Privacy Policy

Last updated: May 17, 2026

Draft — not legal advice.

These terms have not been reviewed by an attorney and should not be relied on for compliance or enforceability. Review and edit with qualified counsel before public launch. Last updated: May 17, 2026.

1. Overview

TruculentTees ("we," "us," "our") operates an online store at truculenttees.com selling political apparel manufactured on demand in the United States. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices and rights you have over your data.

2. Information We Collect

We collect only what we need to take orders, fulfill them, and prevent fraud:

  • Account & contact information — email address, optional name.
  • Order & shipping information — shipping address, items ordered, order history.
  • Payment information — collected and processed directly by Stripe. We never see or store full card numbers; we receive only a token, card brand, and last four digits for receipt and dispute-handling purposes.
  • Technical information — IP address, user agent, device and browser characteristics, referring URL, and UTM marketing parameters. We use this for analytics, debugging, and fraud prevention.
  • Mailing list information — if you opt in, your email address and the marketing preferences you choose.
  • Support correspondence — emails or messages you send us.

3. How We Use Your Information

  • Process and fulfill orders, including handing your shipping address to our print-on-demand fulfillment partner.
  • Send transactional emails (order confirmation, shipping notifications, return updates, restock notifications you have explicitly opted in to receive).
  • Respond to customer-service inquiries.
  • Detect, investigate, and prevent fraud, abuse, and chargeback risk.
  • Improve site performance, troubleshoot bugs, and analyze aggregate usage.
  • Comply with tax, accounting, and other legal obligations.

We do not sell your personal information. We do not share it with third parties for their own marketing.

4. Third-Party Processors

We use the following service providers to operate the store. Each receives only the information necessary to perform its function and is contractually obligated to protect it:

  • Stripe — payment processing. Stripe receives your billing information and payment details directly.
  • Apliiq — print-on-demand manufacturing and shipping. Apliiq receives your shipping address and order line items.
  • Resend — transactional and (if opted in) marketing email delivery. Resend receives your email address and message content.
  • Railway — application hosting and database storage in the United States.

5. Cookies & Similar Technologies

We use a small number of cookies and similar technologies:

  • Strictly necessary — shopping cart, session, and CSRF protection. These cannot be disabled.
  • Functional — remembering preferences such as size selection.
  • Analytics & attribution — first-party UTM tracking to understand which campaigns drive orders.

We do not use third-party advertising cookies and we do not participate in cross-context behavioral advertising.

6. Do Not Sell or Share / Global Privacy Control

We do not sell your personal information and we do not share it for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively "CCPA/CPRA"). We honor the Global Privacy Control (GPC) signal sent by supported browsers as a valid opt-out of sale and sharing, on behalf of all consumers, including California residents.

7. Your Rights (California Residents)

If you are a California resident, the CCPA/CPRA gives you the right to:

  • Know what personal information we have collected, the sources, the purposes, and the categories of third parties with whom we have shared it.
  • Request a copy of the specific pieces of personal information we have collected about you in a portable format.
  • Request that we correct inaccurate personal information.
  • Request that we delete personal information we have collected, subject to legal-retention exceptions.
  • Limit our use of sensitive personal information (we do not currently use it for purposes that trigger this right).
  • Opt out of any sale or sharing (we do not sell or share, but you may still send the request).
  • Not be subjected to retaliation for exercising any of these rights.

We will not discriminate against you for exercising these rights. To submit a request, email [email protected]. We will verify your identity using information already in our possession (typically order email and order number) before fulfilling the request, and will respond within 45 days as required by law.

You may also use the California Delete Act's deletion mechanism where it applies. We are not a registered data broker.

8. Your Rights (EU/EEA/UK Residents)

If you are located in the European Economic Area or the United Kingdom, the General Data Protection Regulation (GDPR) and UK GDPR give you the rights of access, rectification, erasure, restriction of processing, data portability, and objection, as well as the right not to be subject to solely automated decision-making with legal effect (we do not engage in such automated decision-making). You also have the right to lodge a complaint with your national supervisory authority. To exercise any of these rights, email [email protected].

Our legal bases for processing are: performance of a contract (to fulfill your orders), legitimate interests (to operate, secure, and improve the store), consent (for marketing email, where required), and compliance with legal obligations (tax and accounting).

9. International Transfers

We store and process personal information in the United States. If you are located outside the U.S., your information will be transferred to and processed in the U.S., which may have different data-protection rules than your country of residence.

10. Data Retention

We retain order records for seven (7) years to comply with tax and accounting obligations. Marketing-list subscriptions are kept until you unsubscribe. Server logs containing IP addresses are retained for up to 90 days, after which they are deleted or aggregated. We will delete account-level personal information on request, except where retention is required by law.

11. Security

We use HTTPS site-wide, encrypt data in transit, store passwords using modern password-hashing algorithms, and restrict administrative access to the operator. No online service can be guaranteed perfectly secure; please use a strong unique password for your account.

12. Children's Privacy

Our store is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact [email protected] and we will delete it.

13. Marketing Email & CAN-SPAM

Marketing emails, including restock notifications, are sent only after explicit opt-in. Every marketing email includes a one-click unsubscribe link. Transactional emails (order confirmations, shipping updates) are sent in connection with your purchase and are not subject to unsubscribe under the CAN-SPAM Act.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced on this page with an updated effective date. Your continued use of the site after an update constitutes acceptance of the revised policy.

15. Contact

Questions, requests, or complaints: [email protected].