Glamth

Privacy Policy

Last updated: March 1, 2026

1. Introduction

Glamth ("we," "us," or "our") operates the glamth.com website and mobile application (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

2. Information We Collect

Account Information

When you create an account, we collect your email address, display name, username, and password (stored as a one-way hash). If you sign in via TikTok, we receive your TikTok open ID, display name, username, and avatar URL.

Transaction Information

When you buy or sell items, we collect shipping addresses, order details, and payment information. Payments are processed by Stripe — we never store your full credit card number on our servers.

Usage Data

We automatically collect IP addresses, browser type, device information, pages visited, and timestamps when you use the Platform. We use cookies for session management and authentication.

3. How We Use Your Information

  • To create and manage your account
  • To facilitate transactions between buyers and sellers
  • To process payments and shipping
  • To send transactional emails (order confirmations, shipping updates, verification codes)
  • To provide customer support and resolve disputes
  • To detect and prevent fraud, abuse, and security threats
  • To enforce our Terms of Service
  • To improve and personalize the Platform

4. Information Sharing

We share your information only in the following circumstances:

  • With other users: Buyers see seller display names and usernames. Sellers receive buyer shipping addresses to fulfill orders.
  • Service providers: We use Stripe (payments), Shippo (shipping), Resend (email), Cloudflare (hosting and storage), and TikTok (authentication) to operate the Platform. These providers process data on our behalf under their own privacy policies.
  • Legal requirements: We may disclose information if required by law, subpoena, or government request.

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures including HTTPS encryption, HMAC-signed session tokens, bcrypt/argon2 password hashing, and rate limiting. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Cookies

We use a single essential session cookie to keep you logged in. This cookie is HTTP-only, secure in production, and expires after 30 days of inactivity. We do not use third-party advertising or tracking cookies.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Opt out of non-essential communications

To exercise these rights, contact us at privacy@glamth.com.

8. Children's Privacy

The Platform is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete that information promptly.

9. Data Retention

We retain your account data for as long as your account is active. Transaction records are retained for 7 years for tax and legal compliance. Session data is automatically purged after expiration. If you delete your account, we remove your personal data within 30 days, except where retention is required by law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Platform or sending an email. Your continued use of the Platform after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, contact us at privacy@glamth.com.