Last updated: April 14, 2026
Account info you give us: name, email, shipping address (used for labels). Your listings, sales, expenses, and messages as you create them. OAuth access + refresh tokens for marketplaces you connect, encrypted at rest with AES-256-GCM. Stripe customer id for billing.
We never collect or store your marketplace passwords. For platforms without APIs, the Mismatch browser extension runs on your device; we never see your credentials or session cookies there.
Subprocessors: Supabase (database + auth + storage), Stripe (billing), Resend (email), EasyPost (labels), Vercel (hosting). No advertising partners. No data sale.
You can export your data or delete your account at any time from Settings → Danger Zone. Deletions are processed within 30 days. We retain billing records for 7 years as required by tax law.
We use one cookie for session authentication (Supabase). No analytics or advertising cookies.