Privacy Policy

Last updated:

This Privacy Policy describes how Sarah Primiano (“we,” “us,” or “our”), a sole proprietor based in San Antonio, Texas, collects, uses, and shares information when you visit sarahprimiano.com (the “Site”), purchase from our store, or contact us.

1. Who We Are

Sarah Primiano is an independent author operating as a sole proprietor in San Antonio, Bexar County, Texas. This Policy covers the Site and all related services we provide directly. It does not cover third-party platforms (such as retailers, social networks, or Goodreads) where Sarah Primiano’s books or content may also appear; those services have their own privacy policies.

2. Information We Collect

Information you provide to us. When you place an order or contact us, we collect information you give us directly. This may include your name, shipping address, billing zip code, email address, order history, and the contents of any message you send.

Information collected automatically. When you visit the Site, our hosting provider (Railway) and the Site itself automatically receive standard log information including your IP address, browser and device information, the pages you view, the time and duration of your visit, and the referring URL.

Cloudflare.Cloudflare provides the network and security layer in front of the Site, including content delivery, DDoS protection, and TLS termination. We also use Cloudflare Web Analytics to understand aggregate traffic patterns. Cloudflare Web Analytics is privacy-focused: it does not set cookies, does not store IP addresses or other persistent identifiers, and does not track visitors across sites. It collects aggregate information about page visits, referring URLs, country (derived from your IP without retaining the IP), browser, operating system, and page-load timing. Cloudflare’s practices are described in the Cloudflare Privacy Policy at cloudflare.com/privacypolicy.

Sentry.We use Sentry, an application-monitoring service, to detect errors, monitor Site performance, and receive Content Security Policy violation reports. When the Site encounters an error or a policy violation, Sentry receives technical diagnostic information including the page URL, your IP address, browser and device information, the error or violation details, and a record of the events leading up to the error. We use this information only to investigate and resolve problems with the Site. Sentry’s practices are described at sentry.io/privacy.

Payment information.Card details are entered directly into Square’s hosted payment form during checkout and do not pass through our servers. We receive only a tokenized reference, the billing zip code, and the last four digits of the card.

3. How We Use Information

We use the information we collect to:

4. How We Share Information

We share information with service providers who act on our behalf and are contractually bound to use it only for the purposes we direct. These include:

We may also disclose information when required by law, in response to valid legal process, to protect our rights or the safety of others, or in connection with a sale, merger, or other business transfer.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising or for third-party marketing purposes.

5. Cookies and Tracking Technologies

We use a small number of first-party cookies and similar storage to keep your shopping cart and session working as you move through the Site. Square’s payment form, which is embedded during checkout, sets its own cookies on Square’s domain to process payment and prevent fraud. We do not currently use any third-party advertising or analytics cookies.

6. Data Retention

We retain order and transaction records for approximately seven years to satisfy tax and accounting obligations. Server logs are generally retained for about thirty days. We may retain information longer when required to do so by law or to resolve disputes.

7. Your Rights Under Texas Law

Under the Texas Data Privacy and Security Act, Texas residents have the right to:

To exercise any of these rights, email us at [email protected]. We will respond within forty-five days. If we deny your request, you may appeal that decision by replying to our response, and we will reply to the appeal within sixty days.

8. Children’s Privacy

The Site is not directed to children under the age of thirteen, and we do not knowingly collect personal information from children under thirteen. If you believe a child has provided us with personal information, please contact us at [email protected] and we will delete it.

9. Security

We use industry-standard measures to protect information in transit and at rest, including TLS encryption for traffic to the Site. Square handles cardholder data in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). No method of transmission or storage is one-hundred-percent secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, if the changes are material, post a more prominent notice on the Site.

11. Contact Us

Questions about this Policy or our privacy practices? Email [email protected]. See also our Terms of Service.

Sarah Primiano · Sole Proprietor · San Antonio, Texas · sarahprimiano.com