Privacy Policy

When you use our site and create an account or place an order, we collect the following information:

• Email address (Stripe checkout receipt + support contact)
• Roblox username you enter at checkout (so the bot knows where to deliver)
• Approximate IP-based location at checkout time — city, region, country only — used for fraud heuristics and the live-buyers ticker
• Order history: items, prices, delivery status, timestamps
• Reviews you submit, tied to the order they were placed against

We may also collect data through cookies and analytics tools (see section 4).

growagarden.com accepts payments through:

• Stripe for USD transactions (credit/debit cards, CashApp, PayPal where Stripe supports them in your region)
• Cryptocurrency (BTC, ETH, USDT and similar) — see the Cryptocurrency Disclaimer in our Terms of Service

We do not store any payment information on our servers. All payment processing is handled securely by Stripe; we receive only the high-level metadata we need to reconcile your order.

We use your data to:

• Manage your account
• Process and deliver your purchases
• Monitor and improve the performance of our services
• Prevent fraud and ensure security
• Comply with legal obligations

We use Google Analytics to collect anonymized data on how users interact with the site, such as pages visited, time spent on the site, and geographic region.

Cookies may be used to:

• Keep users logged in
• Store preferences
• Support performance tracking

You may disable cookies through your browser settings, though some features of the site may not function properly.

We do not sell or rent your personal information. We only share data with the partners we need to operate:

• Stripe — payment processing (and any crypto processor we use, where applicable)
• Vercel — site hosting + privacy-respecting edge analytics; IP-derived city/region is provided to us via Vercel’s edge headers and used only at order creation
• Supabase — database hosting; your order, review, and account data are stored there encrypted at rest
• Roblox — we look up the username you provide at checkout to confirm it exists; we do not log into your Roblox account
• Google Analytics, where enabled, for anonymized website traffic and usage analysis

growagarden.com is open to users of all ages. However, we recommend parental supervision for users under the age of 13. We do not knowingly collect personal information from children under 13 without parental consent. If we discover such data, we will take prompt action to delete it.

You are responsible for maintaining the confidentiality of your account credentials. Please do not share your login details with others. If you suspect your account has been compromised, contact us immediately.

We take security seriously. We use:

• HTTPS encryption for all data in transit
• Rate limiting, signed cookies, and webhook signature verification to prevent abuse
• Hosting on Supabase (database, encrypted at rest) and Vercel (edge serverless), both with strong security practices
• Verified-buyer reviews — public reviews are only accepted from customers whose orders were marked delivered, and the username on a review is server-pinned to the order’s delivery name (no spoofing)

However, no system is 100% secure. We cannot guarantee absolute security of your data.

We currently do not offer data deletion or account removal. Your data will be retained indefinitely unless otherwise required by law.

If you have any privacy concerns, please contact us using the details in section 15.

If you are accessing our services from the European Economic Area (EEA), please note that your information will be transferred to, stored, and processed in the United States. By using our services, you consent to this transfer and processing.

We currently do not offer full GDPR controls (e.g., data deletion, data portability), but we are happy to answer any questions you have.

In the event of a data breach that compromises your personal information, we will notify affected users via email or through an announcement on our site, in accordance with applicable laws.

We may disclose your personal information if required to do so by law or in response to valid legal requests (e.g., subpoenas, court orders), or if we believe such action is necessary to:

• Comply with legal obligations
• Protect the rights, safety, or property of growagarden.com, its users, or the public
• Investigate fraud or security issues

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date at the top of the policy. Continued use of the site means you accept the updated terms.

By using growagarden.com, you consent to this Privacy Policy and the collection, use, and sharing of your information as described herein.

We show a small floating notification (the “live buyers” card) cycling through recent purchases. The card shows: “Someone from {city} just bought {item}” plus the item image, price, and a relative timestamp. It does NOT show your Roblox username, email, exact location, or any other personally identifying field — usernames are never exposed in the ticker. If you’d like your future purchases excluded from this surface, email us (see contact below).

If you have any questions or concerns regarding this Privacy Policy, please contact us through:

• Email: info@growagarden.com
• Onsite chat at https://growagarden.com
• Discord support channel (link in storefront nav)