Effective date: June 5, 2026
What we collect, why, who sees it, and the choices you have — in plain language. The short version: we collect only what we need to run the marketplace, we run zero ad trackers, and we never sell your information.
Frost Shop Marketplace is a community marketplace. We treat your information with care and respect. This Privacy Policy explains what we collect, why we collect it, who may see it, and the choices you have.
We aim to explain our practices clearly and without unnecessary legal jargon.
In plain English: we collect what we need to run the marketplace, support vendors, process bookings, meet our obligations, and keep the platform safe.
This Privacy Policy applies to frostshopmarketplace.com, the vendor portal, vendor directory, booking tools, public marketplace pages, and related Frost Shop Marketplace services (the "Services").
The Services are operated by Ignite Space, Inc., a California corporation, doing business as Frost Shop Marketplace. Frost Shop Marketplace operates as a nonprofit program under the fiscal sponsorship of the Collaborative Arts and Culture Foundation ("CACF"), which supports certain donation, sponsorship, grant, accounting, reporting, and fiscal oversight functions where applicable.
The software platform is owned, operated, and maintained by Kenwood Solutions Group, LLC ("KSG") and licensed to us; KSG processes information only to operate, maintain, secure, and support the platform.
In plain English: Ignite Space, Inc. runs the marketplace; CACF is our nonprofit fiscal sponsor where applicable; KSG built, owns, and maintains the software.
We collect information in the following categories:
Account and Contact Information. This may include your name, business name, email address, phone number, mailing address, login credentials, and account preferences.
Vendor Compliance Information. For vendors, we may collect the license, permit, insurance, and compliance information required for your vendor category. This may include seller's permit numbers, Mobile Food Facility ("MFF") permits, Cottage Food Operation ("CFO") registrations, California Department of Food and Agriculture ("CDFA") information, Alcoholic Beverage Control ("ABC") license information, insurance certificates, booth details, sanitation details, health and safety acknowledgments, and your signed Vendor Agreement.
Vendors should not upload Social Security numbers, bank account numbers, medical information, or other unnecessary sensitive information unless we specifically request it.
Booking and Payment Information. We collect information about what you booked, reserved, purchased, donated, sponsored, or paid for through the Services. Payment card information is processed by Stripe or another payment processor. We do not see or store your full credit or debit card number.
Donation and Sponsorship Information. Where applicable, we may collect donor or sponsor name, contact information, contribution records, receipt information, sponsorship details, and related financial or fiscal-sponsorship reporting information.
Public Profile and Promotional Content. This may include your vendor name, logo, photos, menu, product descriptions, story, biography, social media handles, website links, promotional copy, and other content you choose to provide.
Communications. We may collect messages, emails, support requests, forms, applications, survey responses, and other communications you send to us.
Usage, Device, and Security Information. We may collect basic technical information needed to operate and protect the Services, such as IP address, browser type, device type, timestamps, authentication logs, session cookies, error logs, and security events. We may also use simple, privacy-preserving counters, such as how many times a public vendor profile was viewed. We count views; we do not use those counters to identify or track individual viewers.
In plain English: we collect contact information, vendor permit information, booking/payment records, content you choose to publish, communications you send us, and basic technical data needed to run the site securely.
We do not sell your personal information.
We do not share your personal information with data brokers.
We do not currently use advertising networks or third-party advertising trackers on the Services.
We do not disclose personal information to third parties for their own direct marketing purposes without your consent.
If our practices materially change, we will update this Privacy Policy before applying those changes.
In plain English: you are not our product.
We use information to: create and manage accounts; process vendor applications, onboarding, approvals, and compliance records; process bookings, reservations, payments, donations, sponsorships, and receipts; manage booth assignments, site maps, scheduling, reminders, and marketplace logistics; publish vendor directory information and public marketplace pages; promote vendors, but only using content provided or approved for that purpose; send marketplace updates, administrative notices, confirmations, and reminders; respond to questions, support requests, and disputes; administer CACF-related donation, sponsorship, grant, accounting, or reporting obligations where applicable; maintain insurance, tax, accounting, audit, permit, and legal records; prevent fraud, misuse, unauthorized access, or security incidents; enforce our Terms of Service, Vendor Agreement, and other applicable agreements; protect the rights, safety, and property of Frost Shop Marketplace, Ignite Space, Inc., KSG, CACF, vendors, visitors, staff, volunteers, and the community; and comply with legal, regulatory, tax, accounting, permit, insurance, and law-enforcement obligations.
Public Display. If you are approved as a vendor, basic public listing information such as your business name, vendor category, market dates, and booth or location information may be displayed publicly as part of operating the marketplace. Optional promotional content, such as your story, photos, logo, menu, product descriptions, social links, or marketing copy, will be displayed only if you provide or approve that content for public use.
In plain English: we use information to run the marketplace, support vendors, meet compliance obligations, and promote your business when you choose to participate in promotion.
We may share information with the following categories of recipients:
Service Providers. We may share information with service providers that help us operate the Services, including hosting and database providers, payment processors, e-signature providers, email delivery services, analytics or security tools, technical support providers, and other operational vendors. Current or anticipated service providers may include Supabase, Stripe, DocuSign, email delivery providers, and related technical infrastructure vendors. We require service providers to use personal information only to provide services to us, maintain security, comply with law, or as otherwise permitted by their service terms and applicable law.
