← Back to LotDeck

Privacy Policy

LotDeck is a product of Wyser Baron LLC ("we", "our", "us"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have over your data when you use the LotDeck mobile app, web app, marketing website, and related services (collectively, the "Service").

If you have questions or want to exercise any of the rights described in this policy, contact us at support@wyserbaron.com.

1. Who Owns Your Data

LotDeck is a multi-tenant business platform. Each auction house ("tenant") owns and controls its own auction records inside the Service. The owner of the tenant is the data controller for the auction-house's data; LotDeck is the data processor. Staff members invited to a tenant act under the owner's authority.

You retain ownership of all auction data, lot descriptions, images, customer records, and other content you create. We process this data on your behalf solely to provide the Service.

2. Information We Collect

From you, directly

• Account information: email address, display name, and (for tenant owners) the company name and address used on invoices and 1099-NEC worksheets.
• Auction records: lots, consignors, buyers, sales, invoices, settlements, payments, audit-log entries, and all related data you enter into the Service.
• Photos: images you take or upload of auction lots. Used for AI cataloging and for inclusion in your catalogs and exports.
• W-9 metadata: for consignors who provide W-9 information, we store only the metadata fields you enter (business name, federal tax classification, backup-withholding flag, address). We do not store SSNs, EINs, or other taxpayer-identification numbers — those are tracked in your own off-platform records.
• Payment information: handled by our payment processors (Apple App Store, Google Play, Stripe, RevenueCat). LotDeck does not store credit card numbers or bank account details.

Automatically

• Usage analytics: anonymous usage data such as feature usage frequency, session duration, and app performance metrics. Collected via Firebase Analytics in release builds only.
• Crash reports: automatic crash reports including device type, OS version, and stack traces. Collected via Firebase Crashlytics on iOS and Android. No personally identifiable information is included in crash reports.
• Audit log entries: a record of significant actions taken inside your tenant (invoice payment, lot edits, settlement export, role changes, etc.). The audit log is visible to your tenant's owner and staff and is retained for the life of the tenant.

From integrations you connect

• eBay: if you connect your eBay account, we receive an OAuth refresh token that allows us to push lots to your eBay drafts on your behalf. We never see your eBay password. We can fetch your eBay category structure and item-aspect schemas. You can disconnect at any time from the eBay integration screen.

3. How We Use Your Information

• To provide, maintain, and improve the Service.
• To process AI lot descriptions using your photos and titles (see Section 5).
• To sync your data across your devices via cloud storage.
• To send transactional emails (invoices, settlement statements, won-lot notices) on your behalf to recipients you choose.
• To enforce subscription and rate limits (lot caps, AI Enhance caps, abuse defenses).
• To diagnose and fix bugs using crash reports and aggregate usage analytics.
• To comply with legal obligations (tax reporting, lawful requests).

4. Data Storage, Tenant Isolation, and Security

Your auction data is stored in Google Cloud Firestore in the US region with tenant-scoped security rules. Each tenant's data is logically isolated — no user can access another tenant's records. Authentication is handled by Firebase Authentication. All data is transmitted over HTTPS/TLS.

On mobile devices, a local copy of your tenant's data is stored in a SQLite database within the app's sandboxed storage so the app continues to work offline. The database is sandboxed by the operating system to your app instance only; it is not encrypted at rest beyond the OS-level device encryption (Face ID / Touch ID / device passcode).

On the web, data is stored in Firestore's browser-managed IndexedDB cache to enable offline support during a session. Clearing browser data removes the cache.

Lot photos are stored in Google Cloud Storage with tenant-scoped access rules. Photo URLs are signed and time-limited so they cannot be shared accidentally.

Sensitive credentials (API keys for AI, eBay, payment processors) are stored in Google Cloud Secret Manager, encrypted at rest, and accessed only by our backend. We do not log credentials, full credit-card numbers, or SSNs anywhere in the system.

5. AI Photo Processing

When you use AI cataloging, the lot photo and (optionally) the lot title are sent through our backend to Anthropic's Claude API for analysis. The AI generates text descriptions, category suggestions, condition assessments, value estimates, and — when an eBay leaf category is identified — eBay item-specifics suggestions.

