Privacy Policy

Last updated: 27/03/2026

This privacy policy describes how VintedWatch collects, uses, and protects users' personal data, in compliance with Regulation (EU) 2016/679 (GDPR).

1. Data Controller

The data controller for personal data processing is VintedWatch. For any privacy-related requests, you can contact the data protection officer at: privacy@vintedwatch.com

2. Data Collected

Data	Purpose	Required
Email address	Registration, login, email notifications	Yes
Password (bcrypt hash)	Authentication	Yes
Telegram Chat ID	Sending notifications via Telegram	No
Alert preferences	Configuration of search criteria and notifications	No
Payment data	Managed entirely by Paddle (Merchant of Record)	Only for paid plans

We do not collect browsing data, do not use profiling cookies, and do not collect users' Vinted credentials.

3. Purpose of Processing

Service delivery: listing monitoring and sending notifications according to user-configured criteria
Account management: registration, authentication, subscription plan management
Service communications: account-related notifications, terms updates, technical communications

4. Legal Basis

Performance of contract (art. 6.1.b GDPR): for service delivery and account management
Consent (art. 6.1.a GDPR): for sending notifications via Telegram (provided by linking your Telegram account)
Legitimate interest (art. 6.1.f GDPR): for service security and abuse prevention

5. Data Sharing

Personal data may be shared with the following third parties, exclusively for the purposes indicated:

Recipient	Purpose	Data Shared
Paddle.com Market Limited	Payment processing and billing (Merchant of Record)	Email, payment data
Telegram Bot API	Sending notifications via Telegram	Telegram Chat ID, notification content
SMTP Provider (Brevo/other)	Sending notifications via email	Email address, notification content

We do not sell or share personal data with third parties for marketing purposes.

6. Data Subject Rights

Under the GDPR, you have the right to:

Access: obtain confirmation of the existence of your data and receive a copy
Rectification: request correction of inaccurate or incomplete data
Erasure: request deletion of your data ("right to be forgotten")
Restriction: request restriction of processing in certain cases
Portability: receive your data in a structured, commonly used, and machine-readable format
Objection: object to processing based on legitimate interest
Withdrawal of consent: withdraw consent at any time, without affecting the lawfulness of prior processing

To exercise these rights, write to privacy@vintedwatch.com. We will respond within 30 days of receiving your request.

You also have the right to lodge a complaint with the competent supervisory authority (Italian Data Protection Authority — Garante per la protezione dei dati personali).

7. Cookies and Tracking Technologies

VintedWatch uses only strictly necessary technical cookies for the operation of the service. Specifically:

JWT Token: stored in localStorage to maintain the authentication session

We do not use profiling cookies, third-party cookies for advertising purposes, or analytics tracking tools.

8. Data Retention

Personal data is retained for the duration of the contractual relationship with the user. Upon account deletion:

Account data is deleted within 30 days
Billing data is retained for the period required by applicable tax regulations
Anonymized technical logs may be retained for up to 12 months

9. Security

We implement appropriate technical and organizational measures to protect personal data, including:

Password encryption via bcrypt hashing
Secure communications via HTTPS
Data access restricted to authorized personnel

10. International Transfers

Personal data may be transferred to countries outside the European Economic Area only where adequate protection guarantees are ensured (e.g., Standard Contractual Clauses approved by the European Commission).

11. Contact

For any questions regarding this privacy policy or the processing of personal data:

Data protection officer: privacy@vintedwatch.com
General support: support@vintedwatch.com