Skip to main content
HippoLink logo HippoLink

Privacy Policy

Last updated: February 7, 2026

HippoLink LLC. ("HippoLink," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services (collectively, the "Services"). Please read this policy carefully. By using our Services, you consent to the practices described in this Privacy Policy.

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Data Sharing and Disclosure
  4. Third-Party Integrations
  5. Data Retention
  6. Data Security
  7. Your Rights and Choices
  8. International Data Transfers
  9. Children's Privacy
  10. Cookies and Tracking Technologies
  11. Changes to This Policy
  12. Contact Us

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password, business name, phone number, and billing address when you create an account.
  • Payment Information: Credit card details, bank account information, and billing address processed through our secure payment processors.
  • Inventory Data: Product listings, pricing information, stock levels, condition grades, and catalog data you upload to our platform.
  • Communications: Messages, support tickets, feedback, and correspondence you send to us.
  • Third-Party Credentials: API keys and authentication tokens for platforms you connect (TCGPlayer, Shopify, ManaPool, CardTrader, etc.).

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, actions taken, time spent, and interaction patterns within our Services.
  • Device Information: IP address, browser type, operating system, device identifiers, and screen resolution.
  • Log Data: Server logs including access times, error logs, and referral URLs.
  • Location Data: General geographic location derived from your IP address.

1.3 Information from Third Parties

  • Connected Platforms: Inventory data, sales history, and product information from marketplaces you integrate with HippoLink.
  • Analytics Providers: Aggregated usage statistics and performance metrics.
  • Business Partners: Information from partners for joint marketing initiatives (with your consent).

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our inventory management, syncing, and repricing services.
  • Platform Synchronization: To sync your inventory across connected marketplaces and prevent overselling.
  • Automated Repricing: To analyze market data and adjust your prices according to your configured rules.
  • Account Management: To create and manage your account, process payments, and provide customer support.
  • Communications: To send transactional emails, service updates, security alerts, and (with consent) marketing communications.
  • Analytics and Improvement: To understand usage patterns, identify issues, and enhance our Services.
  • Security: To detect, prevent, and respond to fraud, abuse, and security incidents.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors who help us operate our Services (hosting, payment processing, analytics, customer support).
  • Connected Platforms: With marketplaces you authorize us to connect with for inventory synchronization.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
  • Legal Requirements: When required by law, subpoena, court order, or to protect our rights, safety, or property.
  • With Your Consent: When you explicitly authorize us to share your information with third parties.

4. Third-Party Integrations

Our Services integrate with various third-party platforms including but not limited to:

  • TCGPlayer
  • Shopify
  • ManaPool
  • CardTrader
  • eBay
  • Point-of-Sale (POS) systems

When you connect these platforms, we access data necessary to provide our synchronization services. Each third-party platform has its own privacy policy, and we encourage you to review them. We store API credentials securely using industry-standard encryption and only access the minimum data necessary to provide our Services.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide our Services to you
  • Comply with legal obligations (e.g., tax records for 7 years)
  • Resolve disputes and enforce our agreements
  • Support business operations and analytics

After account deletion, we may retain certain data in anonymized or aggregated form for analytics purposes. Backup copies may persist for up to 90 days before being permanently deleted.

6. Data Security

We implement robust security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Access Controls: Role-based access controls and multi-factor authentication for our systems.
  • Infrastructure: SOC 2 Type II certified cloud infrastructure with regular security audits.
  • Monitoring: 24/7 security monitoring and intrusion detection systems.
  • Incident Response: Documented incident response procedures with breach notification within 72 hours.

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 General Rights

  • Access: Request a copy of your personal information we hold.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal information (subject to legal retention requirements).
  • Portability: Receive your data in a structured, machine-readable format.
  • Opt-Out: Unsubscribe from marketing communications at any time.

7.2 GDPR Rights (EU/EEA Residents)

  • Right to object to processing
  • Right to restrict processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

7.3 CCPA Rights (California Residents)

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to equal service and price (non-discrimination)

To exercise any of these rights, please contact us at privacy@hippolink.app . We will respond within 30 days.

8. International Data Transfers

HippoLink is based in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries.

For transfers from the EU/EEA, we rely on Standard Contractual Clauses approved by the European Commission and other legally compliant transfer mechanisms to ensure your data receives adequate protection.

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@hippolink.app , and we will take steps to delete such information.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for the Services to function (authentication, security).
  • Functional Cookies: Remember your preferences and settings.
  • Analytics Cookies: Understand how you use our Services to improve them.
  • Marketing Cookies: Deliver relevant advertisements (with your consent).

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date and, where required by law, by email. Your continued use of our Services after such changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

HippoLink LLC.

Attn: Privacy Team

Email: privacy@hippolink.app

Data Protection Officer: dpo@hippolink.app

Back to Home