Privacy Policy

1. Who We Are

Mintage TCG is a personal trading-card-game collection tracker built in the Republic of the Philippines. The data controller for personal information collected through Mintage is the Mintage development team, contactable at privacy@mintagetcg.app.

2. Information We Collect

Account information, when you sign in with Apple:

• Your Apple-provided unique user identifier.
• Your email address (or Apple-provided private-relay address if you chose Hide My Email).
• Your name as supplied by Apple at first sign-in (used as your default display name; you can change it in onboarding or Profile).

Collection data, which you enter:

• Cards in your Real portfolio and Dreamer / wishlist binders.
• Variants, conditions, quantities, acquired prices, and notes you attach to those cards.
• Avatar selection (a bundled preset image — we do NOT collect or upload personal photographs of you).
• Badge showcase selections and Achievement progress.
• Currency preference (PHP / USD).

Mint Social user-generated content, which you choose to post publicly:

• Feed posts (text bodies, attached card thumbnails or share-card images you generated).
• Comments on other users' posts.
• Story posts (24-hour ephemeral content).
• Follow relationships and likes.
• Server-generated share-card images you produced from your Real or Dreamer collection (stored in our `social` storage bucket).

Camera and photo input, when you scan cards:

• When you use the camera to scan, frames are processed locally on your device for barcode + OCR detection. The image bytes are not transmitted to our backend.
• When the on-device scanner can't identify a card, you may opt into a cloud-vision identification call. In that case the frame is sent to our backend ONLY for the duration of that single identification request and is not retained after the call completes.
• When you select a photo from your library, the image follows the same flow as a camera frame.

Brie AI assistant, when you talk to Brie:

• Your chat messages and the related collection metadata are processed on your device through Apple Intelligence Foundation Models and are not transmitted to our backend for AI inference.
• We record anonymized usage metadata only — message counts and timing for fair-use rate limiting — never the text of your chats. See Section 5 ("AI Processing") for details.

Push notification information, if you opt in:

• Your iOS device token, used to address push notifications to your device.
• Per-category notification preferences (wishlist alerts on/off, big-mover alerts on/off, daily summary on/off).
• Send / delivery logs (notification_sends table) used to prevent duplicates within the same day.

Subscription state, if you purchase Pro or Founder:

• Apple in-app purchase receipt + entitlement state, relayed through RevenueCat to our backend.
• We store WHETHER your account has an active Pro/Founder entitlement and the subscription product ID. We do NOT receive your Apple ID password, your payment method, or your credit-card details — Apple handles those entirely.

Usage telemetry, generated automatically as you use the app:

• Anonymized event logs (which features you use, performance metrics).
• Crash and error reports.
• Brie usage metadata: latency, tool-call counts, message counts for rate-limit accounting. Never the text content of your chat.

3. How We Use Your Information

• To provide and maintain Mintage's features (scanning, collection tracking, price updates, dream pulls, AI chat, social feed).
• To synchronize your collection across your devices.
• To generate AI-assisted answers and narrations via Brie.
• To deliver push notifications you opted into.
• To unlock Pro / Founder features when you purchase a subscription via Apple.
• To improve the app via aggregated, anonymized usage analytics.
• To communicate with you about account or service issues, security alerts, and important changes.

4. Third-Party Services

We share specific data with the following providers as part of operating the service. Each is bound by its own privacy terms; we link to them for your reference.

• Supabase — primary database, authentication, and object storage. Stores your account record, collection data, Mint Social content, and uploaded share-card images. Hosted in the United States.
• Apple Sign in with Apple — identity provider. Apple authenticates you and supplies us with your Apple-provided identifier and (if you don't choose Hide My Email) your email address.
• RevenueCat — subscription-state management. Receives your Apple in-app purchase receipt from Apple and forwards the entitlement state to our backend.
• Apple Push Notification service (APNs) — delivers push notifications to your device. We send the device token + message payload to APNs; Apple routes it to your device.
• TCGCSV / TCGplayer — public TCG market data source. We FETCH pricing data from them; we do NOT send any user information to them.
• eBay public sold-listing data — used to compute graded-price aggregates. We do NOT send any user information to eBay.
• Railway — application hosting for our backend services (FastAPI, scrapers, MintBoy, Mint Bots). Data passes through Railway servers during request processing.

