Snapellsnapell

Snapell Pty Ltd · ABN registered · Privacy Policy

Privacy Policy

Last updated 14 June 2026.

Pre-launch draft. Snapell is in a pre-launch period in Australia. This Privacy Policy is the draft we operate under while we sign up our waitlist. A lawyer- reviewed version, replacing this copy, is published before we accept any paid scan. The information practices below describe what we actually do today.

1. Who we are

Snapell Pty Ltd (“Snapell”, “we”, “us”) is an Australian company operating a clothing resale marketplace. We operate in Australia only at launch.

2. What we collect

We collect personal information that is necessary to run the marketplace:

  • Your email address (waitlist signup, sign-in, transactional email).
  • Your name and shipping address (when you sell or buy an item).
  • Photos you submit for sale, along with the AI-derived description and offer record for each photo.
  • A device fingerprint and your IP address (used for fraud prevention and rate-limiting).
  • Activity records on the platform (scans, offers, listings, payouts, disputes, push subscriptions, audit log entries).

What we do not collect ourselves: your bank account or PayID details. Those are collected and held by Stripe; Snapell never sees them.

Sensitive information: we do not collect sensitive information (health, racial, religious, sexual, biometric data). Photos you submit may incidentally show people; we store every photo as private and serve it only via short-lived signed URLs.

3. Why we collect it

To operate the marketplace: appraise items you submit, make offers, take payment from resellers, pay sellers, ship sold items, resolve disputes, prevent fraud, and meet our tax record-keeping obligations.

4. Who we share it with

We share information with the following service providers so the marketplace can run. Each is named below, with the purpose and the region the data is processed in.

Stripe
Payments processing, payouts, KYC, and storage of bank / PayID details. Stripe is the regulated entity for fiat movement on the platform.
Region: United States, with AU data residency for AU-collected information.
Resend
Sending transactional and waitlist email on Snapell's behalf.
Region: United States.
Gemini (Google)
AI appraisal of photos you submit for sale. Photos and the structured AI output are processed for the lifetime of the listing.
Region: Google data-processing regions per Google's policies.
eBay
Market-comparable lookup against publicly listed items, used only to anchor the offer we make you. We send keywords and (where used) a reverse-image search; we do not send your personal information.
Region: United States / AU.
Australia Post
Shipping label generation, tracking events, and delivery confirmation when an item is sold.
Region: Australia.
PostHog
Product analytics — counting events like 'landing viewed', 'scan started', 'offer accepted' so we can improve the product. We never send your email, name, address, phone number, or Stripe identifiers to PostHog; we use a pseudonymous device-level identifier before sign-in, and your account id after sign-in.
Region: United States.
Sentry
Error monitoring. When something breaks, an exception payload is sent that may include the URL you were on and a stack trace. Personal information is stripped before sending.
Region: United States.

We do not sell your personal information. We do not share it for any third party’s independent marketing.

5. How long we keep it

Retention varies by the type of information. The categories below match the operational retention rules we enforce.

CategoryRetentionWhy
Declined or abandoned scan photos30 daysSo you can re-open or appeal the decision.
Accepted item photos (live listings)12 months after the listing sellsDispute window plus post-sale reference.
Disputed item photosDispute closed + 2 yearsLimitation periods for legal claims.
AI inputs and outputs (the raw appraisal record)90 days live, then anonymised for product improvement; photo URLs stripped at 30 daysImproves the appraisal model without keeping references to photos that have already been deleted.
Transactional records (orders, payouts, tax-relevant data)7 yearsAustralian Taxation Office record-keeping requirement.
Your account (email, profile)Until you ask us to delete it, plus 30 daysAllows you to reverse a deletion within the grace period; then we hard-delete.
Push subscriptions90 days after last seenInactive subscriptions stop being able to receive a push and are cleaned up.
Audit logIndefiniteCompliance and abuse investigation.

6. Your rights

Under the Australian Privacy Principles, you can ask us to:

  • Tell you what personal information we hold about you.
  • Correct anything that is wrong.
  • Delete your account. We delete the personal information we can; we keep transactional records (for example, sales tax records) for the period required by law.

To exercise any of these rights, email privacy@snapell.com.

7. Account deletion

When you delete your account, we soft-flag it and let you reverse the deletion within 30 days. After 30 days we redact your email and name and hard-delete the row. Photos attached to an open listing or unresolved dispute are kept until the listing or dispute resolves; everything else is removed on the next nightly sweep. Transactional records are kept anonymised for 7 years to meet our tax record-keeping obligations.

8. Cookies and tracking

We use cookies to keep you signed in and to remember small preferences. For product analytics we use PostHog to count events (for example: how many people visited the landing page, accepted an offer, or completed a sale). PostHog runs in your browser and sends event data to PostHog’s servers. We strip your email, name, address, phone number, and Stripe identifiers before sending. We honour browser Do Not Track signals where it is technically possible to detect them.

For error monitoring we use Sentry. Sentry sends an exception payload when something breaks in the browser or on the server. We do not send personal information in this payload.

A cookie banner is not strictly required under Australian law. We disclose every tracking vendor on this page instead.

9. Marketing email

We only send marketing email to people who ask for it (for example, joining the waitlist). Every marketing email contains an unsubscribe link as required by the Australian Spam Act 2003. Transactional email — offer notifications, payout confirmations, dispute updates — is sent regardless of marketing preferences because it is the operational record of the platform doing what you asked it to do.

10. Security

Personal information is encrypted in transit and at rest. Photos are private by default and served only via short-lived signed URLs. Access by Snapell staff is audited.

11. Data breach notification

If we become aware of a data breach that is likely to result in serious harm, we will notify affected users and the Office of the Australian Information Commissioner within 30 days, as required by the Notifiable Data Breaches scheme.

12. Children

Snapell is for users 18 and over. We do not knowingly collect personal information from anyone under 18.

13. International transfers

Some of the service providers we use (named above) process information outside Australia. When that happens, we rely on contractual safeguards with each provider to ensure your information is protected to an equivalent standard.

14. Changes to this policy

We will update this page when our practices change. The “Last updated” date at the top reflects the most recent change.

15. Contact

Questions, requests, or complaints: privacy@snapell.com. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner at oaic.gov.au.

Privacy Policy · Snapell