Legal

Privacy Policy

Effective June 1, 2026 · Terms of Service →
The short version: We collect what we need to run a marketplace and nothing more. We do not sell your data, share it with advertisers, or use it to build ad profiles. No tracking pixels, no third-party analytics that follow you across the web.

1. What we collect

We collect information in three ways:

You give it to us — email address (account creation, waitlist), name, shipping address, payment details (processed by PayPal — we never see raw card numbers), listing content (photos, descriptions, prices), and optionally your phone number if you choose to enable SMS notifications.

Stripe Identity gives it to us — Government ID type, name, and address for seller verification. We receive a verification result (pass/fail) and a reference ID. We do not store copies of your government ID.

Automatically — Standard server logs (IP address, browser type, pages visited, timestamps). We use these for security monitoring and abuse detection. Logs are retained for 90 days and then deleted.

2. What we never do with your data

We will never:

  • Sell your personal information to data brokers or third parties
  • Share your data with advertisers or ad networks
  • Use your data to build advertising profiles
  • Place third-party tracking pixels on our pages
  • Sell access to your email address to any party for any purpose
  • Use your listing photos for any purpose other than displaying your listing and recording the transaction

3. How we use your information

  • To operate the marketplace — show your listings, process payments, communicate transaction status
  • To verify seller identity before their first listing goes live
  • To detect and prevent fraud, fake listings, and account abuse
  • To send transactional emails (new messages, listing activity) via Amazon SES
  • To send SMS text message notifications if you have opted in and provided a phone number — transactional only, never marketing
  • To notify you when early access opens (waitlist only — one email)
  • To publish anonymized, aggregated transaction data on the public sold-price database

4. Identity verification via Stripe Identity

Verification process
Seller verification is handled entirely by Stripe Identity, a regulated financial-services provider. Your government ID is transmitted directly to Stripe — HiFi Registry does not receive, process, or store images of your ID document. We receive only a pass/fail result and a reference token.

Stripe's handling of identity data is governed by the Stripe Privacy Policy. You may contact Stripe directly to request deletion of your identity verification data.

5. Public sold-price database

When a transaction completes, the following information is published to our public sold-price database: item title, category, condition grade, sale price, and date of sale. Buyer and seller personal information (name, username, address) is not included in the sold-price record. The seller's username is visible on the listing page during the sale but is not surfaced in the sold-comps database.

6. Cookies and local storage

We use a single session cookie to keep you logged in. We do not use tracking cookies, advertising cookies, or persistent identifiers shared with third parties. We use browser localStorage to remember filter preferences on the browse page. No data stored locally is sent to any third party.

7. Data sharing

We share data with third parties only as required to operate:

  • PayPal — $15 listing fee collection. Payments are processed by PayPal on behalf of HiFi Registry. We receive a payment confirmation only. We never see your PayPal balance, linked accounts, or transaction history. See paypal.com/privacy.
  • Stripe Identity — optional seller identity verification only. Stripe does not process any payments on HiFi Registry. See stripe.com/privacy.
  • Amazon Web Services (AWS) — cloud infrastructure provider. Our database, API, and file storage run on AWS. Transactional email is delivered via Amazon SES. If you opt in to SMS notifications, messages are delivered via Amazon SNS. AWS does not use your data for advertising or share it further. See aws.amazon.com/privacy.
  • Cloudinary — listing photo hosting and delivery. Photos you upload are stored and served by Cloudinary.

We do not use Google Analytics, Meta Pixel, or any third-party advertising SDKs. PayPal receives only the information necessary to process the $15 listing fee. HiFi Registry does not receive or store your PayPal account details.

None of these providers are authorized to use your data for their own marketing or to share it further.

8. SMS notifications and phone numbers

Providing a phone number is entirely optional. If you choose to add one and enable SMS notifications, the following applies:

  • Your phone number is used solely to deliver transactional SMS notifications (new messages, offer updates, listing activity). It is never used for marketing, sold to third parties, or shared with advertisers.
  • SMS messages are delivered through Amazon SNS (AWS). Your phone number is transmitted to AWS solely for delivery purposes.
  • You may remove your phone number or disable SMS notifications at any time in account settings, or by replying STOP to any HiFi Registry text message. Removal takes effect immediately.
  • We retain a record of your SMS opt-in consent (timestamp, phone number, and consent language shown) for 4 years as required by the Telephone Consumer Protection Act (TCPA). This record is not used for any other purpose.
  • Message and data rates may apply. HiFi Registry is not responsible for charges imposed by your carrier.

9. Data retention

  • Account data — retained for the life of your account plus 2 years after deletion (for legal records)
  • Transaction records — retained indefinitely (required for sold-price database and tax reporting)
  • Phone number — retained while SMS notifications are enabled. Removed immediately upon opt-out or account deletion. SMS opt-in consent records are retained for 4 years for TCPA compliance purposes.
  • Server logs — 90 days, then deleted
  • Waitlist emails — deleted upon platform launch or upon request

10. Your rights

You may request a copy of your personal data, correction of inaccurate data, or deletion of your account by emailing privacy@hifiregistry.com. We will respond within 30 days. Note that transaction records (prices, dates, condition grades) in the sold-price database cannot be deleted — they are part of the immutable price history that buyers rely on. Your name and username are not attached to those records.

11. Changes to this policy

We will notify registered users by email of any material changes to this Privacy Policy at least 14 days before they take effect. The effective date at the top of this page reflects the most recent version. The previous version is available upon request at privacy@hifiregistry.com.
Terms of Service →Fee Schedule →Moderation Policy →