Privacy Policy

Last updated: February 21, 2026  ·  Effective immediately

Your privacy matters to us. This policy explains what data we collect, why we collect it, how we use it, and your rights regarding your data. Please read it carefully.

1. Who We Are

Lotalyze ("we," "us," or "our") is an auction analytics platform operated from Medford Lakes, New Jersey, United States. We operate the website at lotalyze.com and provide subscription-based resale intelligence tools.

For privacy-related questions, contact us at: privacy@lotalyze.com

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: Email address and password (stored as a hashed value — we never store your plain-text password).
  • Payment information: Billing details are collected and processed directly by Stripe, Inc. We do not store your credit card number or full payment details on our servers.
  • Communications: Any messages you send us via email or support channels.
  • Saved preferences: Filter settings, sort preferences, and dashboard configurations you choose to save.

2.2 Information Collected Automatically

  • Log data: IP address, browser type, operating system, referring URLs, pages viewed, and timestamps of visits.
  • Device information: Device type, screen resolution, and browser version.
  • Usage data: Features used, filters applied, pages visited, and interactions with the Service.
  • Cookies and local storage: We use browser local storage to save your display preferences. See Section 7 for details.

2.3 Information from Third Parties

  • Payment processor: Stripe provides us with subscription status, customer ID, and transaction metadata (not full card details).
  • Auction data sources: Publicly available listing data aggregated from third-party auction platforms for display in the Service.

3. How We Use Your Information

Purpose Data Used Legal Basis
Provide and maintain the Service Email, account data, usage data Contract performance
Process subscription payments Email, Stripe customer ID Contract performance
Send transactional emails (receipts, confirmations, password resets) Email address Contract performance
Respond to support requests Email, communications content Legitimate interest
Improve and optimize the Service Usage data, log data Legitimate interest
Detect fraud and enforce our Terms IP address, account activity, log data Legitimate interest / Legal obligation
Comply with legal obligations Any data necessary Legal obligation

We do not use your data for advertising, behavioral tracking, or sale to third-party marketers.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only as follows:

  • Stripe, Inc.: Payment processing. Stripe receives your email and payment details. Subject to Stripe's Privacy Policy.
  • Email service provider: We use a transactional email provider (GoDaddy/Secure Server) to send account-related emails. Your email address is shared for delivery purposes only.
  • OpenAI, Inc.: Product titles and brand names (no personal data) may be sent to OpenAI's API to generate market price estimates. We do not send your name, email, or payment information to OpenAI.
  • Hosting/infrastructure providers: Our application is hosted on Render.com and uses PostgreSQL. These providers may process data as part of delivering the Service.
  • Law enforcement / legal process: We may disclose information if required by law, subpoena, court order, or to protect the rights, property, or safety of Lotalyze, our users, or the public.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you via email prior to your data being transferred.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained for the life of your account plus 90 days after deletion.
  • Payment records: Retained for 7 years as required for tax and financial compliance.
  • Log data: Retained for up to 90 days.
  • Saved preferences: Retained until you delete them or close your account.

You may request deletion of your account and personal data at any time by contacting us at privacy@lotalyze.com. Note that some data may be retained as required by law.

6. Data Security

We implement reasonable technical and organizational security measures to protect your personal data, including:

  • All data transmitted between your browser and our servers is encrypted via HTTPS/TLS;
  • Passwords are hashed using industry-standard algorithms (bcrypt) — we cannot see your plain-text password;
  • Payment data is handled entirely by Stripe and never touches our servers;
  • Database access is restricted and credentials are stored as environment variables, not in code;
  • Regular security reviews of our application and infrastructure.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

7. Cookies and Local Storage

We use the following technologies to improve your experience:

  • Session cookies: Required for login authentication and maintaining your logged-in state. These are essential and cannot be disabled without breaking the Service.
  • Browser local storage: Used to save your dashboard filter preferences locally on your device. No personal data is stored in local storage. You can clear this at any time through your browser settings.

We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies (e.g., Google Analytics).

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request that we restrict processing of your data.
  • Withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email us at privacy@lotalyze.com. We will respond within 30 days.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information we collect, use, disclose, and sell;
  • The right to request deletion of your personal information;
  • The right to opt-out of the sale of your personal information — we do not sell personal information;
  • The right to non-discrimination for exercising your CCPA rights.

To submit a CCPA request, contact us at privacy@lotalyze.com.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we have inadvertently collected such information, please contact us immediately.

11. Third-Party Links

The Service may contain links to third-party websites, including auction platforms and marketplace listings. We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies before providing any personal information.

12. International Data Transfers

Lotalyze is operated from the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you by email at least 7 days before the change takes effect.

Your continued use of the Service after the effective date constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

For any privacy-related questions, requests, or concerns, contact us at:
Lotalyze
Medford Lakes, NJ, United States
Email: privacy@lotalyze.com