StuffHutt

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last updated: November 26, 2025

Quick Navigation

Information We CollectHow We Use DataData SharingYour RightsData SecurityContact Us

StuffHutt ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personal inventory management platform and related services (collectively, the "Service").

By accessing or using StuffHutt, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Service.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password, and profile details when you create an account.
  • Inventory Data: Information about items you add to your inventory, including descriptions, photos, categories, locations, and valuations.
  • Payment Information: Billing address and payment method details (processed securely through Stripe).
  • Communications: Messages you send to us, support requests, and feedback.
  • Appraisal Information: Photos and descriptions submitted for item appraisals.

1.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type, and unique device identifiers.
  • Usage Data: Pages visited, features used, time spent on the Service, and interaction patterns.
  • Log Data: IP address, access times, referring URLs, and error logs.
  • Cookies and Tracking: Information collected through cookies and similar technologies (see our Cookie Policy).

1.3 Information from Third Parties

  • OAuth Providers: If you sign in with Google, Facebook, or Apple, we receive basic profile information from these providers.
  • Product Data: We may supplement item information with publicly available product data to enhance your inventory.

2. How We Use Your Information

We use your information for the following purposes:

2.1 Provide and Improve the Service

  • Create and manage your account
  • Store and organize your inventory data
  • Process item appraisals and valuations
  • Enable search, filtering, and categorization features
  • Improve and personalize your experience

2.2 Process Transactions

  • Process subscription payments and appraisal purchases
  • Send transaction confirmations and receipts
  • Manage billing and subscription status

2.3 Communications

  • Respond to your inquiries and support requests
  • Send service-related notifications (security alerts, updates)
  • Send promotional communications (with your consent)

2.4 Security and Legal Compliance

  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and respond to legal requests
  • Enforce our Terms of Service

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share data with trusted third-party service providers who assist in operating our Service:

  • Supabase: Database hosting and authentication
  • Google Cloud Platform: File storage and infrastructure
  • Stripe: Payment processing (PCI-DSS compliant)
  • Typesense: Search functionality

3.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety, or that of our users or the public.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

3.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, such as when using marketplace features to sell items.

4. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

For EU/EEA Residents (GDPR)

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

For California Residents (CCPA)

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of exercising privacy rights

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@stuffhutt.com or through your account settings. We will respond within 30 days (or as required by applicable law).

Data Export: You can export your inventory data at any time from your account settings. We provide exports in JSON and CSV formats.

5. Data Retention

We retain your information as follows:

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Inventory Data: Retained while your account is active; deleted upon account deletion
  • Transaction Records: Retained for 7 years for legal and tax compliance
  • Usage Logs: Retained for 90 days for security and analytics purposes
  • Backup Data: Removed from backups within 90 days of deletion

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Authentication: Secure password hashing, MFA support, and OAuth integration
  • Access Control: Role-based access control and least-privilege principles
  • Infrastructure: Hosted on Google Cloud Platform with SOC 2 compliance
  • Monitoring: 24/7 security monitoring and incident response
  • Payment Security: PCI-DSS compliant payment processing via Stripe

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We encourage you to use strong passwords and enable multi-factor authentication.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data during international transfers.

8. Children's Privacy

StuffHutt is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately at privacy@stuffhutt.com.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email or in-app notification.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

10. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

StuffHutt Privacy Team

Email: privacy@stuffhutt.com

For EU residents, you also have the right to lodge a complaint with your local data protection authority.

Related Documents

Terms of Service →Cookie Policy →