1. Overview
DroboAI helps sellers automate eBay listings, sourcing, and order workflows through a desktop application and this website. This policy explains what information we collect when you create an account, subscribe, use the forum, or link the desktop app to your account.
Much of your selling data — eBay session cookies, listing drafts, and automation settings — is stored on your device or in your account only as needed to provide the Service. We do not sell your personal information.
2. Information we collect
Account information
When you sign up or sign in, we process information through Firebase Authentication, which may include:
- Email address
- Display name and username (if you provide them)
- Profile photo (if you upload one or sign in with Google)
- Authentication provider (email/password or Google)
- Account identifiers used to sync your subscription and settings
Onboarding & preferences
If you complete product onboarding, we may store how you heard about DroboAI (for example TikTok, YouTube, or a referral) to measure what marketing works and improve the product.
Subscription & billing
Paid plans are processed by Stripe. We receive subscription status, billing period dates, and customer identifiers from Stripe. We do not store full payment card numbers — Stripe handles card data under its own privacy policy.
Desktop app & automation data
To provide listing upload, session linking, and automation features, the desktop app stores and processes data on your device and may sync account-linked configuration to our servers when you choose. This can include:
- eBay session cookies and user-agent data used to keep Seller Hub linked
- Amazon product data scraped to price and publish listings
- Local listing catalog (
config.json) tying eBay item IDs to Amazon URLs for orders and refresh - Automation settings, browser profiles, and optional cloud config imports
Sensitive marketplace credentials remain under your control and are used only to operate features you enable. Much of this data never leaves your computer unless you explicitly sync it.
Website & server logs
Our servers may log technical data such as IP address, browser type, requested URLs, and timestamps
for security, abuse prevention, and reliability. The desktop app calls
GET /api/desktop/version (and the macOS variant) on launch to check for updates — these
requests may include your app version and platform so we can offer compatible installers.
Community & support
Forum posts and comments are stored when you participate while signed in. Public visitors can read community content; only authenticated users can post. If you contact support, we retain message content as long as needed to resolve your request.
Marketing emails
If you opt in to marketing communications, we store your email and preferences. You can unsubscribe using the link in each email. We may use email delivery providers (such as Resend or Gmail) to send transactional and optional marketing messages.
3. How we use information
We use collected information to:
- Provide accounts, subscriptions, and desktop sign-in linking
- Run listing, pricing, and automation features you configure
- Process payments and show billing status in your dashboard
- Deliver software updates and keep the Service secure
- Respond to support requests and enforce our Terms of Service
- Improve reliability and understand aggregate usage patterns
- Send product updates or marketing (with consent where required)
4. AI features
DroboAI may offer AI-assisted listing titles and descriptions. When you use them during Discover & Post or Listings refresh, relevant product or listing content you submit is sent to AI providers we integrate with (such as OpenAI) via our authenticated desktop API. Review provider policies before submitting sensitive or proprietary data. You control when AI features are enabled in the desktop app.
5. Cookies & sessions
The website uses session cookies to keep you signed in. The desktop app stores authentication tokens locally to restore your session. You can sign out from the website or app to end linked sessions.
6. Third-party services
We use trusted providers including Firebase (authentication), Stripe (payments), and cloud infrastructure to operate the Service. Marketplace platforms (such as eBay and Amazon) are governed by their own policies when you connect accounts or sessions. We are not responsible for third-party services outside our control.
7. Data retention & security
Account and subscription records are retained while your account is active and for a reasonable period afterward for legal, billing, and security purposes. We use HTTPS and industry-standard practices to protect account data. No method of storage or transmission is completely secure — protect your device and linked marketplace sessions.
8. Your choices & rights
Depending on where you live, you may have rights to access, correct, delete, or export personal data we hold. You can:
- Update profile details in Settings or through your authentication provider
- Manage or cancel subscriptions through the Stripe billing portal
- Remove linked sessions and local app data from your device
- Contact us to request account-related data actions
9. Children
The Service is not directed to children under 13. We do not knowingly collect personal information from children. Contact us if you believe a child has provided us information.
10. Changes & contact
We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the effective date. Material changes may be communicated through the website or your account email.
Privacy questions or requests: [email protected].