online
[]--:--:--utc
tier.fo

// legal

Privacy

last updated April 2026

// tl;dr

We collect almost nothing. There are no accounts, no emails, no tracking cookies, and no third-party analytics. The only thing tying you to your order is a 256-bit token we generate randomly and never see again after you receive it.

1. What we don't collect

  • No customer accounts. No email, name, postal address, phone.
  • No third-party analytics (no Google Analytics, no Plausible, no Hotjar, no Posthog).
  • No advertising or social-media tracking pixels.
  • No third-party fonts loaded from the network at runtime.
  • No KYC documents required at any stage.

2. What we do collect, and why

2.1 Order data

For each order we store, in our own database:

  • The cart line items (product name, quantity, unit price at time of purchase).
  • The total in USD and the locked LTC/USD rate at issue time.
  • The destination Litecoin address derived for that order.
  • The exact amount of LTC expected.
  • A SHA-256 hash (with a server-side pepper) of the 256-bit invoice token. The raw token is shown to you exactly once; we never store the raw value, so we cannot reconstruct your invoice link if you lose it.
  • The on-chain transaction hash once the payment lands.
  • Status timestamps (created, paid, delivered, expired).

The credentials themselves are stored encrypted at rest with AES-256-GCM until you collect them. Once delivered they are also decryptable with the same key — we do not delete them on collection because customers occasionally lose their browser tab before saving the values.

2.2 Operational data

  • Server access logs are retained for 7 days for abuse prevention, then deleted. Logs include the request path, response code, a truncated user-agent, and an IP hash(we hash with a rotating salt so the hashes can't be cross-referenced across days).
  • Captcha proof-of-work tokens are processed in memory and not persisted.
  • Anti-brute-force counters keep an IP hash and a failure count for at most 30 minutes.

3. Cookies

We use one cookie, and only on the admin panel:

  • acc_admin_session — httpOnly, SameSite=Strict, path=/admin, lifetime 8 hours. It carries the signed admin session token and nothing else. There are no analytics, advertising, or social cookies anywhere on the site.

4. Third parties

We rely on a small number of third-party services to operate:

  • CoinGecko — public price API for the LTC/USD rate. The request originates from our server, not your browser.
  • litecoinspace.org (or our own electrs node, if self-hosted) — block explorer used by our payment gateway to confirm incoming transactions. Again, server-to-server only.
  • A hosting provider for the shop and a separate hosting provider for the payment gateway. They see the encrypted disk, network traffic, and process metadata for our infrastructure.

None of these parties receive customer-identifying information from us, because we don't hold any.

5. Your rights

Under GDPR-style frameworks you have the right to access, rectification, erasure, restriction, portability, and objection. Practically, the only personal-ish data we hold is your order record and its on-chain payment trail. If you can prove the link between yourself and a specific invoice token (e.g. by signing a message from the source address that paid for it), we will:

  • Confirm what we hold for that order.
  • Delete the cart line items and credential blob on request.
  • Cannot delete the on-chain transaction (it's public, immutable, and not under our control).

6. Changes

Material changes to this policy are reflected in the “Last updated” date at the top. We do not have an email list to notify, so check back here when in doubt.