← Back to Gradeon
Privacy Policy
Last updated: 2026-04-19
1. Introduction
Gradeon ("we", "our", "us") respects your privacy and is committed to
protecting your personal data. This Privacy Policy explains how we collect,
use, and safeguard your information when you use the Gradeon mobile
application ("the Service").
2. Information We Collect
2.1 Account Information
- Email address (for authentication)
- Google account information (if using Google Sign-In)
- User ID (generated by our authentication provider)
2.2 Card Data
- Images of trading cards you upload or capture
- AI-generated grading analysis
- Defect annotations (AI-detected and user-corrected)
- Card metadata (name, set, number)
2.3 Pricing Data
- Card price information from PriceCharting API
- Historical price tracking data
- Pokémon TCG card selections
2.4 Technical Data
- Device information
- App version
- Usage timestamps
- Error logs and diagnostics
3. How We Use Your Information
We use your data to:
- Provide the Service: Process card images, generate grades, fetch pricing data
- Improve AI Models: Train and improve our card grading algorithms
- Store Your Collection: Save your scanned cards and pricing history
- Authenticate Users: Manage account access and security
- Provide Support: Respond to inquiries and troubleshoot issues
4. Data Storage and Security
4.1 Where We Store Data
Your account, card data, and uploaded images are stored using Supabase (Postgres + Object Storage). Card image analysis runs on Google Cloud Run.
4.2 Data Security
We implement security measures including:
- Encrypted data transmission (HTTPS/TLS)
- Row-level security on the database to protect user data
- Authentication requirements for data access
- Regular security updates and monitoring
4.3 Data Retention
We retain your data for as long as your account is active. You can
delete your account and all associated data at any time from within
the app.
5. Third-Party Services
We use the following third-party services:
- AI Analysis Engine: For card image analysis (data sent to our secure AI provider for processing)
- PriceCharting: For market pricing data
- Pokémon TCG API: For card database information
- Supabase: For authentication, database, and storage
- Google Cloud Run: For card image analysis
Each service has its own privacy policy. We are not responsible for
third-party data practices.
6. Your Rights
You have the right to:
- Access: View all data we store about you
- Export: Download your card images and grading data
- Delete: Remove your account and all associated data
- Correct: Edit defect annotations and card information
- Object: Opt-out of data collection by not using the Service
7. Children's Privacy
The Service is not intended for users under 13 years of age. We do not
knowingly collect personal information from children under 13. If you
believe a child has provided us with data, please contact us immediately.
8. International Users
Your data is stored in Supabase data centers, which may be located in
different countries. By using the Service, you consent to the transfer
of your data to these locations.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify
users of significant changes by updating the "Last updated" date.
Continued use of the Service after changes constitutes acceptance of
the updated policy.
Note: This Privacy Policy is provided for transparency.
For legal enforcement of your data rights under GDPR, CCPA, or other
regulations, please contact us directly.