Privacy Policy

Last updated: April 2026

1. What We Collect

We collect the following types of information:

  • Account data: Name, email address, and authentication credentials when you create an account.
  • Store data: Store name, address, settings, staff accounts, and configuration preferences.
  • Transaction data: Sales, returns, trade-ins, and payment records processed through the Service.
  • Customer data:Information about your store's customers that you enter into the system (names, contact info, purchase history, loyalty points). This data belongs to you and is stored on your behalf.
  • Inventory data: Product listings, pricing, stock levels, and marketplace sync data.
  • Usage data: Basic analytics about how you use the Service to help us improve the product.

2. How We Use Your Data

  • To operate and provide the Service
  • To process payments through Stripe
  • To sync inventory with marketplace platforms you connect (eBay, etc.)
  • To generate reports and insights for your store
  • To send transactional emails (order confirmations, shipping notifications)
  • To improve the product based on aggregate usage patterns
  • To provide customer support

We never sell your data to third parties. Period.

3. Data Storage and Security

Your data is stored in a managed PostgreSQL database hosted by Prisma Data Platform. All data is encrypted at rest and in transit. We use industry-standard security practices including TLS encryption, hashed passwords and PINs, and scoped access controls.

4. Third-Party Services

We integrate with the following third-party services:

  • Stripe— Payment processing and terminal readers. Stripe's privacy policy applies to payment data.
  • Scryfall — Magic: The Gathering card data and pricing (public API, no personal data shared).
  • Pokemon TCG API — Pokemon card data and pricing (public API, no personal data shared).
  • ShipStation — Shipping label generation and fulfillment (order and address data shared for shipping purposes).
  • Resend — Transactional email delivery (email addresses and message content).
  • Google OAuth — Authentication (we receive your name and email from Google when you sign in).

5. Data Retention

Your data is retained for as long as your account is active. If you cancel your account, your data remains available for export for 30 days. After the 30-day window, all data associated with your account is permanently deleted from our systems and backups.

6. GDPR and CCPA Compliance

We support the following data rights for all users:

  • Right to access: You can export all your data at any time from your dashboard.
  • Right to deletion: You can request deletion of your account and all associated data.
  • Right to portability: Data exports are provided in standard formats (CSV, JSON).
  • Right to correction: You can update your information at any time through the Service.

Customer Data Deletion

Store customers can request deletion of their personal data by contacting the store owner. Store owners can export and delete customer data directly from the dashboard.

  • Personal information (name, email, phone) is permanently removed from the customer record.
  • Financial records (sales, returns, trade-ins) are anonymized rather than deleted, as required for tax and audit compliance.
  • Customer notes are permanently deleted.
  • Deletion is permanent and irreversible. Anonymized financial records cannot be re-linked to the original customer.
  • If the customer has an Afterroar account, our headquarters (Full Uproar Games) is automatically notified to handle cross-platform deletion.

To exercise any of these rights, contact privacy@afterroar.store or ask your store owner to process the request from their dashboard.

7. Cookies

We use session cookies only, strictly necessary for authentication and keeping you signed in. We do not use tracking cookies, advertising cookies, or any third-party analytics cookies. No cookie banner is required because we only use essential cookies.

8. Children's Privacy

The Service is designed for business use and is not directed at individuals under 18. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes via email or in-app notification. The "Last updated" date at the top of this page indicates when the policy was last revised.

10. Contact

For privacy-related questions or requests, contact us at privacy@afterroar.store.

Full Uproar Games LLC