Pixel and CAPI are enabled by default. You can opt out of both at any time by visiting our Do Not Sell My Personal Information page, by enabling the Global Privacy Control (GPC) signal in your browser (which we honor automatically), or by using browser-level cookie blocking. When you opt out, neither Pixel nor CAPI will share your data with Meta.

Minimal technical cookies may also be placed by hosting or payment providers (e.g., Stripe) as required to operate the service.

6. GDPR and International Compliance

For users in the EU/UK:

  • Legal basis for processing includes contract fulfillment, legitimate interest, and consent (for cookies and tracking technologies such as Meta Pixel).
  • You have the right to access, rectify, or erase your personal data.
  • You may withdraw consent for advertising tracking at any time by visiting our Do Not Sell My Personal Information page or by enabling Global Privacy Control (GPC) in your browser.
  • Contact us at stuck@sploothy.com to exercise these rights.
  • We may transfer your data outside the EU/UK to trusted providers with adequate protections (e.g., Standard Contractual Clauses).

7. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used.
  • Request deletion of your personal information.
  • Opt out of the "sale" or "sharing" of your personal information.

Our use of Meta Pixel may constitute a "sale" or "sharing" under the CCPA. To opt out, visit our Do Not Sell My Personal Information page or enable the Global Privacy Control (GPC) signal in your browser — we honor GPC as a binding opt-out signal in accordance with California Code of Regulations §7026. To submit a data request, contact us at stuck@sploothy.com.

8. Data Retention

  • Uploaded images: not retained.
  • Generated images: retained only for fulfilling purchased orders.
  • Contact and shipping information: retained as required for business and tax purposes.

9. Security

We use reasonable technical and organizational measures to protect your data. However, no system is completely secure.

10. Children's Privacy

Our Services are not directed at children under 13, and we do not knowingly collect personal data from them.

11. Changes to Privacy Policy

We may update this Privacy Policy periodically. Continued use of our Services constitutes acceptance of the updated policy.

12. Contact Us

For privacy questions, please contact: stuck@sploothy.com