HustleBazarBack to home

Privacy Policy

Last updated: April 26, 2026

At HustleBazar, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and share your data when you use our platform, whether as a store owner (merchant) or as a customer shopping on a HustleBazar-powered store.

By using HustleBazar, you agree to the practices described in this policy. If you do not agree, please discontinue use of our services.

Explicit consent at signup. Before your store is created, you are required to confirm that you have read and accept this Privacy Policy by checking the consent box on the final step of signup. Your store will not be created without that confirmation.

1. Information We Collect

Account Information

When you create a HustleBazar account, we collect your name, email address, and password. If you sign up using Google OAuth, we receive your name, email, and profile picture from Google. We do not store your Google password.

Store Information

If you are a merchant, we collect your store name, subdomain preferences, custom domain settings, branding details (logo, colors, fonts), and business information you provide during onboarding.

Payment Information

Payment processing is handled entirely by Stripe, our PCI DSS Level 1 certified payment partner. We do not store your full credit card number, CVV, or bank account details on our servers. We only store a reference to your Stripe Customer ID for subscription management.

Order Information

When you place an order on a HustleBazar-powered store, we collect your name, email, phone number, shipping address, and billing address. This information is stored in the merchant's isolated database and is used solely to fulfill your order.

Usage Data

We automatically collect technical information such as your IP address, browser type, device information, and pages visited. This data helps us improve our platform and ensure security.

2. How We Use Your Information

  • To create and manage your account
  • To process orders, payments, and subscriptions
  • To send transactional emails (order confirmations, shipping updates, password resets, OTP verification)
  • To provide customer support
  • To detect and prevent fraud and unauthorized access
  • To improve our platform, features, and user experience
  • To comply with legal obligations

3. Data Storage & Security

Each merchant's store data is stored in an isolated database — meaning your store's products, orders, and customer data are completely separate from other stores on the platform.

We use industry-standard security measures including:

  • SSL/TLS encryption for all data in transit
  • Bcrypt password hashing (never stored in plain text)
  • JWT-based authentication with short-lived access tokens
  • Server-side firewall protection (UFW + fail2ban)
  • SSH key-only access to servers (no password authentication)

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We may share data only with:

  • Stripe — for payment processing and subscription billing
  • Hostinger — for transactional email delivery (SMTP)
  • ImageKit — for image storage and CDN delivery
  • Neon — for database hosting (encrypted at rest)
  • Law enforcement — if required by law or court order

5. Cookies

We use essential cookies for authentication (JWT refresh tokens stored as httpOnly secure cookies). We do not use advertising or tracking cookies. No third-party analytics cookies are placed without your consent.

6. Your Rights

You have the right to:

  • Access your personal data by visiting your profile settings
  • Update your name, email, phone, and password at any time
  • Delete your store and account from the settings page (data preserved for 30 days, then permanently deleted)
  • Export your data by contacting our support team
  • Withdraw consent by deactivating your account

7. Data Retention

We retain your data for as long as your account is active. If you delete your store, your data is preserved for 30 days (in case you change your mind), after which it is permanently and irreversibly deleted from our servers, including the database, Stripe records, and any associated files.

8. Children's Privacy

HustleBazar is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our platform constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact us at:

Privacy PolicyTerms & ConditionsReturn & Refund PolicyShipping Policy