CardResell / Privacy Policy

Privacy Policy

Last updated: July 2, 2026  ·  Effective immediately

Short version: We collect only what we need to run the app. We do not sell your data. Card images you upload for scanning are analyzed by OpenAI and are not stored by CardResell beyond the duration of your request.

1. Who We Are

CardResell is operated by Will Jones, Bradenton, FL. Contact: contact@cardresell.org.

2. Information We Collect

Account data: When you sign in with Google, we receive your Google account ID, display name, and email address. This is used solely to authenticate you and link your credits and subscription.

Usage data: We store your scan credit balance, subscription status, and flip/collection data in Firebase (Google) and Upstash (Redis). This data is associated with your Google account ID.

Card images: When you use the AI Grading Estimate or Card ID Scanner, your card photo(s) are sent to OpenAI's API for analysis. Images are transmitted securely and are not stored by CardResell servers beyond your immediate request. See OpenAI's Privacy Policy for how they handle API inputs.

Payment data: Payments are processed by Stripe. CardResell never sees or stores your full credit card number. See Stripe's Privacy Policy.

Analytics: We may use basic analytics (page views, feature usage) to improve the app. This does not include personally identifiable information.

3. How We Use Your Information

4. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We share data only with the following service providers necessary to operate the app:

We may also disclose data if required by law or to protect the rights, property, or safety of CardResell, its users, or the public.

5. Data Retention

Your account data is retained as long as your account exists. You may request deletion of your account and associated data at any time by emailing contact@cardresell.org. We will process deletion requests within 30 days.

Card images submitted for scanning are not retained by CardResell after the API response is returned. OpenAI's data retention policies apply to API inputs; see their privacy policy for details.

6. Cookies & Local Storage

CardResell uses Firebase Auth tokens stored in your browser's memory for authentication. We do not use third-party advertising cookies. We do not use localStorage or sessionStorage for personal data (these are blocked in certain environments for security reasons).

7. Children's Privacy

CardResell is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

8. Your Rights

Depending on your location, you may have rights including:

To exercise any of these rights, email contact@cardresell.org.

9. Security

We take reasonable measures to protect your information, including HTTPS encryption, Firebase security rules, and server-side authentication checks. No method of transmission or storage is 100% secure; use the Service at your own risk.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the Service after changes constitutes acceptance of the revised policy. The "Last updated" date at the top of this page reflects the most recent revision.

11. Contact

Questions about this Privacy Policy? Email contact@cardresell.org.

← Back to CardResell © 2026 CardResell · Will Jones · Bradenton, FL · Terms of Service