GDPR and Privacy Policy

An unusual newsletter but an important one to read.

You may have heard about GDPR (General Data Protection Regulation) that took effect on Mary 25, 2018. The GDPR provides individuals in the EU more control on how their data is used and places specific requirements on businesses to comply including US companies that conduct business in their countries. Stitch and Frog already has a privacy policy but felt important to enhance what is needed in light of this new regulation. Even if you do not live in the EU, we recommend you read and understand our policy in this regard.

Since we began Stitch and Frog over 8 years ago, we have never stored separately or online your financial information - in fact, we never see it. When you provide us a credit card during the checkout process, the transaction is immediately transmitted to the banks involved for reconciliation. We only see the last four digits to use in case a refund is required. As for Paypal, the information is transmitted to Paypal as with other transactions are handled when you use Paypal.

We do maintain your billing and shipping addresses, email and phone numbers (when provided) along with your order history. We use this information to manage your order as well as your requests to join our newsletter. Please note that you always receive an email from us with a link ensuring that we have your permission to send you the emails. If someone uses your email to request an account or a newsletter, you receive such notices and if you did not do such a request, simply do not click on the link and nothing occurs as we do not have your permission.

To our knowledge, we do not process any requests for anyone under the age of 18 years old.

Your information is never shared with anyone outside Stitch and Frog unless you request it such as reaching out to a designer for questions.

You will now see a 'cookies used' notice when you log on our website. We need you review, approve and then you can hide it. Whether you approve or not, we are notifying you and assume your consent as your browse the website and placed orders. We use cookies to gather such generic data as what pages were viewed, from what regions, time spent on the website, what promotions are of most interest and may include your IP address. This is not personalized data but rather gathered as collective data on how we can improve. In other words, it is non-personal data specifically about you. We also utilize Google Analytics in this regard.

The only time we may have to disclose personal data is through a court order or subpoena; cooperate with law enforcement; defend legal claims, fraud investigations conducted by banks or Paypal or otherwise requred by law. While this is highly unlikely with stitching supplies, we want you to understand these exceptions.

We pride ourselves on a very secure website as well as using a valid, well known and capable service provider. Your information is hosted on their servers and they manage security there and we manage security from our website. While the internet has inherent security risks, you should always protect and take care of your own data with strong passwords and changed frequently whether through your own emails, credit or banking information or even with Stitch and Frog. 

Even if you are not a resident of the EU, this is a great opportunity to update your Stitch and Frog account so we have accurate information for our member communications. You log in Stitch and Frog using your password and under your account you will see an edit tab to do so.

Your user account page can be used to edit your account, change newsletter subscriptions, and wish list items.

We do have published terms and conditions for your review and I always encourage you to review them and if any questions, send me an email to

We may update this policy from time to time as needed and we remain committed to protecting your data as if it were our own.