To reduce cost and latency, we use Anthropic's prompt caching feature, which stores stable portions of our prompt (cataloging instructions and eBay aspect schemas) on Anthropic's servers for up to 5 minutes per session. Your photos are never cached — only the text instructions to the model.

Per Anthropic's published policy, Anthropic does not retain inputs sent through the API for model training. Photos are processed in-memory and discarded after the response is returned.

AI-generated content (titles, descriptions, estimates, category suggestions, item specifics) is stored in your tenant's records as if you had typed it yourself. You can edit or delete it at any time.

6. Subprocessors

We use the following third-party services to provide the Service. Each has its own privacy policy governing how it handles data we share with it.

Subprocessor	Purpose	Data shared
Google Firebase (Auth, Firestore, Cloud Storage, Cloud Functions, Analytics, Crashlytics)	Authentication, database, file storage, backend execution, anonymous analytics, crash diagnostics	Account data, auction data, photos, anonymous usage events
Google Cloud Secret Manager	Encrypted storage of integration credentials	API keys for our backend (not your data)
Anthropic (Claude API)	AI cataloging and Enhance	Lot photos, lot titles, prompt instructions
Resend	Transactional email delivery	Recipient email addresses, email content (invoices, statements, won-lot notices)
RevenueCat	Subscription management for iOS and Android	Subscription tier, billing status, anonymized device ID
Stripe	Payment processing for web subscriptions	Email, billing address, payment method (handled directly by Stripe)
eBay (when connected)	Lot draft creation and category lookup, on your authorization	Lot data, photos, your eBay OAuth token

7. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We share data only:

• With the subprocessors listed in Section 6, solely to provide the Service.
• Between staff members within your own tenant, based on the role permissions you assign (Owner / Staff / Clerk / Viewer).
• With recipients you explicitly send invoices, statements, or notices to via the email feature.
• With eBay, when you push lots to eBay through the integration you authorized.
• If required by law (subpoena, court order, lawful government request).

8. International Data Transfers

LotDeck's primary infrastructure runs in Google Cloud's US regions. If you access the Service from outside the United States, you consent to the transfer and processing of your data in the US. We rely on standard contractual clauses where required for international data transfers from the EU/UK/Switzerland.

9. Data Retention

Your auction data is retained for as long as your account or tenant is active. If you delete your account or your tenant via the in-app account-deletion flow, your data will be removed from our active cloud systems within 30 days. Backups are purged on a rolling 90-day schedule.

Aggregated, anonymized analytics may be retained indefinitely.

Local data on your device is removed when you uninstall the app or sign out and clear local storage.

10. Your Rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (right to be forgotten).
• Export your data in a portable format. The Service includes built-in CSV, PDF, and accounting-format exports.
• Object to processing or withdraw consent.
• Lodge a complaint with a supervisory authority.

To exercise any of these rights, email support@wyserbaron.com from the address associated with your account. We will respond within 30 days.

California residents (CCPA/CPRA): we do not sell or share your personal information. You have the right to know what we collect, request deletion, and not be discriminated against for exercising these rights.

EU/UK residents (GDPR): the lawful basis for processing your data is the contract between you and Wyser Baron LLC for the provision of the Service, plus your explicit consent for AI photo processing. You may withdraw consent at any time, which will prevent further AI processing but does not invalidate prior processing.

11. Cookies and Local Storage

The marketing website at lotdeck.com does not use tracking cookies, advertising pixels, or third-party analytics.

The web app at app.lotdeck.com uses browser storage (IndexedDB, localStorage) to store your authentication session, tenant context, and a cache of your data for offline use. These are essential to operating the app and cannot be disabled while signed in. Clearing your browser data signs you out and removes the local cache.

12. Children's Privacy

LotDeck is a business product not intended for children. We do not knowingly collect personal information from anyone under the age of 16. If you believe a child has provided us with personal information, please contact us and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, where appropriate, sending an in-app notice or email. Your continued use of the Service after a change constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or how your data is handled, please contact us:

Wyser Baron LLC
Email: support@wyserbaron.com