100% authentic · ships within 24 hours
Snowpoint Collectibles
Snowpoint
Collectibles
Legal

Privacy Policy

Last updated: April 2026 · Effective for all customers in Australia, Malaysia, and worldwide.

1. Who we are

Snowpoint Collectibles("Snowpoint", "we", "us") operates the website at snowpoint.shop. We're reachable at admin@snowpointcollectibles.com with HQs in Sydney, Australia and Kuala Lumpur, Malaysia.

2. What we collect

  • Account information: name, email, password (hashed with scrypt — we never see your plaintext password), phone (optional), and your default shipping address if you save one.
  • Order data: items purchased, shipping address, billing details, payment method (handled by Stripe / PayPal / Square — we never store full card numbers), order history.
  • Cookies: a session cookie to keep you logged in, a cart cookie, and a currency preference cookie. We do not use third-party tracking pixels.
  • Marketing preferences: your opt-in status for new-drop alerts.

3. How we use it

  • To process and ship your orders.
  • To send transactional email (order confirmations, shipping updates).
  • To send marketing email (only if you opted in — and you can opt out any time from your account).
  • To detect fraud and protect the store.
  • To meet our legal obligations under AU + MY consumer law.

4. Who we share it with

We share your data only with vendors required to fulfill your order:

  • Payment processors: Stripe, PayPal, Square (PCI-DSS compliant).
  • Shipping carriers: Australia Post (we may engage additional carriers as service areas expand).
  • Email provider: Resend (for transactional + marketing email).
  • Hosting: Supabase (database + storage).

We never sell your data. We do not share for advertising purposes.

5. Your rights

Under the Australian Privacy Act 1988 and the Malaysian PDPA 2010, you can:

  • Request a copy of all data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your account (within 30 days).
  • Withdraw marketing consent at any time.
  • Lodge a complaint with the OAIC (AU) or PDP (MY).

To exercise any of these rights, email admin@snowpointcollectibles.com from the email associated with your account.

6. Data retention

Order records are kept for 7 years to satisfy AU + MY tax law. Account data is kept while your account is active and deleted on request. Marketing list opt-outs are honored within 24 hours.

7. Security

All traffic is HTTPS-encrypted. Passwords are hashed with scrypt (Node built-in, memory-hard). Payment card data never touches our servers — it goes directly from your browser to Stripe / PayPal / Square. We follow OWASP best practices.

8. Changes to this policy

We'll email account holders if we make a material change. The "Last updated" date at the top reflects the most recent revision.

Terms of Service →Refund Policy →