Privacy Policy

Last updated: February 2026

Grail Den ("we," "our," or "us") operates the grailden.com website and the Grail Den macOS application (collectively, the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

1. Information We Collect

We collect the following types of information:

  • Account Information: Email address and display name when you create an account.
  • eBay OAuth Tokens: When you connect your eBay account, we store OAuth access and refresh tokens to perform searches and retrieve listing data on your behalf.
  • Collection Data: Information you enter about items in your collection, including descriptions, values, provenance records, and authentication details.
  • Search History: Your saved searches, search queries, and search preferences.
  • Usage Data: Basic analytics about how you interact with the Service, such as pages visited and features used.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Execute eBay marketplace searches on your behalf.
  • Store and manage your collection data.
  • Send notifications about saved searches (when enabled).
  • Respond to support requests.

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

3. eBay API Data

Our use of eBay API data is governed by the eBay API License Agreement. We access eBay data solely to provide search and listing functionality within the Service. eBay OAuth tokens are stored securely and are used only to authenticate API requests on your behalf. We do not share eBay data with any third parties.

4. Cookies and Local Storage

The Service uses cookies and browser localStorage to:

  • Maintain your authentication session.
  • Store your display preferences and settings.
  • Remember your most recent search parameters.

We do not use third-party tracking cookies or advertising cookies.

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encrypted connections (HTTPS/TLS) for all data in transit.
  • Secure server infrastructure with restricted access.
  • OAuth tokens stored server-side, never exposed to the client.

No method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention and Deletion

We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us at [email protected]. Upon receiving a deletion request, we will remove your data within 30 days, except where retention is required by law.

7. Third-Party Services

The Service integrates with eBay's API to provide marketplace search functionality. When you use eBay-related features, your interactions are also subject to eBay's own privacy policies. We encourage you to review eBay's privacy policy.

8. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page with a new "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, contact us at [email protected].