The Smarter CollectorThe Smarter Collector

Privacy Policy

Last Updated: September 19, 2025

Welcome to The Smarter Collector! We take your privacy seriously. This Privacy Policy explains how The Smarter Collector LLC ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use our sports card collection tracking platform.

By using The Smarter Collector, you agree to the collection and use of information as described in this Privacy Policy.

1. Information We Collect

What We Collect

We collect account info, your collection data, basic usage information, and security data. No behavioral tracking or advertising cookies.

Information You Provide

  • Account Information: Name and email address when you create an account
  • Collection Data: Card details, notes, projects, and any information you add about your collection
  • Uploaded Content: Images and photos of your cards
  • Communications: Messages when you contact us for support

Information Collected Automatically

  • Security Information: IP addresses (logged by Supabase for authentication and security)
  • Device Information: Browser type, operating system, and basic device information for troubleshooting
  • Usage Data: Features you use, pages visited, and general interaction with the platform
  • Authentication Cookies: Essential cookies from Supabase for keeping you logged in

Information We DON'T Collect

  • Detailed behavioral analytics or tracking
  • Third-party advertising cookies
  • Location data beyond IP address
  • Financial information (until paid features are implemented)

2. How We Use Your Information

Why We Use Your Data

To provide our services, improve the platform, communicate with you, ensure security, and meet legal requirements.

We use your information to:

  • Provide Our Services: Enable you to track and manage your card collection
  • Improve the Platform: Understand usage patterns and enhance features
  • Communicate With You: Send account-related emails and respond to support requests
  • Ensure Security: Protect against unauthorized access and maintain platform integrity
  • Legal Compliance: Meet our legal obligations and protect our rights

3. How We Share Your Information

We Don't Sell Your Data

We never sell your personal data. We only share what's necessary with service providers and for legal requirements.

We Do NOT:

  • Sell your personal data to third parties
  • Share your individual collection data publicly
  • Use your data for third-party advertising

We DO Share Data With:

Service Providers

  • Supabase: Database hosting, authentication, and file storage
  • Vercel: Website hosting and performance
  • Future Email Services: For transactional emails (with your consent for marketing)

Marketplace Integrations (eBay and future partners)

  • Search queries for affiliate links
  • Anonymous click tracking for commissions
  • We never share your email or personal information

Payment Processors (when paid features launch)

  • Billing information necessary to process payments
  • We never store credit card numbers on our servers

Legal Requirements

  • When required by valid court orders or legal process
  • To protect our rights, safety, or property
  • We'll notify you unless legally prohibited

Anonymized Data

  • We may share aggregated platform statistics
  • No individual user data is ever included

4. Data Storage and Security

US-Based & Secure

All data stored in the United States with enterprise-grade encryption and security measures.

Where Your Data Lives

  • Primary Storage: Amazon Web Services (AWS) in US East region
  • Backups: Multiple AWS availability zones within the United States
  • No International Transfers: All data remains within the United States

How We Protect Your Data

  • Encryption: TLS/SSL for data in transit, AES-256 for data at rest
  • Authentication: Industry-standard JWT tokens and bcrypt password hashing
  • Access Control: Row Level Security ensures you can only access your own data
  • Infrastructure: AWS enterprise-grade security (SOC 2 Type II compliant)
  • Monitoring: Regular security reviews and incident response procedures

Data Backups

  • Daily automated backups retained for 7 days
  • Point-in-time recovery available
  • Distributed across multiple zones for redundancy

5. Your Rights and Control

You're in Control

Export your data, update information, or delete your account anytime. Fast response times guaranteed.

Access Your Data

  • Export Options: Download your collection in CSV or JSON format
  • Image Downloads: Get all your uploaded photos in a ZIP file
  • How to Request: Use account settings or email chris@thesmartercollector.com

Update Your Information

  • Self-Service: Update collection data and account settings anytime
  • Email Changes: Require verification for security

Delete Your Data

  • Individual Items: Permanently deleted immediately when you remove them
  • Full Account: Complete deletion within 30 days of request
  • What's Deleted: All personal info, collection data, and uploaded images

Response Times

  • Request acknowledgment: Within 2 business days
  • Simple updates: Within 7 days
  • Data exports: Within 14 days
  • Account deletion: Within 30 days

6. Data Retention

Active Accounts

  • We keep your data as long as your account is active
  • Deleted items are permanently removed immediately

Inactive Accounts

  • Deleted after 3 years of no activity
  • 90-day warning email before deletion
  • 30-day final notice
  • Export your data before deletion if desired

Legal Retention

  • Some data may be retained longer if required by law
  • Anonymous usage statistics retained indefinitely

7. Data Breach Notification

We'll Tell You Immediately

If your data is ever compromised, we'll notify you within 72 hours with full details and recommended actions.

If your data is compromised:

  • Notification: Within 72 hours of discovery
  • Method: Direct email to your account address
  • Information Provided: What happened, affected data, and recommended actions
  • Transparency: Public updates unless it compromises security

8. Children's Privacy

  • Our platform is not intended for children under 13
  • We do not knowingly collect data from children under 13
  • If we discover underage users, we will delete their accounts

9. International Users

  • Service is intended for US and Canada residents only
  • All data stored within the United States
  • By using our service, you consent to US data protection laws

10. Changes to This Policy

We'll Notify You:

  • 30 days before significant changes take effect
  • Via email and website banner
  • With a summary of what changed

Your Options:

  • Continue using the platform
  • Export your data
  • Delete your account if you disagree

11. Contact Us

Contact Information

The Smarter Collector LLC
Email: chris@thesmartercollector.com

Subject: "Privacy Policy Question" or "Data Rights Request"
Response time: Within 7 days for privacy inquiries

12. Summary of Key Points

Key Takeaways

Your Data is Yours: Export or delete it anytime

We Don't Sell Your Data: Ever

US-Based Storage: No international transfers

Strong Security: Encryption and access controls

Full Transparency: We'll tell you about any changes

You're in Control: Manage your data through account settings

By using The Smarter Collector, you acknowledge that you have read and understood this Privacy Policy.