Snapell Pty Ltd · ABN registered · Privacy Policy
Privacy Policy
Last updated 14 June 2026.
Pre-launch draft. Snapell is in a pre-launch period in Australia. This Privacy Policy is the draft we operate under while we sign up our waitlist. A lawyer- reviewed version, replacing this copy, is published before we accept any paid scan. The information practices below describe what we actually do today.
1. Who we are
Snapell Pty Ltd (“Snapell”, “we”, “us”) is an Australian company operating a clothing resale marketplace. We operate in Australia only at launch.
2. What we collect
We collect personal information that is necessary to run the marketplace:
- Your email address (waitlist signup, sign-in, transactional email).
- Your name and shipping address (when you sell or buy an item).
- Photos you submit for sale, along with the AI-derived description and offer record for each photo.
- A device fingerprint and your IP address (used for fraud prevention and rate-limiting).
- Activity records on the platform (scans, offers, listings, payouts, disputes, push subscriptions, audit log entries).
What we do not collect ourselves: your bank account or PayID details. Those are collected and held by Stripe; Snapell never sees them.
Sensitive information: we do not collect sensitive information (health, racial, religious, sexual, biometric data). Photos you submit may incidentally show people; we store every photo as private and serve it only via short-lived signed URLs.
3. Why we collect it
To operate the marketplace: appraise items you submit, make offers, take payment from resellers, pay sellers, ship sold items, resolve disputes, prevent fraud, and meet our tax record-keeping obligations.
4. Who we share it with
We share information with the following service providers so the marketplace can run. Each is named below, with the purpose and the region the data is processed in.
- Stripe
- Payments processing, payouts, KYC, and storage of bank / PayID details. Stripe is the regulated entity for fiat movement on the platform.
- Region: United States, with AU data residency for AU-collected information.
- Resend
- Sending transactional and waitlist email on Snapell's behalf.
- Region: United States.
- Gemini (Google)
- AI appraisal of photos you submit for sale. Photos and the structured AI output are processed for the lifetime of the listing.
- Region: Google data-processing regions per Google's policies.
- eBay
- Market-comparable lookup against publicly listed items, used only to anchor the offer we make you. We send keywords and (where used) a reverse-image search; we do not send your personal information.
- Region: United States / AU.
- Australia Post
- Shipping label generation, tracking events, and delivery confirmation when an item is sold.
- Region: Australia.
- PostHog
- Product analytics — counting events like 'landing viewed', 'scan started', 'offer accepted' so we can improve the product. We never send your email, name, address, phone number, or Stripe identifiers to PostHog; we use a pseudonymous device-level identifier before sign-in, and your account id after sign-in.
- Region: United States.
- Sentry
- Error monitoring. When something breaks, an exception payload is sent that may include the URL you were on and a stack trace. Personal information is stripped before sending.
- Region: United States.
We do not sell your personal information. We do not share it for any third party’s independent marketing.
5. How long we keep it
Retention varies by the type of information. The categories below match the operational retention rules we enforce.
| Category | Retention | Why |
|---|---|---|
| Declined or abandoned scan photos | 30 days | So you can re-open or appeal the decision. |
| Accepted item photos (live listings) | 12 months after the listing sells | Dispute window plus post-sale reference. |
| Disputed item photos | Dispute closed + 2 years | Limitation periods for legal claims. |
| AI inputs and outputs (the raw appraisal record) | 90 days live, then anonymised for product improvement; photo URLs stripped at 30 days | Improves the appraisal model without keeping references to photos that have already been deleted. |
| Transactional records (orders, payouts, tax-relevant data) | 7 years | Australian Taxation Office record-keeping requirement. |
| Your account (email, profile) | Until you ask us to delete it, plus 30 days | Allows you to reverse a deletion within the grace period; then we hard-delete. |
| Push subscriptions | 90 days after last seen | Inactive subscriptions stop being able to receive a push and are cleaned up. |
| Audit log | Indefinite | Compliance and abuse investigation. |
6. Your rights
Under the Australian Privacy Principles, you can ask us to:
- Tell you what personal information we hold about you.
- Correct anything that is wrong.
- Delete your account. We delete the personal information we can; we keep transactional records (for example, sales tax records) for the period required by law.
To exercise any of these rights, email privacy@snapell.com.
7. Account deletion
When you delete your account, we soft-flag it and let you reverse the deletion within 30 days. After 30 days we redact your email and name and hard-delete the row. Photos attached to an open listing or unresolved dispute are kept until the listing or dispute resolves; everything else is removed on the next nightly sweep. Transactional records are kept anonymised for 7 years to meet our tax record-keeping obligations.
8. Cookies and tracking
We use cookies to keep you signed in and to remember small preferences. For product analytics we use PostHog to count events (for example: how many people visited the landing page, accepted an offer, or completed a sale). PostHog runs in your browser and sends event data to PostHog’s servers. We strip your email, name, address, phone number, and Stripe identifiers before sending. We honour browser Do Not Track signals where it is technically possible to detect them.
For error monitoring we use Sentry. Sentry sends an exception payload when something breaks in the browser or on the server. We do not send personal information in this payload.
A cookie banner is not strictly required under Australian law. We disclose every tracking vendor on this page instead.
9. Marketing email
We only send marketing email to people who ask for it (for example, joining the waitlist). Every marketing email contains an unsubscribe link as required by the Australian Spam Act 2003. Transactional email — offer notifications, payout confirmations, dispute updates — is sent regardless of marketing preferences because it is the operational record of the platform doing what you asked it to do.
10. Security
Personal information is encrypted in transit and at rest. Photos are private by default and served only via short-lived signed URLs. Access by Snapell staff is audited.
11. Data breach notification
If we become aware of a data breach that is likely to result in serious harm, we will notify affected users and the Office of the Australian Information Commissioner within 30 days, as required by the Notifiable Data Breaches scheme.
12. Children
Snapell is for users 18 and over. We do not knowingly collect personal information from anyone under 18.
13. International transfers
Some of the service providers we use (named above) process information outside Australia. When that happens, we rely on contractual safeguards with each provider to ensure your information is protected to an equivalent standard.
14. Changes to this policy
We will update this page when our practices change. The “Last updated” date at the top reflects the most recent change.
15. Contact
Questions, requests, or complaints: privacy@snapell.com. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner at oaic.gov.au.