Privacy Policy
HANDORA respects your privacy. This page explains what data we collect, why, where it goes, how long we keep it, and how you control it.
TODO (legal): Confirm controller/processor entity, EU/UK representative if required, DPO contact, and regional supplements (GDPR Art. 13/14, CCPA disclosure of categories sold/shared in last 12 months, UK GDPR, Brazil LGPD, California "Do Not Sell or Share" link).
1. What we collect
Account data
When you sign up we collect your email address, display name, and (if you sign up with Google) the basic profile fields Google sends us. We store this in Firebase Authentication and a private user document in Firestore.
Buying data
When you place an order we collect your shipping address, the contents of the order, and a record of the Stripe payment (we never store your card number — Stripe holds that). Refund requests you submit include the reason and any photos you attach.
Selling data
Creators submit a shop name, story, location, social handles, and bank / tax information through Stripe Connect. Stripe holds your bank account and tax ID directly; HANDORA stores only your Stripe connected-account ID and flags like whether payouts are enabled.
Content you upload
Product photos, shop banners, avatars, review photos, refund evidence, and custom-request references. All stored in Firebase Storage and served from HANDORA URLs.
Messages
Direct messages between buyers and creators are stored on our servers so both parties can read them. Treat anything you send through HANDORA as readable by the recipient and by HANDORA’s support team when responding to abuse reports.
Usage data
Standard server logs (IP address, user agent, request paths, timestamps). We use these for debugging, abuse prevention, and aggregate analytics.
TODO (legal): If/when we add an analytics provider (e.g. PostHog, GA4) or error monitoring (e.g. Sentry), list them here with a brief description.
2. Why we use it
- Operate the marketplace — show you orders, conversations, listings, payouts
- Process payments through Stripe (legal basis: contract)
- Detect and prevent fraud, abuse, and illegal listings (legitimate interest)
- Improve the product based on aggregated, anonymous usage patterns
- Send transactional emails — order confirmations, shipment notifications, refund updates, password resets
- Send occasional product announcements (you can unsubscribe at any time)
3. Who we share it with
We share data only with vendors that make HANDORA function:
- Stripe — payments, Connect, refunds. See Stripe’s Privacy Policy.
- Google / Firebase — auth, database (Firestore), storage, hosting. See Firebase’s Privacy Policy.
- Email delivery — for transactional messages. TODO (legal): name the provider when added (SendGrid, Resend, etc.).
Counterparties on a transaction (buyer ↔ seller) see each other’s name and shipping address as needed to fulfill the order. Reviews are public. Aside from those, we don’t sell or share your personal data with third parties for their own marketing.
4. How long we keep it
- Account profile: while your account is open, plus a short period after closure for legal compliance
- Orders, payments, refunds: at least 7 years for tax and accounting
- Messages: until either party deletes them, or 5 years, whichever comes first
- Server logs: 90 days
TODO (legal): Confirm retention periods match the jurisdictions you operate in. Some EU member states require longer minimums for tax records.
5. Your rights
Depending on where you live, you may have the right to:
- See what personal data we hold about you
- Correct inaccurate data
- Ask us to delete data (subject to tax / fraud-prevention retention)
- Take your data with you (data portability)
- Object to or restrict certain processing
- Withdraw consent for marketing emails (use the unsubscribe link in any email)
- Complain to your data-protection authority
To exercise any of these, email privacy@myhandora.com. We’ll respond within 30 days. You can also close your account at any time from Account → Sign-in & security, which deletes your profile + your creator shop profile if applicable. Past orders and reviews stay on HANDORA for record-keeping.
6. International transfers
TODO (legal): Disclose where HANDORA’s servers are located (Firebase region) and what cross-border transfer mechanism applies (Standard Contractual Clauses, UK IDTA, etc.) for users outside that region.
7. Children
HANDORA isn’t intended for anyone under 18. If we learn we’ve collected data about someone under that age, we’ll delete it.
8. Cookies and similar tech
We use a small number of strictly-necessary cookies to keep you signed in, remember your cart, and remember your shipping-destination preference. We don’t use tracking cookies for advertising.
9. Changes to this policy
We may update this Privacy Policy. Material changes will be announced via email and an in-app notice at least 14 days before they take effect.
10. Contact
Questions or requests: privacy@myhandora.com.