Effective date: 2026-05-02 · Last updated: 2026-05-02
CES operates this website at ces.sh. Contact: hello@ces.sh
| Data | Source | Purpose |
|---|---|---|
| Email address, name, billing country | Stripe (at purchase) | Fulfillment, receipt delivery |
| Page views, IP address, browser | Analytics (if enabled) | Product improvement |
We never see or store your payment card number. Stripe processes all card data under PCI-DSS Level 1 certification. See Stripe's privacy policy.
This product is not directed at individuals under 16.
We do not sell personal information to any third party.
Stripe's EU-US data transfers are covered by Standard Contractual Clauses (SCCs). Where adequacy decisions apply, we rely on those. Your data is processed in accordance with GDPR requirements regardless of where our processors are located.
GDPR (EU/EEA/UK residents): You have the right to access, rectify, erase, port, restrict processing of, or object to processing of your personal data. We will respond within 30 days. Contact: hello@ces.sh
CCPA/CPRA (California residents): You have the right to know what personal information we collect, to request deletion, and to opt out of the sale of personal information. We do not sell personal information. Contact: hello@ces.sh
If we make material changes to this policy, we will notify you via email (if we have your address) at least 14 days before the change takes effect. The effective date at the top of this page will be updated.
For privacy-related requests: hello@ces.sh