5. AI Processing and Brie

When Brie answers a chat or summarizes your collection, all AI processing happens on your device through Apple Intelligence Foundation Models. Your chat message, the relevant collection metadata, and any tool-call results are processed locally and do not leave your iPhone for AI inference.

We do not use any third-party cloud AI provider for Brie's chat or narration. If we ever introduce one, this Privacy Policy will be updated and you will be notified in-app at least 30 days before the change takes effect.

Mint Social community bots (MintBoy + ~30 personality bots) generate their own posts, comments, and stories from prompts we control. The bots do not process YOUR data and do not read your collection or your chats.

6. Push Notifications

Push notifications are entirely opt-in. After you grant iOS the permission, your device token is stored in our backend so we can address messages to your device. You can revoke iOS notification permission at any time (Settings → Notifications → Mintage), and you can independently toggle each notification type inside the Mintage Settings screen:

• Wishlist hits — fires when a card on your wishlist hits your target price.
• Big movers — fires once per day with the top 3 dollar swings in your Real collection (only if movement exceeds the threshold).
• Daily portfolio summary — fires once per day with a brief snapshot of your portfolio's movement.

We never send marketing or promotional pushes. We do not share device tokens with third parties other than APNs (required to deliver the notification) and Railway (required to host the sending service).

7. Data Retention

We retain personal data only as long as we have a legitimate business or legal reason to do so:

• Account record (Apple identifier, email, display name): retained while your account is active and for up to 30 days after account deletion to allow recovery in case of accidental deletion.
• Collection data (portfolio, wishlist, scans, lots, conditions, notes, dream pulls, target hits): retained while your account is active and removed from active systems within 30 days of account deletion.
• Mint Social content (posts, comments, stories, share-card images): public content stays as long as you keep it; deleted posts are removed from active systems immediately, with residual copies aging off encrypted backups within 7 days.
• Brie chat content: processed on your device and not stored on our backend. We retain only anonymized Brie usage metadata (message counts, timing) for up to 90 days for rate-limit accounting, then delete it.
• Device tokens + notification preferences: retained while your account is active and deleted within 30 days of account closure.
• Subscription entitlement state: retained for the life of your account plus 12 months for reconciliation with Apple's records.
• Encrypted database backups: retained on Supabase's standard rolling 7-day point-in-time recovery window. Deleted records are purged from backups as backups age out of that window.
• Anonymized telemetry and crash logs: retained for up to 12 months for app-improvement analysis, then aggregated or deleted.

8. Account Deletion

You can permanently delete your Mintage account and all associated personal information at any time, directly from inside the app:

• Open the app and go to the Profile tab.
• Tap "Delete Account".
• Confirm the deletion in the prompt that appears.

Once you confirm, your account record, collection data, wishlist, scans, dream pulls, badge showcase, Mint Social posts, comments, stories, follows, likes, device tokens, and notification preferences are removed from our active systems within 30 days. Encrypted backups roll off naturally within Supabase's 7-day point-in-time recovery window. We may retain a minimal record of the fact of deletion (an internal account ID and a deletion timestamp) for up to 12 months solely to comply with legal obligations and to prevent abuse.

If you cannot access the app — for example, if you've lost your device — you may also request deletion by emailing privacy@mintagetcg.app from the email address associated with your account. We will verify your identity and complete the deletion within 30 days.

9. Your Rights

You have the right to:

• Access — request a copy of the personal data we hold about you.
• Correct — fix inaccurate data via the Profile screen, or request correction by email.
• Delete — delete your account and all associated personal data via the Profile screen.
• Export — request your collection data in a machine-readable format.
• Opt out — disable optional analytics in Settings and disable any push category in the Notifications settings.

To exercise any of these rights, contact us at privacy@mintagetcg.app. We will respond within 30 days.

