Back to Home
1. Introduction
Hillbilly Fightwear ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hillbilly-fightwear.pages.dev and hillbillyfightwear.com (the "Site") or make a purchase from us.
Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Site.
2. Information We Collect
We may collect information about you in various ways:
- Personal Data: When you make a purchase, we collect your name, email address, shipping address, billing address, and payment information (processed securely by Stripe — we never store your full card number).
- Order Data: We retain records of your order details including items purchased, customization choices, order total, and transaction reference numbers.
- Usage Data: We automatically collect certain information when you visit the Site, including your IP address, browser type and version, operating system, referring URL, access times, pages viewed, and interactions with content.
- Device Data: We may collect information about the device you use to access the Site, including device type, screen resolution, and unique device identifiers.
- Cookies & Tracking: We use cookies and similar tracking technologies. See our Cookie Policy for full details on what cookies we use and how to manage them.
3. How We Use Your Information
We use the information we collect to:
- Process, fulfill, and ship your orders
- Send you order confirmations, shipping updates, and receipts
- Respond to your inquiries and provide customer support
- Process returns, exchanges, and refunds
- Detect and prevent fraud or unauthorized transactions
- Improve our website, products, and services
- Send promotional communications (only with your consent; you can opt out at any time)
- Comply with legal obligations and enforce our terms
4. Payment Information
All payments are processed securely through Stripe. When you complete a purchase:
- Your payment card details are sent directly to Stripe's secure servers and are never stored on our systems.
- Stripe is PCI DSS Level 1 certified, the highest level of security certification available.
- We only receive a confirmation token and the last four digits of your card for order reference purposes.
- For more information, see Stripe's Privacy Policy.
5. Legal Basis for Processing (GDPR)
If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data concerned and the context in which we collect it:
- Contract: Processing is necessary for the performance of a contract with you (e.g., fulfilling orders, processing payments)
- Consent: You have given consent for specific purposes (e.g., marketing communications, non-essential cookies)
- Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, website improvement)
- Legal Obligation: Processing is necessary to comply with the law (e.g., tax records, consumer protection)
6. Your Data Protection Rights (GDPR)
If you are a resident of the EEA, you have the following data protection rights:
- Right to Access: You can request copies of your personal data
- Right to Rectification: You can request correction of inaccurate data
- Right to Erasure: You can request deletion of your personal data
- Right to Restrict Processing: You can request we limit how we use your data
- Right to Data Portability: You can request a copy of your data in a machine-readable format
- Right to Object: You can object to our processing of your personal data
- Right to Withdraw Consent: You can withdraw consent at any time without affecting the lawfulness of prior processing
To exercise any of these rights, please contact us at privacy@hillbillyfightwear.com. We will respond to your request within 30 days.
7. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: You can request that we disclose what personal information we have collected, used, disclosed, and sold about you in the past 12 months.
- Right to Delete: You can request that we delete any personal information we have collected from you, subject to certain exceptions.
- Right to Opt-Out: You have the right to opt out of the sale of your personal information. We do not sell your personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
To exercise your rights, contact us at privacy@hillbillyfightwear.com or call us. We will verify your identity before fulfilling your request.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements:
- Order data: Retained for 5 years for tax and legal compliance
- Account data: Retained for the life of your account plus 2 years after deletion
- Usage/analytics data: Retained for up to 26 months
- Cookie consent records: Retained for 1 year
9. Data Security
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:
- HTTPS/TLS encryption for all data in transit
- Content Security Policy (CSP) headers to prevent cross-site scripting
- Cloudflare DDoS protection and Web Application Firewall
- PCI-compliant payment processing through Stripe
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.
10. Third-Party Services
We may share your information with third parties that help us operate our business:
- Payment Processors: Stripe processes payments securely
- Shipping Partners: Carriers who deliver your orders (USPS, UPS, FedEx)
- Hosting & CDN: Cloudflare hosts and protects our website
These third parties have their own privacy policies and are contractually required to protect your data. We do not sell your personal information to any third party.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws, including standard contractual clauses where required.
12. Do Not Track Signals
Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. Because there is no accepted standard for how to respond to DNT signals, we currently do not respond to them. However, you can manage your cookie preferences through our Cookie Policy and the cookie settings banner on our site.
13. Children's Privacy
Our Site is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete it.
14. Links to Other Websites
Our Site may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read the privacy policy of every website you visit.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date below. Your continued use of the Site after any changes constitutes your acceptance of the updated policy.
16. Contact Us
If you have questions about this Privacy Policy, wish to exercise your rights, or want to make a complaint, please contact us:
If you are in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.
Last Updated: February 11, 2026