Kenwood Solutions Group, LLC. KSG owns and operates the software platform under license to Frost Shop Marketplace. KSG personnel and systems may access information as needed to operate, maintain, secure, support, improve, and administer the Services. KSG does not sell Frost Shop Marketplace personal information or use it for unrelated third-party marketing.
CACF. Where applicable, we may share information with the Collaborative Arts and Culture Foundation ("CACF") for donation processing, sponsorship administration, grant support, fiscal sponsorship, accounting, audit, financial oversight, and reporting purposes.
Government Agencies and Regulators. We may share vendor permit, license, insurance, compliance, booking, tax, or event information with government agencies or regulators where required or permitted by law, permit conditions, marketplace organizer obligations, or lawful requests.
Legal, Safety, and Enforcement Purposes. We may share information where necessary to comply with law, respond to lawful requests, enforce our agreements, prevent fraud or misuse, protect safety, defend legal claims, or protect the rights and property of Frost Shop Marketplace, Ignite Space, Inc., KSG, CACF, vendors, visitors, staff, volunteers, or the community.
With Your Direction or Consent. We may share information when you ask us to do so, such as connecting you with a sponsor, partner, media contact, agency, collaborator, or other vendor.
In plain English: we share information with the companies that make the site work, the staff who operate the marketplace, KSG as the platform operator, CACF when needed for fiscal sponsorship purposes, government agencies when required, and others only when legally necessary or when you direct us to.
We use essential cookies and similar technologies needed to keep you signed in, protect accounts, maintain sessions, and secure the Services.
We do not currently use advertising cookies, cross-site tracking cookies, or third-party advertising trackers.
Because we do not use advertising or cross-site tracking cookies, there is currently nothing for a browser "Do Not Track" signal to turn off. We honor the spirit of Do Not Track by not using those tracking practices in the first place.
If we later add analytics, embedded media, maps, marketing tools, or other features that use non-essential cookies or similar technologies, we will update this Privacy Policy and provide any legally required choices.
You can view and update much of your account information by signing in.
You can unsubscribe from non-essential marketing or promotional emails using the unsubscribe link in those emails or by contacting us.
You may request access to, correction of, export of, or deletion of personal information we maintain about you by contacting us at the address below.
We will verify your identity before fulfilling privacy requests. We aim to respond within 30 days, where reasonably possible.
Some privacy laws may not apply to us because of our size, structure, fiscal-sponsorship relationships, or operational model. Even where not legally required, we voluntarily provide reasonable access, correction, export, and deletion options as described in this policy.
We may deny, limit, or delay requests where permitted by law, including where information must be retained for tax, accounting, audit, insurance, legal, security, dispute-resolution, fiscal-sponsorship, vendor compliance, marketplace administration, or contractual purposes.
In plain English: you can ask to see, fix, export, or delete your information. We will help where we reasonably can, but some records must be kept for legal, accounting, compliance, or operational reasons.
We keep personal information for as long as needed to provide the Services, maintain accounts, operate the marketplace, support vendors, manage bookings, comply with tax/accounting/audit/fiscal-sponsorship obligations, satisfy permit and insurance requirements, resolve disputes, enforce agreements, and protect security.
Vendor agreements, booking records, payment records, tax records, permit records, insurance certificates, fiscal sponsorship records, donation/sponsorship records, and compliance documentation may be retained after an account closes where needed for legal, accounting, insurance, audit, dispute-resolution, or marketplace administration purposes.
When information is no longer needed, we delete, de-identify, or archive it according to our retention practices and legal obligations.
Public content you have approved for display may remain visible until removed, and may persist for a limited time in backups, cached pages, archived materials, or previously distributed promotional materials.
We use reasonable administrative, technical, and organizational safeguards designed to protect personal information.
These safeguards may include encryption in transit, role-based access controls, database-level access restrictions, secure authentication, staff access limits, service-provider controls, and monitoring for unauthorized access or misuse.
Payment card information is processed by Stripe or another payment processor and is not stored by us.
No system is perfectly secure. If we determine that a security incident requires notice under applicable law, we will notify affected individuals and regulators as required.
Accounts are intended for adults age 18 or older.
The website may be browsed by families and community members, but we do not knowingly collect personal information from children under 13.
If you believe a child has submitted personal information to us, contact us and we will take reasonable steps to delete it.
Vendors must be at least 18 years old or participate through a parent, guardian, school, nonprofit, or approved adult sponsor responsible for the account and vendor obligations.
The Services may link to third-party websites, vendor websites, social media pages, maps, payment processors, partner pages, embedded content, or other external services.
We are not responsible for the privacy practices, content, security, or policies of third parties. Their own privacy policies and terms apply.
The Services are intended for users in the United States.
If you access the Services from outside the United States, you understand that your information may be processed in the United States, where privacy laws may differ from those in your location.
We may update this Privacy Policy from time to time.
If we make material changes, we will update the effective date above and provide notice where appropriate, such as by email, account notice, or website notice.
We will not apply material changes retroactively without appropriate notice or consent where required.
In plain English: if we make important changes, we will tell account holders and update the date.
Privacy questions or requests may be sent to: Frost Shop Marketplace, 5087 Highway 140, Mariposa, CA 95338. Email: info@frostshopmarketplace.com · Phone: (209) 200-4140.
Please include "Privacy Request" in the subject line so we can route your request properly.
In plain English: email us with "Privacy Request" in the subject and we'll take care of you.