FretfolioBETA
Sign inGet started

Privacy Policy

Last updated: March 15, 2025

1. Who we are

Fretfolio ("we", "us", or "our") is a gear and instrument collection management service operated at fretfolio.app. Questions about this policy can be directed to privacy@fretfolio.app.

2. Information we collect

We collect the following categories of information:

  • Account information: Email address and password hash (or OAuth token if you sign in with Google or Apple).
  • Collection data: Gear records you create — make, model, year, specs, notes, valuation info, and photos you upload.
  • Personal information (optional): Name and mailing address, collected only if you choose to enable PDF export. This information is never shown publicly and is used solely to populate your exported documents.
  • Billing information: Payments are processed by Stripe. We store only your Stripe customer ID and subscription status — we never see or store your full card number.
  • Usage data: Login timestamps, feature interactions, and error logs used to operate and improve the service. No third-party analytics or advertising tracking is used.

3. How we use your information

Your information is used to:

  • Provide, maintain, and improve the Fretfolio service
  • Process subscription payments and send billing-related emails
  • Send transactional emails (account confirmation, inactivity reminders, payment alerts)
  • Respond to support requests and feedback
  • Detect and prevent abuse, fraud, or Terms of Service violations

We do not sell your personal information. We do not use your data to serve advertisements.

4. How your data is stored

Your data is stored in Supabase (PostgreSQL database and object storage), hosted on AWS infrastructure in the United States. Photos are stored in a private object storage bucket and served via signed or public URLs depending on your share settings. All data in transit is encrypted via TLS. Database data at rest is encrypted by the hosting provider.

5. Who we share data with

We share your data only with third-party service providers necessary to operate the service:

  • Supabase — database, authentication, and file storage
  • Stripe — payment processing and subscription management
  • Resend — transactional email delivery
  • Vercel — application hosting and serverless functions

We do not share your data with any other third parties. All providers are contractually bound to use your data only to provide their services to us.

6. Your collection is private by default

Your gear collection is entirely private by default. No item is publicly visible unless you explicitly generate a share link for it. Share links can be revoked at any time from your item's settings page — revocation takes effect immediately.

7. Data retention

We retain your data for as long as your account is active. When your account is closed:

  • Voluntary cancellation: Your data is preserved in read-only mode. You may reactivate at any time to restore full access. Explicit account deletion can be requested from Settings → Account.
  • Account deletion request: Your collection data (gear records and photos) is permanently deleted within 30 days. Your authentication record is deleted immediately upon request.
  • Payment lapse: Accounts with failed payments enter a 30-day grace period. If not resolved, collection data is permanently deleted at the end of that period.

8. Cookies and local storage

Fretfolio uses browser cookies strictly for authentication session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. We use browser local storage to save your UI preferences (e.g. dark/light mode).

9. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Export your collection data as CSV at any time from your collection page
  • Objection: Object to processing of your personal data in certain circumstances

To exercise any of these rights, email privacy@fretfolio.app. We will respond within 30 days.

10. Children's privacy

Fretfolio is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at privacy@fretfolio.app and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, send a notice to the email address on your account. Continued use of Fretfolio after a policy update constitutes your acceptance of the revised policy.

12. Contact

Questions or concerns about this Privacy Policy should be directed to privacy@fretfolio.app.

← Back to Fretfolio