This policy explains what Tyson Lee Crisp, trading as Kaptik.com (ABN 79 165 876 262) ("Kaptik", "we") collects when you use Kaptik, why, and the choices you have. It applies to Sellers with Kaptik accounts and to Buyers who purchase through Kaptik storefronts.
1. What we collect
- Sellers: name, email, password (hashed), store details, Stripe Connect account id, and — if you add them — encrypted API keys for AI (OpenRouter) and email (Kit) integrations. Encrypted keys are stored with AES-256 encryption and are never shown back in full.
- Buyers: the email address you enter at checkout or when subscribing to a store, your orders, reviews you write, booking times and notes you submit, and course progress. We do not see or store card numbers — payment details go directly to Stripe.
- Usage data: aggregate page views, checkout and click events per store, and IP addresses used transiently for rate limiting and abuse prevention.
2. How we use it
- To run the service: deliver purchases, grant course/membership access, send receipts, magic sign-in links, booking confirmations, and renewal reminders.
- To show Sellers analytics about their own stores.
- To prevent fraud and abuse and to meet legal obligations.
- Platform announcements to account holders, which carry one-click unsubscribe. We do not send marketing email to Buyers, and Sellers cannot send marketing email through Kaptik.
3. Who we share it with
- Stripe processes payments; your checkout email is shared with Stripe to create the payment session.
- The Seller you buy from sees your email, order, review, booking details, and — if you subscribe to their audience — your subscription. Sellers may sync subscriber emails to their own email tool (e.g. Kit) or receive order events via webhooks they configure.
- Our infrastructure providers (hosting, database, file storage, email delivery) process data on our behalf.
- We do not sell personal information.
4. Cookies and tracking on storefronts
Kaptik itself uses cookies only for signing in (sellers, members) and affiliate referral attribution (30 days). Sellers may add their own advertising pixels(Meta, TikTok, Google Analytics) to their storefronts; these set third-party cookies and send page-view and purchase events to those advertising platforms under the Seller's own responsibility and those platforms' policies. Blocking third-party cookies in your browser does not affect your ability to buy.
5. Retention and deletion
- Order records are kept as long as needed for accounting and dispute obligations.
- Download links expire automatically; abandoned checkout records age out of use.
- To access or delete personal information we hold about you, email support@kaptik.com. We will respond within 30 days. Note that deleting order history may be limited by legal record-keeping obligations.
6. Security
Passwords are stored hashed, third-party API keys encrypted at rest, download links are expiring and use-limited, and payment card data never touches our servers. No system is perfectly secure; report vulnerabilities to support@kaptik.com.
7. International users
We operate from Australia and handle personal information in line with the Australian Privacy Principles. If you are in the EU/UK, we rely on contractual necessity to process your data for purchases you make, and you have the rights of access, correction, deletion, and complaint to your local supervisory authority.
8. Changes and contact
We will post changes here and update the date above. Privacy questions: support@kaptik.com, or write to 419 Cobden St, Mount Pleasant, VIC 3350, Australia.