Privacy Policy · Still Strong
Shop

Privacy Policy

Last updated: May 15, 2026

This is how Still Strong LLC ("we", "us") handles your information when you visit shop.stillstrong.com or buy something from us. We try to keep this plain-spoken. If something here isn't clear, email us at hello@stillstrong.com.

What we collect

  • Order information. Your name, email, shipping address, phone number, and the items you bought. Required so we can actually send you the shirt.
  • Payment information. Processed by Stripe — we never see or store your full card number, only the last 4 digits and a Stripe customer reference.
  • Account information (if you create an account): username, display name, hashed password.
  • Feedback you choose to send us through the on-site feedback widget, including any attachments.
  • Site activity. Pages visited, products viewed, cart actions, purchases — collected via cookies and pixels (see below).
  • Technical data. IP address, browser type, device type, referral URL. Logged by our hosting provider (Cloudflare) for security and abuse prevention.

Why we collect it

  • To fulfill and ship your orders, and provide customer service.
  • To improve the site (which pages people use, which products resonate).
  • To measure and optimize advertising — including showing the right ads to the right people, and learning which ads actually lead to purchases.
  • To detect fraud, abuse, and security incidents.
  • To comply with legal obligations (tax records, sanctions compliance).

Cookies and tracking pixels

We use the Meta Pixel (Facebook/Instagram) and Meta Conversions API to measure the effectiveness of our advertising. The Pixel sets cookies in your browser and reports certain actions you take on this site (page views, products viewed, items added to cart, checkouts initiated, and purchases) to Meta. The Conversions API mirrors those events server-side from our systems directly to Meta, with personal identifiers (email, phone number, name) hashed using SHA-256 before they leave our servers. This dual setup helps us attribute conversions accurately and reach people who are likely to be interested in what we make — including past customers, and people who look like our existing customers.

We also use Automatic Advanced Matching in the Meta Pixel, which hashes form-field values (like your email when you check out) on your device before they are sent to Meta. We do not send sensitive data (financial, health, government ID) to Meta.

You can opt out of personalized ads from Meta in your Meta account settings, and opt out of cross-site tracking generally via the Digital Advertising Alliance or Network Advertising Initiative. You can also block cookies via your browser settings — the shop will still work, but Meta won't see your activity.

Who we share information with

We only share information with the third parties we use to run the business:

  • Stripe — payment processing.
  • Cloudflare — hosting, DNS, and content delivery.
  • Meta Platforms (Facebook/Instagram) — advertising measurement and attribution (Pixel + Conversions API), as described above.
  • Our email provider — to send order confirmations, shipping notifications, and (if you opt in) marketing email.
  • Shipping carriers — so they can deliver your order.

We do not sell your personal information. We do not share it with anyone else for their own marketing purposes.

Your rights

You can ask us to access, correct, or delete the personal information we hold about you. You can also ask us to stop sending you marketing email at any time. Email hello@stillstrong.com and we'll respond within 30 days.

If you're in California, you have additional rights under the CCPA / CPRA — including the right to know what we collect, the right to delete it, and the right to opt out of "sharing" for cross-context behavioral advertising. The Meta Pixel disclosed above is the only such sharing we engage in; you can opt out by following the links in the "Cookies and tracking pixels" section.

Data retention

We keep order and customer information for as long as your account is active, and for up to 7 years after that for tax and fraud-prevention purposes. Feedback messages are retained until manually cleared. Pixel/Conversions API events are retained by Meta per their own policies.

Children

This site is not directed to children under 13. We do not knowingly collect information from them.

Changes to this policy

If we change this policy in a material way, we'll update the "last updated" date above and, when appropriate, notify you by email or a prominent notice on the site.

Contact

Still Strong LLC
hello@stillstrong.com