MarketsBrowse cardsDealsPortfolio
privacyMarketsBrowse cardsHomeEscape

Privacy Policy

Effective May 7, 2026

1. Introduction

CardClaw (“we”, “us”, “our”) operates cardclaw.io and the CardClaw web application. This Privacy Policy describes the personal information we collect, how we use and share it, and the choices you have. We aim to keep our data practices simple and proportional: we collect only what we need to make the product work and, where required by law, only after you opt in.

2. Scope

This policy applies to visitors of cardclaw.io, users of the CardClaw progressive web app, and people who contact us directly. It does not apply to third-party websites that we link to.

3. Information We Collect

3.1 Information you provide

  • Email address, when you sign up, request product updates, or contact support.
  • Card images, when you upload photos to the scanner. Images are re-encoded as JPEG and EXIF metadata (including GPS) is stripped before they leave your device.
  • Watchlist and portfolio data (card identifiers, quantities, optional cost basis) you save while signed in.

3.2 Information collected automatically

  • Usage events (page views, button clicks, scanner outcomes, anonymized IP) collected through PostHog and Plausible. We use these to debug the product and measure feature adoption.
  • Device and browser information (user agent, screen size, locale) when you load the site.
  • Cookies and local storage for session continuity, preferences, and analytics.

4. How We Use Information

  • To run the scanner, search, and pricing features you request.
  • To send transactional emails (account, security, scan results).
  • To debug issues, improve identification accuracy, and prioritize roadmap work.
  • To meet legal obligations and enforce our Terms of Service.

5. How We Share Information

We do not sell personal information. We share it only with:

  • Service providers who process data on our behalf — hosting (Cloudflare, Hostinger), database (PostgreSQL), email (Resend), payments (Lemon Squeezy when paid tiers launch), analytics (PostHog, Plausible).
  • Legal authorities when we are required by law, subpoena, or to protect users from harm.
  • Acquirers, in the event CardClaw is acquired or merged with another company. We will notify you and continue to honor this policy.

6. Cookies

We use a small number of strictly-necessary cookies and local-storage entries for session continuity and to remember your preferences. We also offer optional analytics (PostHog, Plausible). On your first visit we show a consent banner; analytics scripts are not loaded until you choose “Accept all”. Choosing “Reject analytics” keeps the optional scripts off and stores only the consent choice itself.

7. Your Rights

Depending on where you live, you may have the right to access, correct, delete, or export the personal information we hold about you, and to object to or restrict processing. Email privacy@cardclaw.io to exercise any of these rights. We respond within 30 days.

8. Data Retention

  • Account data: kept while your account is active and for up to 90 days afterward.
  • Scanner uploads: stored at low resolution for up to 30 days unless you confirm a result (in which case anonymized versions may be used to improve identification accuracy, per our Terms).
  • Analytics events: aggregated indefinitely; raw event records retained for up to 12 months.

9. Children

CardClaw is not directed to children under 13. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA). If you believe a child has provided us with personal information, contact us and we will delete it.

10. International Transfers

We are based in the United States. By using CardClaw, you consent to your information being processed in the US, where data-protection laws may differ from those of your home country.

11. Security

We use TLS in transit, encrypted database backups, restricted production access, and principle-of-least-privilege service accounts. No system is perfectly secure; we will notify affected users without undue delay if we discover a material breach.

12. Changes to This Policy

We may update this policy. We’ll post the new effective date at the top and, for material changes, notify registered users by email at least 14 days before the change takes effect.

13. Contact

Questions? Email privacy@cardclaw.io or write to:
CardClaw, c/o the operator, Pittsburgh, Pennsylvania, USA.

Pokémon and all related trademarks © 1995–2026 Nintendo / Creatures Inc / GAME FREAK inc. CardClaw is an independent service and is not affiliated with, endorsed by, or sponsored by The Pokémon Company International.

cardclaw.io · contact: support@cardclaw.io