Privacy Policy

Last updated: February 18, 2026

1. Data We Collect

• Etsy user ID from OAuth profile lookup.
• Encrypted Etsy access and refresh tokens.
• Session data needed to keep your Etsy session active.
• Poll votes (one vote per user per poll).
• Optional profile fields and preference flags you submit in account settings.
• Optional contact form details when you message us.
• Terms acceptance and marketing preference history where provided.
• Token expiry and last sync timestamp.
• Collection ownership states (verified, manual add, manual remove).

2. How We Use Data

We use this data to authenticate Etsy-connected sessions, enforce one-vote-per-user poll rules, run the Collection Punch Card, sync verified ownership from Etsy purchases, and honor submitted preferences.

3. Storage and Security

Etsy tokens are encrypted at rest before storage in Cloudflare D1. Session cookies are signed, HttpOnly, and Secure. Etsy API requests are made server-side only.

4. Data Sharing

We do not sell your data. Data is processed by infrastructure providers required to operate this feature, including Cloudflare (hosting/database) and Etsy (OAuth/API).

5. Retention and Removal

You can disconnect Etsy from the Collection page at any time. Disconnect removes stored Etsy tokens and verified ownership records. Manual ownership records are kept unless you remove them. Marketing preferences can be changed in Account settings.

6. Etsy Trademark Notice

The term "Etsy" is a trademark of Etsy, Inc. This application uses Etsy's API but is not endorsed or certified by Etsy.