1. General information

Protecting your personal data is important to us. We process personal data confidentially and in accordance with applicable data protection laws and this privacy policy.

Controller:
Andy Shek
c/o Impressumservice Dein-Impressum
Stettiner Str. 41, 35410 Hungen
E-Mail: [email protected]

2. Hosting & infrastructure

Vercel Inc.

We host our application with Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. To provide the website, connection data (e.g. IP address and browser information) is processed. This is based on our legitimate interest in secure and efficient service delivery (Art. 6(1)(f) GDPR).

3. Data storage & backend

Supabase

We use Supabase as backend and database provider. Project-related data is primarily stored on servers in Frankfurt (EU). A data processing agreement is in place with the provider.

4. Authentication

Clerk

We use Clerk for sign-in and account management. During registration/login, required data (e.g. email address, password hashes, login timestamps) is processed. Legal basis is Art. 6(1)(b) GDPR (contract performance).

5. AI processing & analysis

OpenAI API

We use the OpenAI API for product image analysis and listing text generation.

No training: Submitted data (images, texts) is not used for OpenAI model training (according to API privacy policies).
Purpose: Exclusively to provide requested analysis functions (Art. 6(1)(b) GDPR).

6. Payment processing

Lemon Squeezy

Orders and payments are processed by our Merchant of Record, Lemon Squeezy. Payment data is processed directly by that provider; we do not store full credit card details on our servers.

7. Your rights

You have the right to access, rectification, restriction, and deletion of your personal data within the scope of applicable law.

If you want your account deleted, you can do so in settings or contact us at [email protected].

8. Google user data (Google API Services)

If you choose "Sign in with Google", CrowFlip receives access to certain Google user data. To comply with the Google API Services User Data Policy, we disclose:

Data accessed: Primary email address, name, and profile image.
Data usage: Account creation, secure authentication, and system-relevant notifications.
Storage & sharing: Secure storage via Clerk. No sale of data and no sharing for advertising purposes.
Limited Use compliance: Usage follows the Google API Services User Data Policy including Limited Use requirements. Google API Services User Data Policy

8. Google user data (Google API Services)

If you choose "Sign in with Google", CrowFlip receives access to certain Google user data. To comply with the Google API Services User Data Policy, we disclose:

Data accessed: Primary email address, name, and profile image.

Data usage: Account creation, secure authentication, and system-relevant notifications.

Storage & sharing: Secure storage via Clerk. No sale of data and no sharing for advertising purposes.

Limited Use compliance: Usage follows the Google API Services User Data Policy including Limited Use requirements. Google API Services User Data Policy

Privacy Policy

1. General information

2. Hosting & infrastructure

Vercel Inc.

3. Data storage & backend

Supabase

4. Authentication

Clerk

5. AI processing & analysis

OpenAI API

6. Payment processing

Lemon Squeezy

7. Your rights

8. Google user data (Google API Services)

Privacy Policy

1. General information

2. Hosting & infrastructure

Vercel Inc.

3. Data storage & backend

Supabase

4. Authentication

Clerk

5. AI processing & analysis

OpenAI API

6. Payment processing

Lemon Squeezy

7. Your rights

8. Google user data (Google API Services)