← Back to Home

Privacy Policy

Last Updated: December 30, 2024

1. Introduction

That Listings Tool ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at thatlistingstool.com (the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, password (hashed by Clerk)
  • Payment Information: Processed by Stripe (we do not store credit card numbers)
  • eBay OAuth Tokens: Access and refresh tokens to authenticate with eBay API (encrypted)

2.2 eBay Data We Access

When you connect your eBay account, we access the following data through the eBay API:

  • Listing Information: Item IDs, titles, prices, currency, status (active/ended/sold)
  • Images: Thumbnail URLs and high-resolution image URLs
  • Timestamps: Listing end times, last sync times
  • eBay User ID: Your eBay seller account identifier

Important: We do NOT access or store:

  • Buyer information or transaction details
  • Private messages or communications
  • Payment or banking information from eBay
  • Personal seller details beyond what's in listing data

2.3 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on Service
  • Device Information: Browser type, operating system, IP address
  • Cookies: Session cookies for authentication, preference cookies (see Cookie Policy)

3. How We Use Your Information

We use your data for the following purposes:

3.1 Service Provision

  • Authenticate you and maintain your session (via Clerk)
  • Connect to your eBay account and retrieve listing data
  • Cache your listings in our database for fast display
  • Generate CSV exports with high-resolution images
  • Process background sync jobs to update listing information

3.2 Payment Processing

  • Process subscription payments through Stripe
  • Manage your subscription status (active, canceled, failed payment)
  • Send billing notifications and receipts

3.3 Service Improvement

  • Analyze usage patterns to improve features
  • Monitor performance and fix technical issues
  • Detect and prevent fraud or abuse

3.4 Communication

  • Send service-related notifications (e.g., sync completion, export ready)
  • Respond to support requests
  • Notify you of Terms or Privacy Policy changes
  • Send optional product updates (you can opt out)

4. Data Storage & Security

4.1 Where We Store Data

  • Database: MySQL database hosted on our production server
  • Authentication: User credentials managed by Clerk (industry-standard security)
  • Payment Data: Managed by Stripe (PCI-DSS Level 1 certified)
  • Export Files: Temporarily stored on server (auto-deleted after 30 days)

4.2 Security Measures

We implement industry-standard security measures:

  • Encryption in Transit: All data transmitted over HTTPS/TLS
  • Encryption at Rest: eBay OAuth tokens stored encrypted in database
  • Access Control: Database credentials restricted to application only
  • Regular Updates: Security patches applied promptly
  • Docker Isolation: Application runs in isolated container environment

4.3 Data Retention

  • Active Accounts: Data retained while subscription is active
  • Canceled Accounts: Data deleted 30 days after cancellation
  • Export Files: Auto-deleted 30 days after creation
  • Logs: Server logs retained for 90 days for troubleshooting

5. How We Share Your Information

We do NOT sell your personal data. We only share data with:

5.1 Third-Party Service Providers

  • Clerk: Authentication and user management (SOC 2 Type II certified)
  • Stripe: Payment processing and subscription management (PCI-DSS certified)
  • eBay: API requests to access your listing data (you authorize this via OAuth)

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders, subpoenas, or legal process
  • Government or regulatory requests
  • Protection of our rights, property, or safety
  • Prevention of fraud or abuse

5.3 Business Transfers

If we are acquired, merge with another company, or sell assets, your data may be transferred to the acquiring entity. You will be notified of any such change.

6. Your Privacy Rights

Depending on your location, you may have the following rights:

6.1 Access & Portability

  • Access: Request a copy of your personal data
  • Export: Download your listing data via CSV export feature

6.2 Correction & Deletion

  • Correction: Update your account information through your profile
  • Deletion: Cancel subscription to delete your account and data (30-day grace period)

6.3 Marketing Opt-Out

  • Unsubscribe from marketing emails via link in email footer
  • Service-related emails (e.g., billing, security) cannot be opted out

6.4 Revoke eBay Access

  • Disconnect eBay account anytime through eBay Account Settings
  • Visit eBay Security Settings to revoke third-party access
  • Cached listing data will be deleted when you cancel your subscription

6.5 GDPR Rights (EU/UK Residents)

If you are in the European Union or United Kingdom, you have additional rights under GDPR:

  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit how we process your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Data Portability: Receive your data in machine-readable format
  • Right to Lodge Complaint: File complaint with your supervisory authority

6.6 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect and how we use it
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of exercising rights

To exercise your rights: Contact us at [email protected]. We will respond within 30 days.

7. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately, and we will delete it.

8. International Data Transfers

Our servers are located in [Your Server Location]. If you access the Service from outside this region, your data may be transferred to and processed in this location.

We ensure adequate safeguards for international transfers in compliance with GDPR and other data protection laws.

9. Cookies & Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Authentication, session management (required)
  • Functional Cookies: User preferences, language settings (optional)
  • Analytics Cookies: Usage statistics, performance monitoring (optional)

For detailed information, see our Cookie Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification (for significant changes)

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us:

That Listings Tool - Privacy Team

Email: [email protected]

Support: [email protected]

Website: https://thatlistingstool.com

EU Representative: [If you have EU customers, you may need to appoint an EU representative under GDPR Article 27]

Terms of ServiceCookie PolicyBack to Home