Storzu
← Back to Home

Privacy Policy

Last updated: March 24, 2026

1. Introduction

Storzu ("we," "us," or "the Platform") is committed to protecting the privacy of our Vendors and their customers. This Privacy Policy explains how we collect, use, store, and protect personal information in connection with our website creation and hosting services.

2. Information We Collect

From Vendors (Account Holders)

  • Name and contact information (phone number, email address)
  • Business information (shop name, business category)
  • Account credentials (hashed passwords — we never store plain-text passwords)
  • Website configuration and template preferences
  • Usage data and interaction logs

From Vendor Website Visitors

Storzu may collect basic analytics data (page views, browser type) to maintain platform performance. Individual Vendors are responsible for their own data collection practices and must comply with applicable privacy laws regarding their customers' data.

3. How We Use Information

  • To provide, maintain, and improve our Platform services
  • To create and manage Vendor accounts and websites
  • To communicate with Vendors about their accounts and services
  • To ensure platform security and prevent abuse
  • To comply with legal obligations

4. Data Storage & Security

Your data is stored securely using industry-standard practices. We use:

  • PostgreSQL database storage with row-level security
  • Global CDN and hosting with enterprise-grade DDoS protection
  • bcrypt hashing for password storage
  • HTTPS/TLS encryption for all data in transit
  • HTTP-only secure cookies for session management

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Trusted infrastructure providers (database, hosting, CDN) for service delivery
  • Law enforcement when required by law or valid legal process
  • Third parties with your explicit consent

6. Vendor Data Processing

As a technology provider, Storzu processes Vendor data solely for the purpose of delivering our services. Vendors act as independent data controllers for any personal data they collect from their own customers. Vendors are responsible for:

  • Publishing their own privacy policy on their vendor website
  • Obtaining necessary consent from their customers
  • Complying with applicable data protection laws (GDPR, CCPA, IT Act, etc.)
  • Responding to data subject access requests from their customers

7. Cookies

We use essential cookies for session management and authentication. These are HTTP-only secure cookies required for the Platform to function. We do not use third-party tracking cookies on the main Storzu platform.

8. Data Retention

We retain Vendor account data for as long as the account is active. Upon account termination, data is retained for up to 30 days to allow for reactivation, after which it is permanently deleted. Webhook logs and delivery records are retained for 90 days.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data in a portable format
  • Object to or restrict certain data processing

10. Contact

For privacy-related questions or requests, contact us at: privacy@storzu.com