← Back to FlipLedger

Privacy Policy

Last updated: 8 April 2026

This Privacy Policy explains how FlipLedger ("we", "us", "our") collects, uses, stores, and protects your personal data when you use the FlipLedger web application at flipledger.app(the "Service"). FlipLedger is a profit-tracking tool for UK-based online resellers.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (Data Controller)

FlipLedger is the data controller for the personal data you provide when using the Service. If you have any questions or want to exercise your rights, contact us at privacy@flipledger.app.

2. What Data We Collect

We collect only the data needed to provide the Service:

  • Account information — your email address, display name, and a securely hashed password (handled by Supabase Auth, never stored in plain text).
  • Subscription information — your Stripe customer ID and subscription status. We do not store card numbers; payment details are held by Stripe.
  • Sales and inventory data — items, lot purchases, and sales you enter manually, import via CSV, forward by email, or sync from connected marketplaces. This includes titles, prices, fees, dates, buyer usernames (where provided by the marketplace), and order identifiers.
  • Marketplace connection data — when you connect a marketplace (currently eBay), we store OAuth access and refresh tokens. These tokens are encrypted at rest using AES-256-GCM before being written to the database.
  • Forwarded email content — if you enable the email-forwarding feature, we process the body of emails you (or a forwarding rule) send to your unique inbound address to extract sale details. We log the sender, subject, and a short preview for debugging parse failures.
  • Technical data — IP address, browser user agent, and request metadata, used for rate-limiting (Upstash Redis) and error monitoring (Sentry). IP addresses used for rate limiting are stored only for the duration of the rate-limit window (typically 1 minute) and then discarded.

3. How We Use Your Data

We use your data exclusively to:

  • Provide profit tracking, fee calculations, analytics, and tax reports
  • Authenticate you and manage your subscription
  • Sync sales from marketplaces you have explicitly connected
  • Parse forwarded sale emails into sale records
  • Send essential transactional emails (password reset, subscription changes)
  • Detect and prevent abuse (rate limiting, fraud prevention)
  • Diagnose errors and improve reliability (via Sentry)

We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not use your data to train machine-learning models. We do not run behavioural advertising or tracking.

4. Lawful Basis for Processing (UK GDPR Art. 6)

  • Contract — processing account, subscription, and sales data is necessary to deliver the Service you signed up for.
  • Legitimate interest — rate limiting, error monitoring, and fraud prevention are carried out under our legitimate interest in keeping the Service secure and reliable.
  • Consent — marketplace connections and email parsing are enabled only when you explicitly opt in. You can withdraw consent at any time by disconnecting the marketplace or disabling email parsing in Settings.
  • Legal obligation — we may retain limited records (e.g. invoices, tax transaction data) to comply with UK tax and accounting law.

5. Where Your Data Is Stored

Your data is stored in Supabase (PostgreSQL hosted on AWS), with row-level security policies ensuring only you can access your own records. Database backups are retained by Supabase according to their own policy. Marketplace OAuth tokens are encrypted at rest using AES-256-GCM envelope encryption.

Some of our sub-processors may transfer data outside the UK / EEA. Where they do, they rely on Standard Contractual Clauses or equivalent safeguards as required by UK GDPR.

6. Third-Party Services (Sub-Processors)

We rely on the following sub-processors to operate FlipLedger:

  • Supabase — authentication, database, and storage (data hosted on AWS)
  • Vercel — application hosting and edge delivery
  • Stripe — payment processing and subscription billing (PCI-DSS compliant; we never see full card numbers)
  • Postmark — transactional email (password resets, notifications) and inbound email parsing
  • Upstash Redis — rate-limiting counters (IP addresses stored transiently)
  • Sentry — error monitoring and performance tracing (personally identifiable information scrubbed; financial values not transmitted)
  • eBay — marketplace API sync, only for accounts you have explicitly connected

7. Cookies and Tracking

We use only strictly necessary cookies for authentication and session management. We do not use advertising cookies, analytics trackers, social media pixels, or cross-site tracking technologies. We do not require a cookie consent banner because no non-essential cookies are set.

8. Data Retention

Our retention policy is:

  • Active accounts — we retain your data for as long as your account is active.
  • Inactive accounts — if you have not signed in for 22 months, we will send you a warning email. If you do not sign in within the next 60 days, your account and all associated data will be permanently deleted.
  • Account deletion— when you delete your account (from Settings or by emailing us), all associated data is removed from our primary database immediately and atomically. Encrypted backups held by Supabase are purged according to Supabase's backup rotation schedule (typically within 30 days).
  • Marketplace tokens — OAuth tokens are deleted immediately when you disconnect a marketplace, and the refresh token is revoked with the marketplace where possible.
  • Tax and billing records — we may retain limited invoice and payment records for up to 7 years to comply with UK HMRC requirements, even after account deletion.

9. Security

We apply industry-standard technical and organisational measures, including:

  • TLS (HTTPS) encryption for all data in transit
  • Row-level security in PostgreSQL scoping every query to the authenticated user
  • AES-256-GCM encryption of marketplace OAuth tokens at rest
  • HMAC-signed OAuth state parameters to prevent CSRF
  • Constant-time comparison of all webhook authentication tokens
  • Per-user and per-IP rate limiting on all write endpoints
  • Automated error monitoring with PII scrubbing enabled
  • Principle of least privilege: service-role database access is restricted to server-side webhook handlers only

No system is 100% secure. If we become aware of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and notify affected users without undue delay, as required by UK GDPR.

10. Your Rights (UK GDPR)

You have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — correct inaccurate personal data
  • Right to erasure — delete your account and all associated data (subject to legal retention exceptions)
  • Right to data portability — download a structured, machine-readable JSON export of your data from Settings → Download My Data
  • Right to restrict processing — ask us to pause processing while a dispute is resolved
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — disconnect marketplaces or disable email parsing at any time in Settings

To exercise any of these rights, either use the self-service tools in Settings or email privacy@flipledger.app. We will respond within one month as required by UK GDPR.

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

11. International Transfers

FlipLedger is operated from the United Kingdom. Some of our sub-processors (notably Supabase on AWS, Vercel, Stripe, Sentry, and Postmark) may process data in the United States or other jurisdictions. We rely on Standard Contractual Clauses and the UK International Data Transfer Addendum for such transfers, as required by UK GDPR.

12. Children

FlipLedger is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal data, please contact privacy@flipledger.app and we will delete it promptly.

13. Automated Decision-Making

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on you.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify registered users by email and update the "Last updated" date at the top of this page. Your continued use of the Service after such changes constitutes acceptance of the revised policy.

15. Contact Us

For any privacy-related questions, data subject requests, or complaints, please email us at privacy@flipledger.app.

FlipLedger · flipledger.app · privacy@flipledger.app