privacy policy
Effective 2026-05-23
This Privacy Policy explains how Tellmarket (“Tellmarket,” “we,” “us,” “our”) collects, uses, discloses, and protects information when you use the Tellmarket website (tellmarket.app) and mobile applications (collectively, the “Service”). For all privacy-related matters, contact us at support@tellmarket.app.
1. Information we collect
We deliberately collect the minimum needed to operate the Service.
You provide directly:
- Email address — for authentication (handled by Supabase).
- Apple Sign In identifier — if you sign in with Apple in the mobile app, we receive a stable Apple-provided user identifier and (optionally) the relay email you choose to share.
- Alert preferences — thresholds you configure inside the app.
Collected automatically:
- Push notification token (mobile only, used to deliver alerts you configure).
- Subscription status (active/inactive, trial state) — from RevenueCat (mobile) or Stripe (web). We never see your card details; Apple, Stripe, and their banking partners process all payments.
- Diagnostic data: anonymous crash reports (Sentry) and aggregate pageview / referrer data (Vercel Analytics — no cookies, no personal identifiers).
- Standard server logs for the limited time needed to detect abuse and debug errors (typically 30 days).
We do not collect:
your real name (unless you email it to us), postal address, phone number, precise location, contacts, photos, microphone, browsing history, search history, financial account details, government identifiers, or any of the categories Apple defines as “Sensitive Info.”
2. Why we use it (legal bases)
For users in the European Economic Area / United Kingdom, we rely on these GDPR legal bases:
- Performance of a contract — to provide authentication, alerts, and Pro features you signed up for.
- Legitimate interests — to keep the Service secure, prevent fraud, fix bugs, and improve product quality, balanced against your privacy.
- Legal obligations — to respond to lawful requests and meet tax/accounting requirements.
- Consent — for push notifications (mobile) and marketing emails, both of which you can revoke at any time.
3. Sub-processors
We use the following service providers; each is contractually limited to processing data only on our behalf.
- Supabase — database, authentication, storage. privacy
- Stripe — web payment processing and subscriptions. privacy
- RevenueCat — mobile subscription state and receipt validation. privacy
- Apple — mobile payments, push notifications, Sign in with Apple. privacy
- Sentry — crash reporting. privacy
- Vercel Analytics — aggregate, cookieless pageview analytics. privacy
- Vercel — website hosting. privacy
Some of these providers are located in the United States. When we transfer personal data out of the EEA/UK, we rely on the European Commission’s Standard Contractual Clauses or equivalent safeguards.
4. We do not sell or rent your data
We do not sell, rent, or trade personal information. We do not use your data for advertising. We do not track you across other companies’ apps or websites. We do not share data with data brokers.
5. How long we keep it
- Account data (email, alert preferences, subscription state): for the life of your account, then deleted within 30 days of your deletion request.
- Crash and analytics events: rolling 90 days, then deleted automatically.
- Server logs: rolling 30 days, then deleted automatically.
- Tax and payment records: retained as long as required by law (typically 7 years), in aggregate form not linked to your profile.
6. Your rights
Regardless of where you live, you can email support@tellmarket.app to:
- Get a copy of the data we hold about you.
- Correct anything inaccurate.
- Delete your account and all associated personal data.
- Receive your data in a portable format.
- Object to or restrict certain processing.
We respond within 30 days. EEA / UK residents have the right to lodge a complaint with their local data-protection authority. California residents have specific rights under the CCPA/CPRA, including the rights above; we do not sell or share personal information as those terms are defined under the CCPA.
7. Children
The Service is rated 17+ and is not directed at children. We do not knowingly collect personal information from anyone under 13 (or under 16 in the EEA/UK). If you believe a child has provided us with personal information, contact us and we will delete it.
8. Security
We use HTTPS for all network traffic, encrypt data at rest in our managed databases, restrict access to production systems on a need-to-know basis, and rely on Apple’s on-device security for mobile credentials. No system is perfectly secure; keep your account email secure.
9. Breach notification
If we learn of a personal-data breach affecting you, we will notify you and the relevant supervisory authority without undue delay and within the timeframes required by applicable law.
10. Changes to this policy
We may update this policy. The Effective date at the top reflects the current version. If we make material changes, we will notify active users by email at least 14 days before they take effect.
11. Contact
Tellmarket
support@tellmarket.app