VelocityCartPractical ecommerce growth intelligence
Legal

Privacy Policy

How VelocityCart collects, uses, and protects your personal information.

Last updated: 6 April 2026

1. Introduction

VelocityCart ("we," "us," "our," or "VelocityCart") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website (getvelocitycart.com) and use our digital products and services, including our eBook "The Operator's Guide to Ecommerce Growth" and our monthly subscription service.

We operate in Australia and comply with the Privacy Act 1988 (Cth) (Australian Privacy Act) and the Australian Privacy Principles (APPs).

2. Information We Collect

2.1 Information You Provide Directly

When you interact with VelocityCart, we collect information you voluntarily provide:

  • Account Registration: When you create an account or purchase a product, we collect your email address. Your name is optional.
  • Payment Information: When you make a purchase, we collect payment details processed through Stripe. We never store your credit card details directly—Stripe handles all card data securely according to PCI compliance standards. We retain a Stripe payment reference for order and subscription management.
  • Contact Forms: If you contact us via our contact page or email, we collect your email address, name, and any message content you provide.
  • Communication Preferences: When you sign up, you may receive transactional emails (purchase confirmations, delivery links, subscription renewals) and optional marketing communications if you consent.

2.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical information:

  • Log Data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
  • Cookies and Tracking: We use cookies and similar technologies to recognize returning users, maintain your session, and understand how you use our website. Cookies also help us analyze website traffic and improve user experience.
  • Device Information: Information about your device, screen resolution, and general location (country/city level from IP address).

2.3 Information from Third Parties

We may receive information about you from third-party services we use, such as payment processors and email service providers, solely in connection with transactions and communications you authorize.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Processing Transactions: Fulfilling your purchases, sending digital product downloads, processing refunds, and managing subscription renewals.
  • Account Management: Creating and managing your account, enabling login via magic link authentication, and providing you access to purchased content.
  • Transactional Communications: Sending order confirmations, delivery emails with download links, subscription renewal notices, and support responses.
  • Marketing and Product Updates: Sending newsletters, product announcements, and promotional offers—only if you have opted in to marketing communications.
  • Website Analytics: Understanding how users interact with our website to improve user experience, identify technical issues, and optimize content delivery.
  • Security and Compliance: Detecting and preventing fraud, unauthorized access, and other security threats. Complying with legal obligations and law enforcement requests where required.
  • Customer Support: Responding to your inquiries, providing technical assistance, and resolving disputes or complaints.

4. Third-Party Services and Data Sharing

We use the following third-party service providers to deliver our products and operate our business. These services may process your personal information:

  • Stripe: Payment processor. Stripe handles all credit card data securely and never shares your card details with VelocityCart. We receive only a payment reference for order records.
  • SendGrid: Email service provider. We use SendGrid to send transactional emails (purchase confirmations, download links, subscription notices) and, if you consent, marketing communications. SendGrid processes your email address and message content.
  • Supabase: Database and authentication provider. Supabase stores your account information (email, optional name) and handles magic link authentication for secure login.
  • Sanity: CMS (Content Management System). Sanity stores website content but does not have access to your personal payment or account data.
  • Vercel: Web hosting provider. Vercel hosts our website and may process access logs and technical data.

We only share your personal information with these providers to the extent necessary to deliver our services. All providers are required to maintain confidentiality and use your information only for the purposes we specify. We do not sell your personal information to third parties.

5. Cookies and Tracking Technologies

We use cookies and similar technologies (like local storage and pixels) to enhance your experience on our website:

  • Essential Cookies: Required for login, session management, and security.
  • Analytics Cookies: Help us understand visitor behavior and website performance.
  • Marketing Cookies: Used to track conversions and deliver targeted content (only if you have consented to marketing communications).

Most web browsers allow you to control cookies through browser settings. You can delete cookies or set your browser to refuse them, though this may affect website functionality.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account and Transaction Data: Retained for the duration of your account and for 7 years after the final transaction (for tax, accounting, and legal compliance purposes under Australian law).
  • Email and Communications: Marketing emails are retained until you unsubscribe. Transactional records are retained in accordance with transaction data retention periods.
  • Cookies: Session cookies are deleted when you close your browser. Persistent cookies remain for up to 12 months unless cleared earlier.
  • Log Data: Automatically deleted after 90 days unless longer retention is required for security or legal reasons.

If you request account deletion, we will remove your personal information within 30 days, except where we are legally required to retain it.

7. Security of Your Information

We implement technical, administrative, and physical safeguards to protect your personal information against unauthorized access, alteration, and destruction:

  • Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS (HTTPS).
  • Payment Security: Payment processing is handled exclusively by Stripe, a PCI-DSS compliant payment processor. We never store credit card data.
  • Access Controls: Access to personal information is restricted to authorized staff members who need access to perform their roles.
  • Secure Authentication: We use magic link email authentication (rather than passwords) to reduce the risk of compromised credentials.

While we implement comprehensive security measures, no internet transmission is 100% secure. We cannot guarantee absolute security, and you use our services at your own risk. If you believe your account has been compromised, contact us immediately at legal@getvelocitycart.com.

8. Your Privacy Rights Under Australian Law

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights:

8.1 Right of Access

You have the right to request access to the personal information we hold about you. We will provide this information within 30 days of your request, unless a reasonable extension is required.

8.2 Right to Correction

If you believe your personal information is inaccurate, incomplete, or out of date, you can request that we correct it. You can update your account information directly via your account settings, or contact us to request a correction.

8.3 Right to Opt-Out

You can opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at legal@getvelocitycart.com. Opting out does not affect transactional emails essential to your account or subscription.

8.4 Right to Erasure (Account Deletion)

You can request deletion of your account and associated personal information. Upon request, we will delete your personal information within 30 days, except where we are required to retain it by law (e.g., for tax purposes). Transactional records may be retained in anonymized form for compliance.

8.5 Right to Complain

If you believe we have breached your privacy rights, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

9. Contact Us for Privacy Requests

If you have questions about this Privacy Policy, wish to exercise any of your privacy rights, or have a privacy concern, please contact us:

  • Email: legal@getvelocitycart.com
  • Support: support@getvelocitycart.com

We will respond to all privacy requests within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the OAIC.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last updated" date and, where appropriate, by sending you an email notification.

Your continued use of our website and services following the posting of revised Privacy Policy means that you accept and agree to the changes.

For more information about your purchase, delivery, and subscription rights, see our Terms of Service and Refund Policy.