Privacy Policy

Last updated: October 26, 2025

Your privacy is important to us. This Privacy Policy explains how Artisan's Ally ("we", "us", or "our") collects, uses, and discloses information about you when you use our website (the "Service").

1. Information We Collect

We only collect information you voluntarily provide to us:

  • Account Information: When you register for an account, we collect your email address and a hashed version of your password. We also store your preferred currency.
  • Workshop Data: We store the data you provide for your workshop, including material names and costs, and product recipes. This data is considered private to your account.
  • API Keys: If you connect to third-party services like eBay, we securely store the authentication tokens (refresh tokens) provided by that service. We never see or store your eBay password.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service.
  • Authenticate you and secure your account.
  • Communicate with you, including sending password reset emails via our email provider (Brevo).
  • Perform the core functions of the app, such as calculating your product costs and analyzing market data on your behalf.

3. How We Share Your Information

We do not and will not sell, rent, or share your personal information or your private workshop data with any third party, except as described below:

  • With Third-Party Services You Authorize: When you connect your eBay account, we send requests to eBay's API on your behalf. We only send the information necessary to perform the requested action (e.g., creating a draft listing).
  • **For Email Delivery:** We use Brevo to send transactional emails (like password resets). We provide your email address to this service only for the purpose of sending that email.
  • For Legal Reasons: We may disclose information if required to do so by law or in response to a valid request from a law enforcement agency.

4. Data Security

We take reasonable measures to protect your information. Your password is never stored in plain text; it is hashed using industry-standard bcrypt. All API keys and tokens are stored securely.

5. Data Retention

We retain your account information and workshop data as long as your account is active. You can delete your account and all associated data at any time by contacting us.

6. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us via the form on our "About Us" page.