Who we are
Above the Hook is a coastal media brand and small e-commerce shop based in Highlands, New Jersey, USA. This policy explains what information we collect from visitors and customers of abovethehook.com and the related subdomains we operate (the Harbor Observatory, the blog, the magazine), how we use it, and the choices you have. Questions: shop@abovethehook.com.
What we collect
Information you give us
- Order details — name, shipping address, email, items purchased — when you place an order.
- Payment details — card and billing information are entered directly into Stripe Checkout. We never see or store your full card number; we only receive a charge confirmation, the last four digits, and the brand of the card.
- Email address — when you subscribe to the dispatch or contact us directly.
Information we collect automatically
- Basic request data — IP address, user agent, referrer, timestamps. Used for security, fraud prevention, and aggregate traffic analytics.
- Cart state — held in your browser's localStorage. We do not read it on our servers until checkout.
How we use it
- Fulfilling your order and routing it to our print and shipping partner.
- Sending order confirmation, shipping updates, and customer-service replies.
- Responding to questions and (if you subscribed) sending the ATH dispatch.
- Detecting and preventing fraud and abuse.
- Improving the site — what's loading, what's breaking, what people are looking at.
We do not sell your personal information, and we do not run third-party advertising trackers.
Who we share it with
We share the minimum information needed with the vendors that actually run the shop:
- Stripe — payment processing. stripe.com/privacy
- Printful — printing and shipping fulfillment. printful.com/policies/privacy
- Cloudflare — site delivery, DDoS protection, basic analytics.
- Resend — transactional email (order confirmations, shipping notices).
- Netlify — static hosting for parts of the site.
We may also disclose information when required by law, to protect rights, or in connection with a business transfer.
Cookies and tracking
We use a small number of strictly necessary cookies and localStorage entries to keep your cart and checkout session working. We do not use advertising cookies. Cloudflare may set a session cookie for security. You can disable cookies in your browser, though parts of the shop won't function without them.
Your choices
- Access, correction, deletion. Email shop@abovethehook.com with the address used to place your order, and we'll provide, correct, or delete your information (subject to records we're legally required to keep, like tax records).
- Unsubscribe. Every dispatch email has a one-click unsubscribe.
- California, EU/UK residents. You have additional rights under CCPA/CPRA and GDPR including the right to know, delete, correct, and opt out of any sale or sharing (we do not sell or share). Contact us using the address above to exercise these rights.
Data retention
We keep order records for as long as needed to support the customer relationship and to meet tax and accounting obligations (typically seven years for financial records). Marketing email addresses are retained until you unsubscribe.
Security
Payment data is handled directly by Stripe under PCI DSS. The site runs on TLS. Internal admin endpoints are protected by bearer tokens. No system is perfectly secure — if we learn of a breach affecting your information, we will notify you as required by law.
Children
The shop is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe we have, please contact us and we'll delete it.
Changes
If we update this policy in a meaningful way, we'll change the effective date above and, where appropriate, notify subscribers. Material changes apply going forward.
Contact
Above the Hook
Highlands, New Jersey, USA
shop@abovethehook.com