MarketPricing

Legal

Privacy Policy

Last updated: April 2026

1. Who We Are

CardIndex ("we", "us", "our") operates card-index.app, a market intelligence platform for trading card collectors. This policy explains how we collect, use, and protect your personal data when you use our Service.

2. Information We Collect

When you create an account we collect your email address and any profile information you provide. When you use the Service we collect usage data including searches performed, cards added to your watchlist, and pages visited. If you subscribe to a paid plan we collect billing information via Stripe — we do not store full card numbers or payment details on our servers. We also collect standard server log data including IP addresses and browser information.

3. How We Use Your Data

We use your data to provide and improve the Service, personalise your experience (e.g. syncing your watchlist across devices), send transactional emails such as account verification and payment receipts, send optional marketing emails if you have opted in, enforce our Terms and prevent abuse, and comply with legal obligations.

4. Data Sharing

We do not sell your personal data. We share data only with trusted third-party processors necessary to operate the Service: Supabase (database and authentication), Stripe (payment processing), and email delivery providers. All processors are contractually required to handle your data in accordance with applicable data protection law.

5. Search Data

Searches you perform on CardIndex are logged to improve our search cache and power features such as "Popular right now." Search logs may be associated with your account if you are signed in, or stored anonymously if you are not. Aggregated and anonymised search data may be used to improve the Service.

6. Cookies

We use strictly necessary cookies to maintain your session and authentication state. We do not use third-party advertising or tracking cookies. You can control cookie settings in your browser, but disabling session cookies will prevent you from staying logged in.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data will be deleted within 30 days, except where retention is required by law. Anonymised usage data may be retained indefinitely for analytical purposes.

8. Your Rights

Depending on your location you may have the right to access, correct, or delete your personal data, object to or restrict certain processing, and request data portability. To exercise these rights please contact us at hello@card-index.app. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your data, including encrypted connections (TLS), hashed passwords, and row-level security on our database. No system is completely secure, and we cannot guarantee absolute security.

10. Children

CardIndex is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or a notice on the platform. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions or to exercise your rights, contact us at hello@card-index.app or via the Contact page.