Josie Blackthorn — Paper Doll. Out now.Free shipping over $120Printed on demand. Ethically. Slowly.MISFIT10 — 10% off your first orderOracle — The Fault Testament EP. Listen now.Misfit Mindset — Screaming in Starlight. Album out.You are not alone — Mental Health ResourcesCrisis? Call or Text 988 · Free & Confidential · 24/7
Misfit MindsetMisfit Mindset
LEGAL · PRIVACY POLICY

Privacy Policy

Last updated · April 23, 2026

Misfit Mindset LLC ("we," "us," "Misfit Mindset") respects your privacy. This policy describes what we collect, why, and what rights you have over your data. We write this in plain English on purpose.

1. Data We Collect

You give us directly

  • Account data: name, email, password (hashed).
  • Order data: shipping address, items, order history.
  • Payment data: handled by Stripe. We never see your full card number.
  • Community data: posts, replies, and comments you publish in our forum.
  • Communications: emails, support tickets, survey responses.

Collected automatically

  • Device data: browser, OS, IP address, general location (city-level).
  • Usage data: pages viewed, clicks, session duration.
  • Cookies: see our Cookie Policy.

From third parties

  • Social login: if you sign in with Apple or Google, we receive your name and email per your permissions.
  • Social media integrations: if you connect an Instagram, TikTok, Facebook, X, YouTube, Spotify, Bandcamp, Threads, or Pinterest account to your profile, we receive only the public data you authorize.

2. How We Use Your Data

  • Fulfill orders and provide customer service.
  • Process payments via Stripe.
  • Send transactional emails (order confirmation, shipping).
  • Send marketing emails only if you opt in. Unsubscribe is in every email.
  • Improve our products and site performance.
  • Comply with legal obligations and prevent fraud.

We never sell your personal data. Not now, not ever.

3. Sharing

We share only with processors who help us operate:

  • Stripe — payment processing.
  • Misfit Mindset Fulfillment — in-house printing and order fulfillment.
  • Klaviyo — transactional & marketing email.
  • Cloudflare — infrastructure and security.
  • Google Analytics 4 — site usage analytics (anonymized IP).
  • Meta Pixel · TikTok Pixel — ads reporting, only if you consent to marketing cookies.

4. Your Rights

Regardless of where you live, you can:

  • Access — request a copy of all data we hold on you.
  • Correct — fix inaccurate info.
  • Delete — erase your account and data (Data Deletion).
  • Port — export your data in a machine-readable format.
  • Object — opt out of marketing, targeted ads, or profiling.

Email us at [email protected] and we'll respond within 30 days.

5. GDPR (EU/UK residents)

Legal bases: contract (for orders), consent (for marketing), legitimate interest (for security and fraud prevention). You have the right to lodge a complaint with your supervisory authority.

6. CCPA / CPRA (California residents)

You have the right to know, delete, correct, and opt out of sharing. We do not sell personal information. To exercise rights, email [email protected].

7. Children

Our services are not intended for children under 13. We do not knowingly collect data from children under 13. If you believe we have, contact us and we will delete it.

8. Security

We use TLS in transit, encryption at rest, hashed passwords, and strict access controls. No system is perfectly secure, and we won't pretend otherwise.

9. Retention

Account data: until you delete your account. Order data: 7 years (tax compliance). Analytics: 26 months. Marketing consent logs: 3 years after withdrawal.

10. Changes

When we update this policy, we'll post the new date above and email you if changes are material.

11. Contact

Misfit Mindset LLC · [email protected]