Skip to content
sleeved.it
Get Sleeved →

Legal

PRIVACY

POLICY.

Your data is yours. We collect only what we need to run the platform, we never sell it, and we give you full control to export or delete it at any time.

Effective: March 2026

INFORMATION WE

COLLECT.

Account dataName, email address, username, profile photo, and account preferences you provide during registration.
Collection dataEvery record, CD, or cassette you add — titles, artists, condition grades, notes, and photos you upload.
Transaction dataMarketplace activity including listings you create, orders placed, and shipping information. Payment processing is handled by PayPal — we never see your payment details.
Usage analyticsHow you interact with the platform: pages visited, features used, search queries. Used to improve the product. Collected via Vercel Analytics.

HOW WE

USE IT.

Provide the servicePower your sleeve, showcase, marketplace listings, and all core features.
Improve the platformUnderstand which features are most valuable. Identify and fix bugs. Build better things.
CommunicateSend transactional emails (order confirmations, dispute notifications, account alerts). We do not send marketing emails without consent.
Prevent fraudDetect unusual patterns, protect marketplace integrity, and keep the community safe.

WHAT WE

SHARE.

We never sell dataYour personal data is never sold to advertisers, data brokers, or any third party. Full stop.
PayPalWhen you make a marketplace transaction, relevant order details are shared with PayPal to process the payment. PayPal's privacy policy governs that data.
Discogs (import only)If you use the Discogs import feature, we access your Discogs data only with your explicit OAuth consent. We import only what you authorize. We do not store your Discogs credentials.
Legal requirementsWe may disclose data if required by law, court order, or to protect the safety of users or the public.

DATA

STORAGE.

Data is stored in PostgreSQL via Supabase, with encryption at rest. All connections use HTTPS/TLS in transit. Supabase infrastructure runs on AWS in US and EU regions.

Cover art and uploaded photos are stored in Supabase Storage and served via CDN. Files are private by default unless explicitly attached to a public listing or collection item.

We maintain backups and monitor for unauthorized access. Security incidents are disclosed within 72 hours as required by GDPR.

YOUR

RIGHTS.

These rights apply to all users regardless of location. GDPR (EU/UK) and CCPA (California) rights are fully honored.

Right to accessRequest a copy of all personal data we hold about you. We'll provide it within 30 days.
Right to exportExport your full collection data at any time from your profile settings, in standard portable formats.
Right to deleteRequest complete deletion of your account and associated data. Public content is removed immediately; server-side deletion completes within 30 days.
Right to correctUpdate or correct any personal information directly in your profile settings, or contact us at privacy@sleeved.it.
Right to restrictObject to certain processing of your data. Contact privacy@sleeved.it with the specific request.

COOKIES &

TRACKING.

Session cookiesEssential for authentication. Required to keep you logged in across your session.
Vercel AnalyticsPrivacy-preserving analytics that measure page views and performance. No cross-site tracking, no fingerprinting, no third-party ad networks.
No tracking cookiesWe do not use third-party advertising or tracking cookies. Your browsing behavior on Sleeved is not shared with any ad network.

CHILDREN

Sleeved is not intended for anyone under 13. We do not knowingly collect data from children under 13. If we become aware of such collection, we delete the data promptly.

RETENTION

We keep your data for as long as your account is active. If you delete your account, public content is removed immediately and all data is permanently deleted within 30 days.

INTERNATIONAL

Data is stored in US and EU regions via Supabase. For EU users, transfers comply with GDPR standard contractual clauses. We do not transfer data to countries without adequate protection.

QUESTIONS &

CONTACT.

We may update this policy as the platform evolves. When we make material changes, we'll notify you by email and post the updated policy with a new effective date.

Privacy questions, data requests, or complaints: contact us at privacy@sleeved.it. We respond within 30 days.

YOUR DATA,

YOUR RULES.

We built Sleeved for collectors who care about their collections. We care about your data the same way.

Privacy Policy — Sleeved | Sleeved.it