Privacy Policy
Privacy Policy
ESHARP.STORE | Last updated: March 9, 2026
The Short Version
ESHARP sells hijabs online with an optional AR try-on feature. Here is how we handle your data:
- AR camera: Runs entirely on your device. We never see, store, or transmit any images or video from your camera.
- Payment info: Handled by Stripe. We never store your card number.
- Your data: We collect what we need to process orders (name, email, address) and improve the site (analytics). We do not sell your personal data.
- Your rights: You can access, correct, or delete your data at any time by emailing us.
1. Who We Are
ESHARP is operated by Harvto LLC, a California limited liability company.
Email: support@esharp.store
2. What Data We Collect
Data you provide directly
| Data | When | Purpose |
|---|---|---|
| Name, email, password | Account registration | Account management, order notifications |
| Shipping address | Checkout | Order fulfillment |
| Phone number (optional) | Checkout | Delivery updates |
| Custom design uploads | Custom order | Order fulfillment only |
Data collected automatically
| Data | How | Purpose |
|---|---|---|
| Device type, browser, OS | Analytics (cookies) | Site performance and compatibility |
| Pages visited, time on site | Analytics | Improve the shopping experience |
| AR session data | AR feature | Aggregate analytics (which styles are popular, session duration) |
| IP address | Server logs | Security, fraud prevention |
| Cookies | Browser | Site functionality and analytics (see Section 8) |
Data we do NOT collect
- No camera images or video. The AR try-on feature processes all camera data locally on your device. No images, video frames, or biometric/facial data are ever transmitted to our servers.
- No biometric data. Face detection for AR positioning runs entirely in your browser and is never recorded or stored.
- No credit card numbers. Payment processing is handled entirely by Stripe. We receive only a transaction confirmation and last four digits for your records.
3. How We Use Your Data
We use your data to:
- Process and fulfill your orders
- Send order confirmations and shipping updates
- Provide customer support
- Improve our website, products, and AR features (using aggregate, non-identifying analytics)
- Send marketing emails (only if you opt in)
- Prevent fraud and protect the security of our site
We do not sell your personal data to third parties.
4. Legal Basis for Processing (GDPR)
If you are in the UK or European Economic Area, we process your data under the following legal bases:
| Purpose | Legal basis |
|---|---|
| Order fulfillment | Performance of a contract |
| Account management | Performance of a contract |
| Fraud prevention | Legitimate interest |
| Site analytics | Legitimate interest (aggregate, anonymized) |
| Marketing emails | Consent (opt-in) |
| Legal compliance | Legal obligation |
5. Marketing Communications
We only send marketing emails if you opt in (e.g., by subscribing to our newsletter or checking a consent box at checkout).
You can unsubscribe at any time by clicking the "unsubscribe" link in any email, or by emailing us. We honor unsubscribe requests within 48 hours.
6. Third Parties We Share Data With
We share data only with service providers necessary to operate ESHARP:
| Provider | Data shared | Purpose |
|---|---|---|
| Shopify | Order and account data | E-commerce platform |
| Stripe | Payment data | Payment processing |
| MailerLite | Email address (opt-in only) | Email marketing |
| Analytics provider | Anonymized usage data | Site analytics |
| Shipping carriers | Name, address | Order delivery |
DeepAR SDK: The AR engine runs locally in your browser. DeepAR does not receive any camera data, images, or personally identifiable information from your AR sessions.
We do not share data with data brokers, advertisers, or any parties for purposes unrelated to operating ESHARP.
7. Data Retention
| Data | Retained for |
|---|---|
| Account data | Until you delete your account |
| Order history | 7 years (tax/legal requirements) |
| Custom design uploads | 90 days after order fulfillment, then deleted |
| AR session analytics | Aggregate data retained indefinitely; no personally identifiable information |
| Marketing consent | Until you unsubscribe |
| Server logs (IP, etc.) | 90 days |
8. Cookies
| Type | Purpose | Can you opt out? |
|---|---|---|
| Essential | Cart, login session, security | No (required for the site to work) |
| Analytics | Understanding how visitors use the site (anonymized) | Yes |
We do not use advertising or tracking cookies from third-party ad networks.
On your first visit, we will ask for your consent before setting non-essential cookies. You can change your cookie preferences at any time through your browser settings.
9. Your Rights
For all users
You have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data (subject to legal retention requirements)
- Export your data in a portable format
To exercise any of these rights, email us at support@esharp.store. We will respond within 30 days.
Additional rights under GDPR (UK/EEA users)
- Right to restrict processing
- Right to object to processing based on legitimate interest
- Right to lodge a complaint with your local data protection authority
Additional rights under CCPA (California residents)
- Right to know what personal information we collect and how it is used
- Right to delete your personal information
- Right to opt out of the sale of personal information - we do not sell your personal information
- Right to non-discrimination for exercising your privacy rights
10. Children's Privacy
ESHARP is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child under 13 has provided us personal data, contact us and we will delete it.
11. International Data Transfers
ESHARP is operated from the United States. If you are located outside the US, your data may be transferred to and processed in the US. By using the Site, you consent to this transfer. We take reasonable measures to protect your data in accordance with this Privacy Policy.
12. Data Security
We use industry-standard measures to protect your data, including:
- HTTPS encryption on all pages
- Secure, hashed password storage (via Shopify)
- Payment processing via PCI-DSS compliant Stripe
- Client-side-only AR processing (no camera data transmitted)
No system is 100% secure. If we discover a data breach that affects your personal data, we will notify you and relevant authorities as required by law.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes take effect when posted on this page. If we make material changes, we will notify registered users by email.
14. Contact Us
For privacy questions, data requests, or complaints:
ESHARP (Harvto LLC)
Email: support@esharp.store