Plain English summary: We collect only the data needed to process your order and deliver your product. We do not sell your data. We use Plausible Analytics (privacy-first, no cookies) and a TikTok advertising pixel. You have full rights over your data under GDPR.
Who We Are
This Privacy Policy applies to stefitmethod.com ("Site") operated by SteFit ("we", "us", "our"). We are the data controller for personal information collected through this Site.
For any privacy-related questions or requests, contact us at: [email protected]
What Data We Collect
We collect the following categories of personal data:
- Purchase data: your name, email address, billing country, and payment confirmation details — collected by Stripe at checkout and shared with us for order fulfilment
- Email address: used to deliver your purchased digital product and send order confirmation
- Analytics data: anonymised page views, referral sources, and device type — collected via Plausible Analytics (no cookies, no personal identifiers)
- Advertising data: pixel events (page view, add to cart, purchase) sent to TikTok Ads via the TikTok Pixel, which may use cookies to match ad interactions
We do not collect payment card numbers, bank details, or sensitive financial information. All payment processing is handled by Stripe.
How We Use Your Data
We use your personal data for the following purposes:
- Order fulfilment: to deliver the purchased PDF via email and send your order confirmation
- Customer support: to respond to support requests and process refunds
- Analytics: to understand how visitors use our site and improve content (Plausible Analytics — no personal data stored)
- Advertising measurement: to measure the effectiveness of our advertising campaigns (TikTok Pixel)
We do not use your personal data for automated decision-making or profiling.
Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
- Contract performance (Art. 6(1)(b)): processing your email and order data is necessary to fulfil your purchase contract
- Legitimate interests (Art. 6(1)(f)): analytics to improve our site and advertising measurement to understand campaign performance
- Consent (Art. 6(1)(a)): for advertising cookies (TikTok Pixel), we request your consent via the cookie banner on the site
Third-Party Services
We use the following third-party services that may process your data:
- Stripe (payment processing) — processes payment data under their own Privacy Policy. Stripe is PCI-DSS compliant. stripe.com/privacy
- Zapier (order automation) — receives order confirmation data from Stripe to trigger product delivery email. Data processed in the USA under Standard Contractual Clauses.
- Gmail / Google Workspace (email delivery) — used to send the product download link. Subject to Google's Privacy Policy.
- Plausible Analytics — privacy-first analytics with no cookies, no personal data, and no cross-site tracking. Data stored in the EU. plausible.io/privacy
- TikTok Ads (advertising pixel) — the TikTok Pixel tracks certain user interactions for advertising measurement. This may involve cookie placement. Active only with your consent. TikTok Privacy Policy
- Netlify (website hosting) — our site is hosted on Netlify. Server access logs may be retained for security purposes. netlify.com/privacy
- Google Drive (file hosting) — product PDF files are hosted on Google Drive. Download links are shared only with purchasing customers.
Cookies
We use cookies and similar tracking technologies as follows:
- Plausible Analytics: does not use cookies. Fully cookieless and privacy-compliant by default.
- TikTok Pixel: may set first-party cookies to measure ad performance. These are only placed with your consent (via the cookie banner).
- Stripe: may set cookies during the checkout flow for fraud prevention and payment processing.
You can manage or withdraw cookie consent at any time by clearing your browser cookies or contacting us. Withdrawing consent for TikTok cookies does not affect the functionality of the site or your ability to purchase.
Data Retention
We retain personal data for the following periods:
- Purchase records (email, order data): retained for 7 years for legal and accounting purposes
- Customer support emails: retained for 2 years after the last interaction
- Analytics data: Plausible Analytics data is retained indefinitely in aggregate, anonymised form — no personal data is stored
After these retention periods, data is securely deleted or permanently anonymised.
Your Rights Under GDPR
If you are located in the European Union, United Kingdom, or another jurisdiction with equivalent data protection laws, you have the following rights:
To exercise any of these rights, email us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.
International Data Transfers
Some of our third-party service providers (including Stripe and Zapier) are based in the United States. When data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
Children's Privacy
Our Site and products are intended for users aged 18 and over. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will delete it immediately. If you believe a child has provided us with personal data, contact us at [email protected].
Changes to This Policy
We may update this Privacy Policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. We encourage you to review this policy periodically. Continued use of the Site after changes constitutes acceptance of the updated policy.
Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or our data practices:
- Email: [email protected]
- Website: stefitmethod.com
We aim to respond to all privacy-related requests within 30 days.