Privacy Policy

Last updated: April 26, 2026

This Privacy Policy describes how 712 Secondhand (“we,” “us,” or “our”) collects, uses, stores, shares, and protects personal information when you use our internal inventory management application (the “Service”). The Service is a private tool used by our team to manage flea-market inventory and to import order data from third-party marketplaces, including eBay.

1. Information We Collect

We collect only the information necessary to operate the Service:

  • Account & access data: staff member labels and authentication PINs used to sign in to the admin interface.
  • Inventory data: photos, titles, descriptions, categories, prices, and notes about items entered by our staff.
  • eBay data: when an authorized user connects an eBay account, we receive purchase order information (item title, image, URL, price paid, currency, quantity, seller username, and order date) and OAuth access/refresh tokens issued by eBay.
  • Operational logs: standard server logs (timestamps, request paths, error messages) used for debugging and security.

2. How We Use Information

  • To authenticate staff and authorize access to the Service.
  • To retrieve, display, and import your eBay purchase history into our inventory system at your request.
  • To maintain inventory records, assign items to staff members, and keep an audit trail of imports.
  • To monitor, secure, debug, and improve the Service.

We do not use personal information for advertising, profiling, or automated decision-making, and we do not sell personal information.

3. eBay Data — Specific Terms

Our use of information received from eBay APIs adheres to theeBay API License Agreement, including the eBay Acceptable Use Policy and eBay’s data protection requirements.

  • We access eBay data only with the explicit OAuth authorization of the eBay account holder.
  • We use eBay data solely to enable the connected user to import their own purchase history into the Service.
  • We do not share eBay data with any third party, do not use it for advertising, and do not combine it with data from other sources for commercial profiling.
  • You can disconnect the eBay integration at any time from the admin interface, which removes our stored OAuth tokens.

4. Data Storage & Security

Data is stored in a managed PostgreSQL database with row-level security and encrypted at rest. OAuth tokens, PIN hashes, and other secrets are stored encrypted and accessible only to the server. All communication with the Service uses TLS (HTTPS).

5. Data Retention

We retain inventory and order data for as long as it is useful for operating the business. eBay OAuth tokens are retained until you disconnect the integration or the refresh token expires. Server logs are retained for a limited period for security and debugging.

6. Account Deletion & eBay Marketplace Account Deletion Notifications

If you are an eBay user and would like us to delete eBay-derived data associated with your account, contact us using the details below and we will delete the relevant tokens and order records. We also honor eBay’sMarketplace Account Deletion / Closure Notificationpolicy: upon receiving such notification, we will permanently delete stored personal data associated with the affected eBay account.

7. Your Rights

Depending on your jurisdiction (including the EU/UK GDPR and the California CCPA), you may have the right to access, correct, delete, or export your personal information, or to object to certain processing. Contact us to exercise these rights.

8. Third-Party Services

The Service uses the following processors strictly to provide the features described above: a managed database/auth provider for storage and authentication, and the eBay API for order data. These providers act as data processors under our instructions.

9. Children’s Privacy

The Service is not directed to children under 13 (or 16 in the EU) and we do not knowingly collect personal information from them.

10. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent revision.

11. Contact

For privacy questions, data deletion requests, or eBay-related data inquiries, contact: privacy@fleamarket.lovable.app.