Skip to content

Privacy Policy

Last Updated: October 30, 2025

Introduction

We at Bigtoa (we or us) are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose information about you when you use our website or services (Services). By accessing or using the Services, you agree to the terms of this Privacy Policy.

1. Information We Collect

When you use our Services, we may collect the following categories of information:

  • Personal Information: Such as your name, email address, phone number, and username provided during registration.
  • Address Information (Optional): Your physical address (street, city, state, postal code) if you choose to provide it. This is completely optional and only used for specific purposes outlined in Section 8 below.
  • Estate Organizing Data (Optional): If you use our estate planning features, you may provide addresses of executors, beneficiaries, or legal contacts.
  • Usage Data: Information about your activity on our site including pages visited and links clicked.
  • Device Information: Details about your browser, device and IP address.

2. How We Use Your Information

We use the collected information to:

  • Provide, maintain and improve our Services.
  • Personalize your experience and deliver relevant content.
  • Communicate with you regarding updates or support.
  • Enforce our Terms of Service and prevent misuse.

Importantly, we do not sell or rent your personal information to any third parties.

3. Cookies & Tracking

We may use cookies and similar technologies to monitor site usage and improve user experience. You can control your preferences in your browser settings; disabling cookies may limit some features.

4. Data Security

We implement reasonable security measures to safeguard your personal information from unauthorized access. However, no system is 100% secure.

5. Children's Privacy

Our Services are not intended for individuals under 13 years of age. We do not knowingly collect personal information from children.

6. Third-Party Service Providers

We work with trusted third-party service providers to deliver our Services. These providers only receive the minimum data necessary to perform their function:

  • Stripe (Payment Processing): If you provide a billing address, we share it with Stripe for payment verification and fraud prevention. Stripe processes all payment information according to their own Privacy Policy.
  • AWS (Cloud Hosting): Your data is stored on secure servers provided by Amazon Web Services with encryption at rest and in transit.
  • Google (OAuth Sign-In): If you sign in with Google, we receive your name and email address from Google according to their Privacy Policy. We do not access your other Google data.
  • eBay (Listing Integration): If you connect your eBay account, we store OAuth tokens to access and display your eBay listings. We do not modify your eBay account or share your eBay data with others.
  • Mailgun (Email Delivery): We use Mailgun to send transactional emails (password resets, notifications). Mailgun processes emails according to their Privacy Policy.
  • Anthropic (AI Features): If you use AI-powered analysis features, item descriptions and photos may be sent to Anthropic's Claude API for processing. No personally identifiable information is included in these requests.

We do not sell, rent, or share your address or other personal data with any other third parties for marketing purposes.

7. Your Privacy Rights and Controls

You have the following rights regarding your personal data:

  • Access: You can view all your personal data in your Profile Settings.
  • Correction: You can update your name, email, phone, and address at any time through Profile Settings.
  • Deletion: You can delete your address data from Profile Settings at any time. To delete your entire account and all data, contact us.
  • Export: You can export your inventory data in CSV, JSON, or PDF format from your dashboard.
  • Opt-Out: You can unsubscribe from marketing emails using the link in any email we send.

8. Address Data: Collection, Use, and Retention

Providing your address is completely optional. We only use it for the following purposes:

  • Payment Processing: Your billing address is sent to Stripe (our payment processor) to verify your payment method and reduce fraud. This helps prevent unauthorized charges.
  • Estate Organizing Contacts: If you use our Estate Organizing features, you can store addresses of executors, beneficiaries, lawyers, and other contacts. This information is encrypted and only accessible to you and those you explicitly share it with.

How We Protect Your Address

  • Encryption: All address data is encrypted in transit using HTTPS and at rest in our database.
  • No Logging: We do not include address information in our system logs.
  • Limited Access: Only authorized personnel with a legitimate need can access address data, and all access is logged for security auditing.
  • No Marketing Use: We never use your address for marketing, advertising, or any purpose other than those stated above.

Retention Policy

We retain your address data only as long as necessary for the purposes outlined above:

  • Active Accounts: We retain your address while your account is active and you have not deleted it.
  • User Deletion: You can delete your address at any time from Profile Settings. Deletion is immediate and permanent (except for backups, which are deleted within 30 days).
  • Account Closure: If you close your account, all personal data (including addresses) is permanently deleted within 30 days, except where we must retain it for legal compliance (e.g., tax records, which are deleted after 7 years).
  • Inactive Accounts: If your account is inactive for more than 3 years, we will email you to confirm whether you want to keep it. If we receive no response within 60 days, your account and all data will be deleted.

Your Control: You can delete your address anytime from Profile Settings → Personal Information → Delete Address.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our website. By continuing to use our Services after changes take effect, you accept the updated terms.

10. Contact Us

If you have any questions about this Privacy Policy, your data rights, or how we handle your address information, please contact us.

Privacy Policy | Bigtoa | Bigtoa