1. Who We Are
DealHawkHQ ("we", "us", "our") operates the platform at dealhawkhq.com and via our native iOS app (collectively, the "Service"). We are the data controller responsible for your personal data. If you have any questions about this Privacy Policy or how we handle your data, please contact us at contact@dealhawkhq.com.
2. What Data We Collect
We collect the following types of personal data:
- Account data: your email address, full name, and password (stored securely via hashed authentication)
- Profile & configuration data: products, scan profiles, search terms, pricing data, and scanning preferences you create within the platform
- Usage data: scan counts, API call counts, timestamps of scans and logins, and scanner activity logs
- Scan results: eBay listing data retrieved on your behalf during scans, including titles, prices, and URLs
- Communication data: your Telegram Chat ID if you choose to enable Telegram alerts
- Technical data: IP address, browser type, and device information collected automatically when you use the Service
- Mobile device data: device identifiers, push notification tokens, and app version information when you use our iOS app
- Category preferences: eBay category selections you configure for filtering scan results
3. How We Use Your Data
We use your personal data to:
- Provide and operate the DealHawkHQ Service
- Run automated and manual scans on your behalf
- Send you deal alerts via Telegram (only if you have enabled this)
- Send you deal alerts via push notifications on our iOS app (only if you have enabled this)
- Provide product valuation estimates using eBay marketplace data
- Manage your account access tier
- Send transactional emails such as account confirmations
- Provide links to eBay product listings via the eBay Partner Network affiliate programme for purchase attribution
- Monitor usage to enforce fair use limits and prevent abuse
- Improve and develop the platform
- Comply with our legal obligations
4. Legal Basis for Processing (UK GDPR)
We process your personal data on the following legal bases:
- Contract: processing necessary to provide the Service you have signed up for
- Legitimate interests: improving the platform, preventing fraud, and monitoring for abuse
- Consent: for optional features such as Telegram notifications
- Legal obligation: where we are required to process data by law
5. Data Sharing
We do not sell your personal data. We share data only with trusted third-party service providers who help us operate the platform:
- Supabase — database and authentication hosting
- Vercel — application hosting and deployment
- Upstash / QStash — background job scheduling for automated scans
- Resend — transactional email delivery
- Telegram — deal alert notifications (only if you enable this)
- Apple — push notification delivery for our iOS app
- eBay API — marketplace data retrieval on your behalf
- eBay Partner Network — affiliate link attribution. When you tap a product link, an affiliate token is included in the URL solely for purchase attribution. The token expires after approximately one hour. No personal data is shared with eBay for advertising purposes.
All third-party providers are required to handle your data in accordance with applicable data protection law.
6. Data Retention
We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or accounting purposes.
Scan result data is retained for the duration of your account and removed when listings are no longer live or when you dismiss them.
7. Your Rights (UK GDPR)
Under UK GDPR, you have the following rights regarding your personal data:
- Right of access: request a copy of the data we hold about you
- Right to rectification: request correction of inaccurate data
- Right to erasure: request deletion of your personal data
- Right to restriction: request that we limit how we use your data
- Right to data portability: receive your data in a structured, machine-readable format
- Right to object: object to processing based on legitimate interests
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, contact us at contact@dealhawkhq.com. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
8. Cookies
DealHawkHQ uses essential cookies and session tokens to keep you logged in and maintain your session. We do not use advertising or tracking cookies. No third-party analytics tools are currently used. Our mobile apps do not use cookies but may store session tokens and preferences locally on your device for authentication and app functionality purposes.
9. Data Security
We take the security of your data seriously. All data is stored on secure, encrypted infrastructure. Authentication is handled via industry-standard hashed credentials. Access to the database is restricted to authorised systems only.
10. International Transfers
Some of our third-party providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place in accordance with UK GDPR, such as Standard Contractual Clauses or adequacy decisions.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-app notice. The date at the top of this page indicates when the policy was last updated.