← Back to Sellcast

Privacy Policy

Last updated: March 1, 2026

1. Introduction

Sellcast ("we", "our", "us") is operated from the European Union. We are committed to protecting your privacy and handling your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and share your information when you use our website and AI listing optimization service at sellcast.co (the "Service").

2. Data We Collect

2.1 Account Information

When you create an account, we collect your name and email address. If you sign in via Google OAuth, we receive your name, email, and profile picture from Google.

2.2 Listing Data

When you use our scoring or optimization features, we collect the listing URLs, titles, descriptions, tags, and other product details you submit. This data is stored to provide your optimization history and improve our service.

2.3 Payment Information

We do not directly store your credit card information. All payment processing is handled by Stripe, Inc. Stripe collects and stores your payment details in accordance with PCI-DSS standards. We only store your Stripe customer ID and subscription status.

2.4 Usage Data

We automatically collect information about how you use the Service, including pages visited, features used, optimization counts, and timestamps. We use Vercel Analytics for aggregate, anonymous website analytics.

2.5 Cookies

We use essential cookies to maintain your login session and preferences. We do not use advertising or third-party tracking cookies. Essential cookies cannot be disabled as they are required for the Service to function.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Providing the Service: To analyze and optimize your product listings using our AI technology
  • Account management: To create and manage your account, authenticate your identity, and maintain your subscription
  • Payment processing: To process subscription payments through Stripe
  • Service improvement: To understand usage patterns and improve our AI optimization algorithms
  • Communication: To send essential service emails (account verification, billing receipts, subscription changes)

4. Third-Party AI Processing (OpenAI)

Your listing data is sent to OpenAI's API (GPT-4o) for analysis and optimization. OpenAI processes this data in accordance with their API data usage policy. As of our last review, data sent through the API is not used to train OpenAI's models. We encourage you to review OpenAI's privacy practices directly.

We do not share your personal account information (name, email) with OpenAI — only the listing content you submit for optimization.

5. Third-Party Payment Processing (Stripe)

We use Stripe for payment processing. When you subscribe to a paid plan, Stripe collects your payment information directly. Stripe processes your data in accordance with their Privacy Policy. We receive only your Stripe customer ID, subscription status, and payment status from Stripe.

6. Data Storage and Security

Your data is stored in a PostgreSQL database hosted by Supabase. We use industry-standard security measures including encryption in transit (TLS/SSL), secure authentication, and access controls. We do not store passwords in plain text — all passwords are hashed using bcrypt.

7. Data Retention

We retain your account data and optimization history for as long as your account is active. If you delete your account, we will delete all your personal data and optimization history within 30 days. Some anonymous, aggregated data may be retained for analytics purposes.

8. Your Rights (GDPR)

As we are based in the EU, you have the following rights under the GDPR:

  • Right of access: Request a copy of all personal data we hold about you
  • Right to rectification: Request correction of inaccurate personal data
  • Right to erasure: Request deletion of your personal data (you can also delete your account from Settings)
  • Right to data portability: Request your data in a machine-readable format
  • Right to restrict processing: Request limitation of how we process your data
  • Right to object: Object to processing of your personal data
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@sellcast.co. We will respond within 30 days.

9. Data Sharing

We do not sell your personal data to third parties. We only share data with the following service providers, who act as data processors on our behalf:

  • OpenAI: Listing content for AI analysis and optimization
  • Stripe: Payment information for subscription billing
  • Supabase: Database hosting for account and listing data
  • Vercel: Application hosting and anonymous analytics
  • Google: OAuth authentication (only if you choose Google sign-in)

10. International Data Transfers

Some of our service providers (OpenAI, Stripe, Vercel) are based in the United States. Data transferred to the US is protected under appropriate safeguards, including Standard Contractual Clauses (SCCs) as approved by the European Commission.

11. Children's Privacy

Sellcast is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related questions or to exercise your data rights, contact us at:

Email: privacy@sellcast.co

You also have the right to lodge a complaint with your local data protection supervisory authority.