🔑
Key Takeaway
We collect only your email and usage statistics. We never track your browsing history, read your messages, or sell your data to anyone. Last updated: February 17, 2026
1 Information We Collect
1.1 Information You Provide
- Email Address — collected during account creation via Supabase authentication
- Payment Information — processed securely by Stripe (we never see your card details)
1.2 Automatically Collected Information
- Usage statistics — daily search count (to enforce free-tier limits), API usage metrics, and timestamps of searches
- Cached data (local only, 7-day retention) — Facebook Marketplace listing titles and prices, eBay search results for comparison, and product images for visual matching
- Technical information — extension version number and error logs for debugging
1.3 What We Do NOT Collect
- Browsing history outside of Facebook Marketplace
- Personal messages or communications
- Your Facebook friends list or social connections
- Location data or device identifiers
- Cookies for tracking or advertising
- Any data from non-Marketplace Facebook pages
2 How We Use Your Information
- Provide core functionality — display price comparison badges, match products with eBay listings
- Enforce quotas — track daily search limits (15 searches/day for free users)
- Process payments — manage subscriptions via Stripe
- Improve the service — debug errors and optimize matching algorithms
- Customer support — respond to inquiries and technical issues
How Algorithmic Matching Works
FlipSmart Pro uses on-device algorithms and eBay's public API to match Facebook Marketplace listings with eBay products. Specifically:
- Text matching — listing titles are processed locally in your browser using our own similarity algorithms (no external AI provider receives your data)
- Image matching — product images are analyzed locally using TensorFlow.js, a client-side machine learning library that runs entirely in your browser
- eBay search queries — cleaned listing titles are sent to eBay's public API to retrieve comparable listings; no personally identifiable information is included in these queries
- No third-party AI services — your data is not sent to OpenAI, Google AI, Anthropic, or any other third-party AI provider. All intelligent matching occurs locally or against eBay's own API.
3 Data Storage & Security
3.1 Where Your Data Lives
| Data Type |
Storage Location |
Retention Period |
| Account information |
Supabase (cloud) |
Until account deletion |
| Usage statistics |
Supabase (cloud) |
30 days rolling |
| Cached search results |
Local browser storage only |
7 days (auto-deleted) |
| Payment records |
Stripe (PCI-compliant) |
Per Stripe policy |
3.2 Security Measures
- Encryption — all data transmitted via HTTPS/TLS
- Row-Level Security — Supabase RLS policies ensure users can only access their own data
- API Key Protection — all API keys stored server-side, never in extension code
- Payment Security — PCI DSS compliant processing via Stripe
- Access Controls — minimal team access with audit logs enabled
4 Third-Party Services
| Service |
Purpose |
Data Shared |
Privacy Policy |
| Supabase |
Authentication & database |
Email, usage stats |
View ↗ |
| Stripe |
Payment processing |
Email, payment details |
View ↗ |
| eBay API |
Product price comparison |
Search queries only |
View ↗ |
We do not use Google Analytics, Facebook Pixel, or any advertising or tracking services.
5 Your Privacy Rights
Access & Portability
- View your data — access usage statistics via the extension dashboard
- Export your data — request a copy of all data we hold about you
Deletion
- Delete your account — contact support to permanently delete your account and all associated data
- Clear local cache — use Chrome's "Clear browsing data" settings for the extension
Correction & Opt-Out
- Update email — modify via extension or account settings
- Disable extension — stops all data collection immediately
- Cancel subscription — downgrade to free tier at any time
6 Children's Privacy
Our extension is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@flipsmart.pro and we will delete it promptly.
7 International Users
Our services are hosted in the United States. By using our extension, you consent to the transfer of your data to the U.S., which may have different data protection laws than your country.
European Users (GDPR)
- Right to access, rectify, and erase data
- Right to data portability
- Right to restrict or object to processing
California Users (CCPA)
- Right to know what data is collected
- Right to delete personal information
- Right to opt-out of data sales (we don't sell data)
- Right to non-discrimination
8 Changes to This Policy
We may update this Privacy Policy periodically. When we do, we will notify users via email, in-extension alert, and a prominent notice on our website. The updated date at the top of this page will always reflect the most recent revision.
9 Contact Us
If you have questions about this Privacy Policy or want to exercise your privacy rights, reach us at:
We aim to respond to all privacy requests within 30 days.
10 Legal Basis for Processing (GDPR)
- Contract performance — to provide the extension service you signed up for
- Legitimate interest — to improve our service and prevent abuse
- Consent — for optional features (you can withdraw consent anytime)
- Legal obligation — to comply with tax and payment processing laws