Privacy Policy
Last updated: 2026-05-24
Summary
PeekaScan is a browser extension + web app that identifies trading cards from images and looks up their market prices. The free tier works anonymously. If you create an account or upgrade to a paid plan, we store the minimum data needed to authenticate you, enforce daily scan quotas, and process payments through Stripe. We do not sell personal data, run advertising, or track you across sites.
Data we process
Anonymous use (no account)
- The downscaled card image you submit (resized to ~1000px WebP, sent as a data URL), which we forward to Google's Gemini API to identify the card.
- Card identifiers you type (name, set, number, game type).
- A salted SHA-256 hash of your IP address — used to enforce the free daily scan cap. The raw IP is not stored; the hash cannot be reversed.
- Standard request metadata that our cloud host sees (IP, user agent, timestamp) for abuse prevention. These logs are retained short-term.
When you sign up
- Email address.
- For password sign-ups: an argon2id hash of your password (never the password itself).
- For Google sign-ins: your Google account's stable subject ID + verified email. We do not receive your Google password or contacts.
- Account creation and last-update timestamps.
- A per-user daily scan counter (resets daily, no scan content stored).
When you subscribe
- A Stripe customer ID linking your PeekaScan account to Stripe.
- Subscription status, current plan, period end, cancellation flag.
- We never see or store your card details. Payment is captured by Stripe's hosted Checkout. Stripe is the payment processor of record.
Data we do NOT collect
- Card or bank details (Stripe handles all payment data).
- Browsing history, page contents beyond the image you right-click, or cookies from other sites.
- Advertising IDs, cross-site identifiers, fingerprints.
- Keystrokes, mouse tracking, screen recordings, or behavioral analytics.
- Communications content (email, chat, SMS).
- Location data beyond the country inferred from the IP at request time.
Local storage in your browser
The extension stores the following on your device in
browser.storage.local /
.session:
- The current scan target (image data URL).
- Recent scan results so you can review them without re-scanning.
- UI state (active tab, last selected candidate).
- If signed in: a worker-issued JWT bearer token (used to authenticate API requests). The token expires after 7 days.
This data stays on your device. Removing the extension wipes all of it.
Subprocessors
We use a small set of third-party services to deliver the product:
| Service | Purpose | Data shared |
|---|---|---|
| Stripe | Subscription billing + payments | Email, payment details (entered on Stripe), subscription state |
| Resend | Transactional email (verification, password reset) | Email address + one-time link |
| Google OAuth | Optional Google sign-in | OAuth identity (`sub` + verified email) |
| Google (Gemini API) | AI vision (card identification) | Card image only; no identity attached |
| PriceCharting | Public market price lookup | Card name / set / number (no identity) |
| Railway | Hosting + Postgres database | All app data (encrypted at rest) |
| Cloudflare | DNS, CDN, future email routing | Request metadata |
Permissions and why
activeTab— read the image you right-click on the current page.contextMenus— add the "Scan Card" item.sidePanel/sidebar_action— display scan results.storage— persist your scan, history, and (if signed in) JWT locally.scripting— small injected helper to capture image source when Chrome doesn't supply it.identity— Google OAuth flow (only fires when you click "Sign in with Google").host_permissions: <all_urls>— card images live on many sites. The extension only reads the specific image you right-click.
Data retention
- Scan results: cached in worker memory ~15 min, then discarded. Never persisted.
- Daily scan counters: replaced at next UTC date roll-over.
- Anonymous IP-hash rows: kept rolling, purged routinely.
- Account + subscription rows: kept while your account exists. Deleted on request (see below).
- Stripe data: governed by Stripe's own retention (typically 7 years for tax/audit on paid invoices).
Your rights
If you have an account you can:
- Access or export your data — email [email protected].
- Correct your email or profile via the Customer Portal.
- Cancel your subscription anytime through the Customer Portal (no question asked, no retention dark patterns).
- Delete your account — email [email protected] with the address on the account. We remove the user row, related quota counters, and cancel any active Stripe subscription. Invoice records Stripe is legally required to retain remain.
EU/UK/CA users: this constitutes our process for GDPR/UK-GDPR/PIPEDA access, correction, portability, and erasure requests.
Security
Passwords are stored as argon2id hashes (industry-standard, designed for resistance to GPU cracking). Sessions use HS256 JWTs signed by a server-only secret. All traffic is HTTPS. The database is encrypted at rest. We do not see or store payment card data — Stripe handles all of that under PCI DSS Level 1.
Children
PeekaScan is not directed to children under 13 and does not knowingly collect data from them.
Changes to this policy
Material changes are reflected here with a new "Last updated" date. We will email subscribers about substantive changes that affect them.
Contact
Questions, data requests, or complaints: [email protected].
Policy URL: https://peekascan.com/privacy