10. Philippine Data Privacy Rights (R.A. 10173)

If you are located in the Republic of the Philippines, the Data Privacy Act of 2012 (Republic Act 10173) gives you the following rights with respect to your personal information:

• Right to be informed — be informed whether personal data pertaining to you is being processed.
• Right of access — reasonably demand from us a description of the personal data and the purposes for which they were processed.
• Right to object — object to the processing of your personal data, including for direct marketing.
• Right to erasure or blocking — order the blocking, removal, or destruction of personal data from our filing system when justified.
• Right to rectification — dispute inaccuracies and have the data corrected.
• Right to data portability — obtain a copy of your personal data in a commonly used electronic format.
• Right to file a complaint with the National Privacy Commission (NPC) of the Philippines.

To exercise these rights, email privacy@mintagetcg.app with the subject line "NPC Data Subject Request". We will respond within the statutory period.

11. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act) gives you additional rights:

• Right to know — request the categories and specific pieces of personal information we have collected about you, the sources we collected it from, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to delete — request that we delete personal information we have collected about you, subject to certain legal exceptions.
• Right to correct — request that we correct inaccurate personal information we maintain about you.
• Right to opt out of sale or sharing — Mintage does NOT sell or share personal information for cross-context behavioral advertising.
• Right to limit use of sensitive personal information — Mintage does not use sensitive personal information beyond what is necessary to provide the service you requested.
• Right to non-discrimination — we will not deny service, charge different prices, or provide a different level of quality because you exercised your CCPA rights.

To exercise any of these rights, email privacy@mintagetcg.app with the subject line "California Privacy Request". We will verify your identity using your account email and respond within 45 days.

12. European Privacy Rights (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation and analogous laws give you these rights with respect to your personal data:

• Right of access — obtain confirmation that we process your personal data and a copy of that data.
• Right to rectification — have inaccurate or incomplete data corrected.
• Right to erasure ("right to be forgotten") — have your personal data deleted, subject to lawful exceptions.
• Right to restriction — restrict the processing of your data in certain circumstances.
• Right to data portability — receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
• Right to object — object to processing based on our legitimate interests.
• Right to withdraw consent — where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing.
• Right to lodge a complaint with the supervisory authority in your country.

Our legal bases for processing your personal data are contract performance (to provide the Mintage service you signed up for), our legitimate interests (to keep the app secure, prevent abuse, and improve performance), and compliance with legal obligations.

To exercise these rights, email privacy@mintagetcg.app with the subject line "GDPR Request". We will respond within one (1) month.

13. Children's Privacy (COPPA)

Mintage is intended for users aged 13 and older and is NOT directed at children under the age of 13. Use of the app — including Sign in with Apple — requires that the user be at least 13 years old.

Consistent with the U.S. Children's Online Privacy Protection Act (COPPA, 15 U.S.C. §§ 6501–6506), we do not knowingly collect, use, or disclose personal information from children under 13. If we learn that we have inadvertently collected personal information from a child under 13, we will delete that information promptly.

If you are a parent or legal guardian and believe your child under 13 has used Mintage or provided personal information to us, please contact us at privacy@mintagetcg.app and we will delete the account and associated data within 30 days.

14. International Data Transfers

Mintage is operated from the Republic of the Philippines, but our primary database (Supabase) is located in the United States, and our backend infrastructure (Railway) operates from multiple regions. By using Mintage from outside the United States, you consent to the transfer and processing of your information in the United States and other jurisdictions where data-protection laws may differ from those of your country.

15. Security

We use industry-standard security practices including HTTPS for all API traffic, password-less authentication via Apple, encrypted storage at rest on Supabase, and row-level security policies that prevent users from accessing each other's data. RevenueCat webhook signatures are verified before we update subscription state. No system is perfectly secure; in the unlikely event of a breach affecting your account we will notify you within 72 hours of detection as required by applicable law.

16. Cookies and Tracking

The Mintage mobile app does not use browser cookies. We use iOS Keychain (via Expo SecureStore) for local session caching. We do not use cross-app tracking identifiers (IDFA), advertising SDKs, or third-party behavioral-targeting services. The marketing website at mintagetcg.app uses only first-party cookies necessary for the site to function — no analytics, no ad tech, no third-party tags.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes (such as adding a new data processor or expanding the categories of data we collect) will be communicated via in-app notice with at least 30 days' lead time. The "Effective" date at the top reflects the most recent version.

18. Contact

For privacy-related questions or requests, contact us at privacy@mintagetcg.app. For general support, email support@mintagetcg.app.