Privacy Policy

This Privacy Policy explains how Illure Design (“we,” “us,” “our”), operating as Alkemy Market, collects, uses, stores, and protects personal information. This policy applies to merchants, shoppers, and visitors of the Alkemy Market platform.

1. Information We Collect

From Merchants

• Account information: name, email address, business name
• Stripe Connect account identifier (we do not store Stripe credentials)
• Store configuration, product listings, and brand assets
• Usage data: login activity, feature usage, support interactions

From Shoppers

• Account information: name, email address (if account created)
• Shipping address (for order fulfillment)
• Order history and product interactions
• Payment information is processed entirely by Stripe — we do not store credit card details

Automatically Collected

• IP address, browser type, device information
• Pages visited, referral source, session duration
• Cookies and similar tracking technologies (see Cookies section)

2. How We Use Your Information

We use collected information to:

• Operate and maintain the Platform
• Process merchant onboarding and plan subscriptions
• Facilitate order fulfillment between merchants and shoppers
• Provide customer and merchant support
• Send transactional emails (order confirmations, shipping updates)
• Improve Platform performance, security, and features
• Comply with legal obligations

We do not use your information for targeted advertising. We do not sell your data.

3. Data Sharing

We share personal information only with service providers necessary to operate the Platform:

• Stripe: Payment processing and merchant account management
• EasyPost: Shipping label generation and carrier rate calculation
• Zonos: Landed cost and duties calculation for international orders
• Chargeflow: Chargeback dispute management
• Vercel: Application hosting
• Cloudflare: CDN, image optimization, and DDoS protection
• Neon: Database hosting

Each provider processes data under their own privacy policies and security certifications. We do not share data with advertising networks, data brokers, or any third party for marketing purposes.

4. Merchant Access to Customer Data

When a shopper makes a purchase through a merchant's storefront, the merchant receives the customer's name, email address, and shipping address. This is by design — merchants are the merchant of record and need this information to fulfill orders and build customer relationships.

Merchants are responsible for handling customer data in compliance with applicable privacy laws. By making a purchase, shoppers consent to sharing order-related information with the merchant.

5. Data Retention

• Active accounts: Data is retained for the duration of the account
• Closed accounts: Data is retained for 30 days after closure for export purposes, then permanently deleted
• Transaction records: Order references may be retained for up to 7 years for tax and legal compliance
• Analytics data: Aggregated, anonymized data may be retained indefinitely for platform improvement

6. Cookies

Alkemy uses cookies for:

• Essential cookies: Session management, authentication, security (required)
• Functional cookies: Preferences, cart state, recently viewed items
• Analytics cookies: Understanding Platform usage (can be opted out)

We do not use advertising or tracking cookies. We do not participate in cross-site tracking networks.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete your account and associated data
• Export your data in a portable format
• Withdraw consent for optional data processing
• Object to certain types of data processing

To exercise these rights, contact privacy@alkemy.market. We will respond within 30 days.

8. Canadian Privacy Law (PIPEDA)

As a Canadian company, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). We collect personal information only for identified purposes, obtain consent where required, and provide access to individuals upon request.

9. GDPR (European Users)

For users in the European Economic Area, we process personal data on the following legal bases: contract performance (operating your account), legitimate interests (platform security and improvement), and consent (optional analytics). You may exercise your GDPR rights by contacting privacy@alkemy.market.

10. Children

Alkemy Market is not directed at individuals under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users at least 14 days before taking effect.

12. Contact

For privacy-related questions or requests:

Email: privacy@alkemy.market
Illure Design
Edmonton, Alberta, Canada