In stark contrast to the legal ass-covering that merchant payment processing requires us to have as official terms and conditions, our privacy policy can be much more easily stated in plain English:
We respect your right to it absolutely. No ifs. No buts.
Given that we've just done all this work to build a device which has preserving privacy as one of its more major use cases, it would be kind of completely missing the point to promise anything less than that …
We do not set cookies in your web browser. We do not use web bugs or external content† in the pages here, or third party analytics to track your movement around our site. We do not submit the admin logs of our servers to any such services for analysis. We do not require you to run random javascript code in your browser for our site to be fully operable. There are a couple of places where we do use a tiny amount of it to do some minor convenience things that we couldn't find a nicer way to do otherwise, like folding the FAQ questions, and providing some extra detail and sanity checking in the forms on the purchasing page, but all of those degrade gracefully if it is disabled, and the few lines of simple scripting are all embedded in the page if you want to see them.
We do need to collect your shipping details and some contact information
in order to send you things you buy, but we will never, ever, sell,
or give, or trade, or share, or willingly disclose that to any other party,
or use it for any other purpose beyond the sole reason that you gave it
to us in the first place. We will not use it to spam you with Fabulous
Offers. We do need to be able to contact you by email if there is some
problem or unexpected delay in shipping your order (like if 10 seconds
before you place it, someone swoops in and buys everything we have in
stock, or if the courier tells us there's a typo in your address and they
can't find you). We may need to keep some of that information for warranty
purposes, at least until your warranty period expires, but ideally we'll
permanently destroy our records of that too at the soonest opportunity
as well. The less information we have that we don't absolutely need,
the less likely it is to be lost to some unsavoury party if undesirable
things do happen. If you explicitly ask us to forget you, we will, but
that may make things more difficult if you should need warranty support
(that said, it's solid state hardware, so if it doesn't fail in the
first week due to some microscopic fault that burn in testing here
didn't show up, then it will probably last forever
– which
is how people get away with offering lifetime
warranties for
things like this).
In short, we'll treat any private information you may have shared with us like it was information about ourselves. With care and discretion.
There's a few open questions here about things we might still be able to find better ways to deal with (like offering a way to send encrypted mail to a general support list that more than one person is responding to), but that's the general principle which any future changes we make will also follow or improve on.
† We do offer some links to external sites that we think might be of interest, but if you don't click them, your browser won't go there or fetch anything from them as a part of it accessing our site.