Privacy Policy

Your Privacy Matters to Us

Version 1.0 | Last Updated:

Table of Contents
1. Overview 2. Information We Collect 3. How We Use Your Information 4. Information Sharing 5. Cookies & Tracking 6. Data Security
7. Data Retention 8. Your Rights 9. Children's Privacy 10. Third-Party Links 11. Policy Changes 12. Contact Us

1. Overview

PennyWins ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, or interact with our penny auction services (collectively, the "Service").

By using our Service, you consent to the data practices described in this policy. If you do not agree with our policies and practices, please do not use our Service.

At a Glance: We collect information to provide and improve our auction services, process transactions, and communicate with you. We do not sell your personal information to third parties.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

  • Create an account (name, email, username, password)
  • Complete your profile (phone number, avatar)
  • Add shipping/billing addresses
  • Make purchases (payment card details processed by Stripe)
  • Participate in auctions
  • Contact customer support
  • Respond to surveys or promotions

2.2 Information Collected Automatically

When you access our Service, we automatically collect:

Data Type Examples Purpose
Device Information IP address, browser type, operating system Security, analytics, optimization
Usage Data Pages visited, time spent, click patterns Improve user experience
Location Data City, state, country (from IP) Fraud prevention, compliance
Bidding Activity Bids placed, auctions watched, wins Service delivery, fair play

2.3 Information from Third Parties

We may receive information from:

  • Payment Processors: Transaction confirmation and fraud signals from Stripe
  • Referral Partners: Information about referrals when you join via a referral link
  • Identity Verification: Verification results if additional identity checks are required

3. How We Use Your Information

We use the information we collect to:

3.1 Provide Our Services

  • Create and manage your account
  • Process bids and determine auction winners
  • Process payments and fulfill orders
  • Ship won items to your address
  • Provide customer support

3.2 Improve & Protect Our Platform

  • Detect and prevent fraud, bot activity, and abuse
  • Analyze usage patterns to improve features
  • Ensure fair play and enforce our Terms of Service
  • Debug and fix technical issues

3.3 Communicate With You

  • Send transactional emails (order confirmations, shipping updates)
  • Notify you about auction activity (outbid alerts, wins)
  • Send promotional offers (with your consent)
  • Respond to your inquiries and support requests

3.4 Legal Compliance

  • Comply with legal obligations and regulations
  • Respond to lawful requests from authorities
  • Protect our legal rights and interests

4. Information Sharing

We do not sell your personal information. We may share your information with:

4.1 Service Providers

Provider Type Purpose Data Shared
Stripe Payment processing Payment details, transaction amounts
Shipping Carriers Order fulfillment Name, shipping address, phone
Email Service Transactional & marketing emails Email address, name
Cloud Hosting Data storage and processing All service data (encrypted)
Analytics Usage analysis Anonymized usage data

4.2 Other Disclosures

We may also disclose information:

  • To comply with legal process or government requests
  • To protect the rights, safety, or property of PennyWins or others
  • In connection with a merger, acquisition, or sale of assets
  • With your consent or at your direction

4.3 Public Information

Your username and bidding activity on auctions are visible to other users. Your real name, email, and other personal details are never publicly displayed.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

5.1 Types of Cookies We Use

EssentialStrictly Necessary Cookies

Required for the website to function. Cannot be disabled. Examples: session cookies, authentication tokens, security cookies.

FunctionalFunctional Cookies

Remember your preferences and settings. Examples: language preference, display settings, remembered login.

AnalyticsAnalytics Cookies

Help us understand how visitors use our site. Examples: Google Analytics, page view tracking, feature usage.

MarketingMarketing Cookies

Used to deliver relevant advertisements. Examples: retargeting pixels, ad conversion tracking.

5.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality. Most browsers allow you to:

  • View what cookies are stored
  • Delete individual or all cookies
  • Block cookies from specific or all sites
  • Block third-party cookies

5.3 Do Not Track

Our Service does not currently respond to "Do Not Track" signals. However, you can opt out of analytics tracking through your cookie preferences.

6. Data Security

We implement robust security measures to protect your information:

  • Encryption: All data transmitted via HTTPS/TLS encryption
  • Payment Security: Payment processing handled by PCI-compliant Stripe; we never store full card numbers
  • Password Protection: Passwords are salted and hashed using industry-standard algorithms
  • Access Controls: Employee access to personal data is limited and logged
  • Monitoring: Continuous monitoring for suspicious activity and unauthorized access
  • Regular Audits: Periodic security assessments and vulnerability testing
Important: While we use commercially reasonable security measures, no system is 100% secure. Please protect your account credentials and notify us immediately of any unauthorized access.

7. Data Retention

We retain your information for as long as necessary to:

  • Maintain your active account
  • Provide our services to you
  • Comply with legal obligations (tax records, transaction history)
  • Resolve disputes and enforce agreements

7.1 Retention Periods

Data Category Retention Period
Account Information Duration of account + 3 years
Transaction Records 7 years (legal/tax requirements)
Bidding History Duration of account + 1 year
Support Tickets 3 years after resolution
Server Logs 90 days

7.2 Account Deletion

When you request account deletion, we will remove or anonymize your personal information within 30 days, except for data we are legally required to retain.

8. Your Rights

You Have Rights: Depending on your location, you may have specific rights regarding your personal information. We honor these rights for all users regardless of location.

8.1 Access & Portability

You can request a copy of the personal information we hold about you. We will provide this in a commonly used, machine-readable format.

8.2 Correction

You can update most of your information directly in your account settings. For other corrections, contact our support team.

8.3 Deletion

You can request deletion of your account and personal information. Some information may be retained as required by law.

8.4 Opt-Out Rights

  • Marketing Emails: Unsubscribe link in every email, or manage in notification preferences
  • SMS Notifications: Reply STOP or manage in account settings
  • Push Notifications: Disable through your browser or device settings

8.5 How to Exercise Your Rights

To exercise any of these rights, you can:

We will respond to verified requests within 30 days.

9. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 18, we will promptly delete that information from our systems.

10. Third-Party Links & Services

Our Service may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

We encourage you to review the privacy policy of every site you visit. This Privacy Policy applies solely to information collected by our Service.

11. International Data Transfers

Our Service is operated in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

By using our Service, you consent to the transfer of your information to the United States and the processing of that information as described in this Privacy Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date at the top
  • Sending an email notification to registered users (for material changes)

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates your acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For data protection inquiries, please include "Privacy Request" in your subject line to ensure prompt routing to our privacy team.

Terms of Service Contact Us