text

Privacy & Disclosures

Privacy Policy

Effective date: July 7, 2026

This policy explains what ROSANA collects, why we collect it, and the choices available when you use our US storefront.

DisclosureWe do not store card numbers
DisclosureSquare hosts payment collection
DisclosureCart recovery can be disabled

Payment disclosure

Payments are collected through Square Hosted Checkout. Square may process payment and checkout information under its own privacy terms.

Read Square's privacy notice

Information we collect

We collect the information needed to operate the store, support your account, and fulfill purchases.

  • Account details such as email, name, phone, preferred language, and communication preferences.
  • Shopping data such as cart contents, product selections, checkout attempts, order records, shipping addresses, tax, shipping, and totals.
  • Payment records from Square such as payment status, provider identifiers, checkout links, receipt URLs, and webhook events. Sensitive card details are handled by Square, not stored by ROSANA.
  • Operational data such as logs, security events, admin actions, and basic device or request data needed to keep the storefront reliable.

Cookies and similar technologies

We use necessary cookies and similar browser storage for sign-in, session security, cart behavior, checkout continuity, localization, and fraud prevention. These are part of making the store function. If we later add analytics, advertising pixels, or cross-site tracking, this policy and the available choices should be updated before production use.

Cart recovery reminders

If you add items to your cart and do not complete checkout, ROSANA may send a reminder after a waiting period such as 7 days, using the contact details connected to your account. You can disable these reminders in your account settings.

How we use information

We use information to create and protect accounts, calculate cart totals, process checkout, confirm payments through Square webhooks, prepare orders, provide customer support, prevent abuse, maintain inventory, and improve store operations.

Sharing and processors

We share information only where needed to operate the store, such as payment processing with Square, hosting and database services with Supabase, deployment infrastructure, email or messaging providers, shipping support, security monitoring, and legal compliance. We do not sell personal information as part of the current storefront design.

Your choices

You can update profile details and disable cart recovery reminders from your account. You may also contact support to request help with access, correction, deletion, or privacy questions. Some records must be retained when needed for orders, accounting, fraud prevention, chargebacks, refunds, or legal obligations.

Security and retention

We use server-side payment handling, signed Square webhooks, Supabase row-level security, admin role checks, and audit-friendly records. No online store can guarantee absolute security, so production operation should include ongoing monitoring, backups, and access reviews.

Contact

For privacy or support requests, email hello@rosanabrand.com. Include the email address tied to your account or order so we can locate the relevant records.