Privacy Policy

Who this covers

This policy applies to visitors to VintageStride web pages, recipients of optional editorial announcements should we launch them later, and anyone who contacts us through the site’s form. It does not govern third-party platforms that link to us; their policies prevail once you leave our domain unless we embed content with different disclosures (we currently avoid embedded social feeds for privacy simplicity).

Overview

VintageStride (“we”, “us”) operates a reading-focused website about historical women’s footwear. This policy explains what information may be processed when you browse, when you send a message through our contact workflow, and how third-party libraries loaded for technical convenience may interact with your device. We do not publish or require a physical mailing address, telephone number, or similar directory fields on this site.

Categories of data we may process

• Identity & contact fields you type into the form: name, email, free-text message content, and optional topic tags.
• Technical metadata generated by routine browsing: IP address, approximate location derived at regional resolution by some networks, browser type, referring URL, time stamps.
• Operational diagnostics: error reports, performance timings, and security events collected by our host or edge provider when enabled.

We do not intentionally solicit government identifiers, payment cards, or health data through the contact form; please redact such details unless a conservator referral truly requires them.

Purposes & lawful bases (EEA/UK readers)

We process form submissions to respond to editorial correspondence—contract necessity where a reply is expected, and legitimate interests in maintaining accurate institutional memory about object studies. Security logs are processed under legitimate interests to detect abuse. Where consent is required for discretionary marketing (not active today), we will collect affirmative opt-in separately.

Information you provide

If you submit the contact form, we collect the fields you enter—typically a name, email address, subject selection, and message text. We use this information solely to respond and to maintain an internal record of editorial correspondence when appropriate. We do not sell personal data and do not build individual profiles for advertising.

Because the public demo implementation on static hosting does not include a live mail relay, submissions may be handled by your browser only until a backend is configured. When operational infrastructure is introduced, this section will be revised to name processors, regions, and retention schedules with specificity.

Automatically collected technical data

Like most websites, our hosting environment may log basic technical events such as IP address, user agent string, timestamp, and requested URL. Logs help us diagnose abuse and measure stability. Retention periods depend on the hosting provider’s defaults unless we configure shorter rotation.

Cookies and external resources

We load fonts from Google Fonts, styling utilities from the Tailwind CSS Play CDN, and jQuery from the jQuery CDN. Those providers may process technical data consistent with their own policies. You can block third-party requests in your browser or use reader modes that reduce remote calls; the site layout may degrade gracefully.

Retention

Correspondence relevant to corrections or legal inquiries may be retained longer than generic notes—our default target for routine emails is twenty-four months unless a thread remains active. Server logs rotate according to hosting settings, often between seven and ninety days unless we pin logs for incident response. Static demo deployments that never relay form data may retain nothing server-side beyond generic CDN analytics at the edge.

Subprocessors & infrastructure

Depending on deployment, subprocessors may include static file hosts, DNS registrars, edge caching networks, and transactional email providers if we add server-side delivery. Font delivery and script CDNs are listed in the Cookies section; they can observe IP addresses and User-Agent strings even when we never see that data directly in dashboards.

International transfers

Readers may access servers located outside their country of residence. Where EU/UK law applies and transfers to jurisdictions without adequacy decisions occur, we rely on appropriate safeguards such as Standard Contractual Clauses when offered by vendors, or we configure EU-only regions when feasible and proportionate for a small editorial site.

Security

We keep software dependencies patched within practical windows, restrict administrative interfaces, enforce TLS in transit on production domains, and encourage unique strong passwords for any CMS or inbox tied to the project. No online system is perfectly secure; report suspected compromises promptly to happyendingin2026@gmail.com with “security” in the subject line, or via the contact form.

Legal bases and regional rights

Where regulations such as the GDPR or UK GDPR apply, we rely on legitimate interests to operate and secure the site, and on consent where required for non-essential technologies we may add in the future. Depending on your jurisdiction, you may have rights to access, rectify, delete, or restrict certain processing, and to object to processing grounded in legitimate interests. Contact us at happyendingin2026@gmail.com or through the site form to exercise rights; we may need to verify your identity before fulfilling sensitive requests.

California residents may have rights to know, delete, and opt out of certain sales/sharing under California law. VintageStride does not sell personal information for money today; if we change practices, we will provide a clear notice and any legally required links. You may designate an authorized agent where permitted, subject to verification.

Children

The content is intended for a general adult audience interested in material culture. We do not knowingly solicit information from children. If you believe a minor has submitted personal data in error, write to happyendingin2026@gmail.com so we can delete it.

How to reach us

For privacy questions, data subject requests, and correction of personal data we may hold, write to happyendingin2026@gmail.com or use the contact form. Please allow time for identity verification on sensitive requests.