Vendlists
BrowseLog in

Privacy Policy

Last updated: March 2026

We believe privacy policies should be readable by humans. Here's what we collect, why, and what we do with it.

What we collect

Account info: Your name, email, and password (hashed — we can't read it). This is the minimum needed to run your account.

eBay account data: When you connect your eBay account, we receive an API token that lets us manage listings on your behalf. We also sync listing data (titles, descriptions, photos, prices) to provide the service.

Usage data: Basic analytics like page views and feature usage. No fingerprinting or cross-site tracking.

What we DON'T collect

  • Your eBay password (we use OAuth tokens)
  • Credit card numbers (Stripe handles all payment data)
  • Your browsing history outside Vendlists
  • Data from your contacts, camera, or other apps

How we use your data

To run the platform: Creating and managing eBay listings, syncing data with eBay, providing analytics and insights.

To communicate with you: Account notifications, feature updates, and product news. You can unsubscribe from marketing emails anytime.

To improve Vendlists: Understanding which features people use helps us build a better product.

Who sees your data

eBay: We send listing data to eBay via their API when you publish listings. This is the core function of the service.

Stripe: Handles subscription billing. They have their own privacy policy.

Nobody else. We don't sell your data, share it with advertisers, or give it to data brokers. Period.

Data retention

Active account data: kept while your account is active.

Deleted accounts: we remove your personal info and revoke eBay API tokens immediately.

Your rights

You can:

  • Download your data — email us and we'll send you everything we have
  • Delete your account — go to Settings, click Delete Account
  • Correct your info — update your profile anytime
  • Unsubscribe from emails — every email has an unsubscribe link
  • Revoke eBay access — disconnect from Settings or directly in eBay

Cookies

We use a session cookie to keep you logged in. That's it. No tracking cookies, no third-party cookies, no cookie banners because we don't need them.

Security

Passwords are hashed with bcrypt (industry standard). All data is transmitted over HTTPS. Auth tokens are stored in httpOnly cookies (JavaScript can't access them). eBay API tokens are encrypted at rest.

If we ever discover a data breach, we'll notify affected users within 72 hours.

Privacy questions? hello@vendlists.com