Privacy Policy
Souls with Soles ("SWS," "we," "us," or "our") is a footwear house based in Chicago, Illinois. This Privacy Policy explains what personal data we collect when you browse our store, create an account, place a custom or heritage order, sign up for our newsletter, or contact us about a group fundraiser — and how we use, share, retain, and protect that data. We've written it in plain English and kept it specific to how our store actually works. Last updated: June 2026.
1. Who We Are and What This Policy Covers
Souls with Soles is a direct-to-consumer footwear brand that sells heritage sneakers and a made-to-order custom 'Soulless' line, runs a resole program, and supports churches, schools, and nonprofits through group fundraiser orders.
This Privacy Policy covers personal data we collect through our website, your customer account, the checkout and order process, our customization and resole services, our newsletter, and direct communications such as fundraiser inquiries. By using our store, you agree to the practices described here.
For privacy purposes, SWS is the controller of the personal data described below. If you have any questions, you can reach us at support@soulswithsoles.com.
2. Personal Data We Collect
We only collect data we need to run the store and serve you. Depending on how you use SWS, that may include:
- Account data: the email address you register with and a securely hashed version of your password (we never store your password in plain text). If you turn on two-factor authentication (2FA), we store the information needed to verify your second factor.
- Identity and contact details: your name, shipping and billing address, and contact email used for orders and delivery.
- Order history: the products you've purchased, sizes, prices, order status, resole requests, and related records tied to your account.
- Customization details: choices you make on custom or personalized pairs, including optional embroidered initials (up to 3 letters) and any optional heritage mark you select.
- Fundraiser inquiries: information you share when you ask about group orders or our 10% match for a church, school, or nonprofit — such as the organization's name and your contact details.
- Newsletter sign-ups: the email address you provide to receive marketing emails, and your subscription status.
- Payment information: card payments are handled by our third-party payment processor. We receive limited confirmation and transaction details (such as the result of a charge and the last digits of a card) but we do not store full card numbers on our systems.
- Cookies and log data: technical information collected automatically when you visit, including IP address, browser and device type, pages viewed, referring pages, and timestamps.
3. How We Use Your Data
We use the data above for the following purposes:
- To fulfil your orders: process payments, build made-to-order and personalized pairs (typically a 4–6 week build), arrange shipping, handle resole requests, and send order and delivery updates.
- To operate your account: let you sign in, view order history, manage saved details, enable optional 2FA, and reset your password by email.
- To communicate with you: respond to support questions, reply to fundraiser inquiries, and — if you've opted in — send newsletters and marketing emails. You can unsubscribe at any time.
- To prevent fraud and abuse: verify orders, detect suspicious activity, enforce our banned-initials policy (we reserve the right to refuse customizations containing profanity, slurs, or hate), and protect our customers and store.
- To improve the store: understand how the site is used, fix problems, and make our products and experience better.
- To meet legal and accounting obligations: keep records required by law and handle disputes or chargebacks.
4. Legal Bases for Processing
Where required by law (for example, under the EU/UK GDPR), we rely on the following legal bases: performance of a contract (to fulfil your orders and provide your account); your consent (for newsletter marketing and non-essential cookies, which you can withdraw at any time); our legitimate interests (to secure the store, prevent fraud, and improve our services in a way that doesn't override your rights); and compliance with legal obligations (such as tax and accounting requirements).
5. Third Parties and Service Providers
We do not sell your personal data, and we don't rent or trade it for marketing purposes. We share data only with trusted service providers who help us run the store, and only as needed to perform their service. These include:
- Email provider: we use a third-party email service (Resend) to send transactional emails (such as order confirmations and password resets) and newsletters you've opted into.
- Database host: your account and order data is stored in a managed Postgres database hosted by our infrastructure provider.
- Payment processor: card payments are processed by a third-party payment processor (such as Stripe), which handles your card details under its own security standards and privacy terms.
- Shipping carriers: we share the name and address needed to deliver your order to the carriers that ship and, where applicable, return your shoes.
6. Cookies and Similar Technologies
We use cookies and similar technologies to keep the site working and to understand how it's used. Essential cookies are required for core features like signing in, keeping items in your cart, and securing your session. Analytics and preference cookies help us measure traffic and remember your choices.
You can control or delete cookies through your browser settings, and where required we'll ask for your consent to non-essential cookies. Blocking essential cookies may break parts of the store, such as checkout or account login.
7. Data Retention
We keep personal data only as long as we need it for the purposes described in this policy. Account data is retained while your account is active and for a reasonable period afterward, or until you ask us to delete it. Order and transaction records — including customization and resole history — are kept as long as needed to support warranties, our 'resoled for life' commitment, and our legal, tax, and accounting obligations.
Newsletter data is kept until you unsubscribe. Fundraiser inquiry details are kept for as long as needed to evaluate and administer the group order and match. When data is no longer needed, we delete or anonymize it.
8. How We Protect Your Data
We use industry-standard safeguards to protect your data. Passwords are stored only as secure one-way hashes, never in plain text. We support optional two-factor authentication (2FA) on your account for an extra layer of login security. Data transmitted between your device and our store is encrypted in transit using TLS, and access to our systems is restricted to authorized personnel and service providers.
No method of transmission or storage is completely secure, so we can't guarantee absolute security. We encourage you to use a strong, unique password and to enable 2FA on your account.
9. Your Privacy Rights (GDPR & CCPA)
Depending on where you live, you may have some or all of the following rights over your personal data:
- Access: request a copy of the personal data we hold about you.
- Correction: ask us to fix data that's inaccurate or incomplete (you can also update most account details yourself).
- Deletion: ask us to delete your data, subject to records we must keep by law.
- Opt-out: unsubscribe from marketing emails at any time using the link in any newsletter, and manage cookie preferences in your browser.
- Portability and restriction: where applicable, request your data in a portable format or ask us to restrict certain processing.
- EEA/UK (GDPR): you also have the right to withdraw consent and to lodge a complaint with your local data protection authority.
- California (CCPA/CPRA): you have the right to know what personal information we collect and how it's used, to request access and deletion, and to opt out of the 'sale' or 'sharing' of personal information — we do not sell your data, and we won't discriminate against you for exercising these rights.
10. Children's Privacy
Our store is intended for adults and is not directed to children. We do not knowingly collect personal data from children under 13 (or under 16 where a higher age applies). If you believe a child has provided us personal data, please contact us at support@soulswithsoles.com and we'll delete it.
11. International Data Transfers & Changes to This Policy
We are based in the United States, and our service providers may process data in the U.S. or other countries. If you access SWS from outside the U.S., your data may be transferred to and processed in a country with different data protection laws. Where required, we use appropriate safeguards — such as standard contractual clauses — to protect your data when it is transferred internationally.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or the law. When we make material changes, we'll update the 'Last updated' date below and, where appropriate, notify you by email or through the store. Your continued use of SWS after an update means you accept the revised policy.
12. Contact Us
If you have questions about this Privacy Policy or how we handle your data, or you'd like to exercise your privacy rights, contact us at support@soulswithsoles.com. We may need to verify your identity before acting on a request, and we'll respond within the timeframe required by applicable law.
Souls with Soles is based in Chicago, Illinois, USA. This Privacy Policy is governed by the laws of the State of Illinois, USA.
Last updated: June 2026.