FanCraft Market Logo

Privacy Policy

Last Updated: October 1, 2025

1. Introduction

FanCraft Market ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

By using FanCraft Market, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

Account Information:

  • Email address (via Supabase authentication)
  • Display name and profile information
  • Vendor business details (for Vendor accounts)
  • Profile photos and banner images

Transaction Information:

  • RFQ details (descriptions, budgets, requirements)
  • Offer details (pricing, timelines, messages)
  • Payment information (processed by Stripe, not stored by us)
  • Order history and transaction records

Communications:

  • Messages between buyers and Vendors
  • Support tickets and correspondence
  • Email preferences and marketing consent

2.2 Automatically Collected Information

Usage Data:

  • Product views, clicks, and interactions
  • Search queries and browse history
  • Session duration and navigation patterns
  • Device information (browser type, OS, IP address)

Cookies & Analytics:

  • Session cookies for authentication
  • Analytics cookies (Google Analytics 4)
  • Marketing cookies (with your consent)
  • Session IDs for anonymous analytics tracking

2.3 Third-Party Data

We may receive data from:

  • Supabase: Authentication and user identity
  • Stripe: Payment processing and transaction data
  • Cloudinary: Image metadata and upload records
  • Social media: If you link accounts (e.g., Instagram for portfolio)

3. How We Use Your Information

3.1 Platform Operations

  • Create and manage your account
  • Process transactions and payments
  • Facilitate communication between buyers and Vendors
  • Provide customer support
  • Enforce our Terms of Service and policies

3.2 Improve Services

  • Analyze usage patterns to improve user experience
  • Track product performance for Vendor analytics
  • Develop new features and services
  • Conduct research and data analysis

3.3 Communications

  • Send transactional emails (order confirmations, RFQ updates)
  • Send administrative notifications (policy updates, security alerts)
  • Send marketing communications (with your consent, opt-out available)
  • Notify Vendors of relevant RFQs

3.4 Legal & Safety

  • Prevent fraud and abuse
  • Comply with legal obligations
  • Respond to law enforcement requests
  • Protect intellectual property rights
  • Enforce our terms and policies

4. How We Share Your Information

4.1 With Other Users

  • Vendor Profiles: Publicly visible (display name, logo, portfolio, services)
  • RFQ Details: Visible to Vendors who can respond to your requests
  • Reviews: Publicly visible when you rate Vendors
  • Messages: Shared with the recipient (buyer or Vendor)

4.2 With Service Providers

We share data with trusted third parties who help operate our Platform:

  • Supabase: Authentication and database hosting
  • Stripe: Payment processing (see Stripe Privacy Policy)
  • Cloudinary: Image storage and delivery
  • Brevo: Email delivery and marketing automation
  • Google Analytics: Usage analytics and insights
  • Discord: Notification webhooks (for support and admin alerts)

4.3 For Legal Reasons

We may disclose your information when required to:

  • Comply with laws, regulations, or legal processes
  • Respond to law enforcement or government requests
  • Enforce our Terms of Service
  • Protect rights, property, or safety of FanCraft Market or others
  • Investigate fraud or security issues

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide services to you
  • Comply with legal obligations (tax, accounting, dispute resolution)
  • Enforce our terms and policies
  • Prevent fraud and abuse

Account Data: Retained while your account is active and for 7 years after closure (for legal compliance).

Transaction Data: Retained for 7 years for tax and accounting purposes.

Analytics Data: Anonymized and retained indefinitely for platform improvement.

6. Your Rights & Choices

6.1 Access & Correction

You can access and update your account information at any time through your dashboard. For additional data access, contact support@fancraftmarket.com.

6.2 Data Deletion

You may request account deletion by contacting support. Note that some data may be retained for legal compliance.

6.3 Marketing Opt-Out

You can unsubscribe from marketing emails at any time via the "unsubscribe" link. Transactional emails cannot be opted out of.

6.4 Cookie Management

You can control cookies through your browser settings. Note that disabling cookies may affect platform functionality.

6.5 GDPR Rights (EU Users)

If you are in the EU, you have additional rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise these rights, contact privacy@fancraftmarket.com.

6.6 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt out of the sale of personal information
  • Request deletion of personal information
  • Non-discrimination for exercising CCPA rights

Note: We do not sell your personal information.

7. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Secure authentication via Supabase (industry-leading provider)
  • Regular security audits and updates
  • Access controls and staff training
  • Payment data handled by PCI-compliant Stripe

However, no system is 100% secure. You are responsible for maintaining the security of your account credentials.

8. Children's Privacy

FanCraft Market is not intended for users under 18. We do not knowingly collect data from children. If we discover that a child's data has been collected, we will delete it promptly.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses for EU data).

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted with a new "Last Updated" date. We will notify you of significant changes via email or platform notification.

11. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

Email: privacy@fancraftmarket.com
Data Protection Officer: legal@fancraftmarket.com
Support: support@fancraftmarket.com

Your Privacy Matters

We are committed to transparency and protecting your data. If you have concerns about how your information is handled, please reach out to our team.

Legal Review Recommended

This privacy policy is provided as a starting template. Before launching, consult with a qualified attorney to:

  • Ensure GDPR, CCPA, and other regional compliance
  • Customize for your specific data practices
  • Add jurisdiction-specific provisions
  • Review third-party service provider agreements