Flipper47 LogoFlipper47
Privacy Policy

Last Updated: July 27, 2025

This Privacy Policy explains how Flipper47 (“Flipper47,” “we,” “us,” or “our”) collects, uses, and shares information about you when you use our website and web application / PWA at flipper47.com (the “Service”).

By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1) Who we are & how to contact us

Data controller: Flipper47

Email: support@flipper47.com

If you’re in the EEA/UK: we’re the controller of your personal data. Contact us by email for any privacy requests.

2) Information we collect

a) Information you provide

  • Account & sign-in data: email address; basic profile info from your identity provider (e.g., Google OAuth) such as name, avatar URL, and email verification status.
  • Item data (“User Content”): photos you upload, titles/descriptions, categories, and any hints you provide to improve results.
  • Support messages: feedback/complaints you send us (email address, message content, timestamps).
  • Billing/plan metadata: subscription status, plan, trial/renewal dates via our payment provider. We do not store full payment card details.

b) Information collected automatically

  • Usage & device data: IP address, browser/OS, language, referring URL, pages viewed, buttons clicked, error logs, timestamps, region/country.
  • Cookies & storage: authentication/session cookies (via Supabase), local storage (e.g., UI prefs), and PWA caches.
  • Aggregate counters: for example, global scan totals displayed on our website; these are not tied to an identifiable person.

c) Data from service providers

  • OAuth identity providers (Google): basic profile (name, email, avatar) and tokens needed to sign you in.
  • Market data APIs (e.g., eBay): we may send item descriptors or identifiers (such as titles or GTINs) to fetch market signals. We do not send your personal info unless you include it in the item description.

3) How we use your information

We use your information to:

  • Operate the Service: authenticate you; maintain sessions; process scans; display results; manage subscriptions.
  • Provide estimates & insights: run AI/ML models to identify items and estimate resale ranges; improve quality and recall.
  • Improve & secure: monitor performance, debug issues, prevent abuse/fraud, and enhance features.
  • Analytics & product decisions: understand feature usage and effectiveness (in aggregate).
  • Communicate with you: service emails (account, billing, policy updates) and replies to your support/feedback.
  • Legal compliance: comply with law, enforce terms, and protect rights.

Where required by law, we rely on one or more of: contract necessity, legitimate interests (e.g., product improvement, security), consent (where applicable), or legal obligation.

4) Sharing your information

We do not sell your personal information. We share it only with:

Service providers (processors) that help us run the Service:

  • Supabase (authentication/session, database, storage).
  • Google (OAuth sign-in).
  • Lemon Squeezy (billing/subscriptions; we receive plan and status metadata).
  • Vercel (hosting; Analytics/Speed Insights).
  • eBay API (market data lookups; no personal data unless included in item text).
  • Other infrastructure/security/observability vendors as needed.

Legal/security: if required by law or to protect rights, safety, or the Service (e.g., court order, fraud prevention).

Business transfers: in a merger, acquisition, financing, or sale of assets, data may be transferred as permitted by law.

We require processors to protect your data and use it only as instructed.

5) User Content & AI/ML improvement

You retain ownership of your User Content (photos, descriptions). You grant us a license to host, process, and transform that content solely to operate and improve the Service (e.g., generate thumbnails, run recognition, validate results).

We may use anonymized and aggregated data derived from usage (including scan outcomes) to improve model quality and features. We do not sell your individual photos or use them for targeted advertising.

6) Cookies & similar technologies

We use cookies and local storage to:

  • Keep you signed in and protect sessions (Supabase auth cookies).
  • Remember preferences (e.g., UI settings).
  • Measure performance and fix bugs (Vercel Analytics/Speed Insights).

You can control cookies in your browser. Blocking essential cookies may break sign-in.

7) Data retention

  • Account data: kept while your account is active and for a reasonable time after (e.g., for account recovery, legal obligations, fraud prevention).
  • Scan data: retained while your account is active. If you request deletion, we delete or de-identify as required.
  • Billing records: retained as required by tax and accounting laws.
  • Aggregated/anonymized data: may be retained indefinitely as it no longer identifies you.

8) Security

We use technical and organizational measures to protect your data (TLS in transit, access controls, least-privilege, logging). No system is 100% secure; use the Service at your own risk and contact us if you suspect unauthorized activity.

9) International transfers

Our providers may process data in multiple countries (e.g., US, EU). Where required, we rely on appropriate safeguards for cross-border transfers (such as Standard Contractual Clauses with processors).

10) Your rights

Depending on your location, you may have rights to access, correct, delete, restrict or object to processing, and data portability.

Requests & deletion: Email support@flipper47.com with the subject “Privacy Request” and the email tied to your account. We’ll respond within a reasonable time (typically 30 days) subject to applicable laws.

Deleting your account permanently removes your scans and profile from active systems; aggregated/anonymized data may be retained.

Email choices: You can opt out of non-essential emails; transactional emails (account, billing, policy changes) will still be sent.

11) Children’s privacy

The Service isn’t intended for children under 13 (or older if your local law requires). We don’t knowingly collect personal data from children. Contact us if you believe a child used the Service; we’ll take appropriate action.

12) Do Not Track

We don’t respond to “Do Not Track” signals. You can use browser settings and privacy tools to manage tracking technologies.

13) Changes to this policy

We may update this Privacy Policy from time to time. We’ll post the updated version with the “Last Updated” date. Material changes may be announced via the Service or email.

14) Contact us

Questions or requests about privacy?

Email: support@flipper47.com

Website: https://flipper47.com

Back to Home