PennyPresses

Privacy Policy

Last updated: 2026-06-22  ·  Effective: 2026-06-22

1. Who we are

This Privacy Policy explains how PennyPresses ("PennyPresses", "we", "us", "our") collects, uses, shares, and protects information about you when you use our website at pennypresses.net, our mobile applications, and related services (collectively, the "Service").

2. Scope of this policy

This policy applies when you create an account on PennyPresses, browse our website, install or use our mobile apps, exchange pressed pennies through Penny Pals, use Want / Have collector requests and accepted deals, list or trade items through Trading Post, subscribe to PennyPresses Pro, or otherwise interact with our Service.

It does not apply to third-party services that we link to or that you choose to integrate. Each third party has its own privacy policy. Section 7 lists the providers we work with and links to their policies.

3. Information we collect

We collect the following categories of information:

Category	Examples	Source
Account information	Email address, username, first and last name, password (stored hashed, never in plaintext), profile image, optional bio and city, optional date of birth.	You, when you create or update your account.
Collection data	Pressed pennies you save: location, address, design description, coin type, year, composition, category, notes, quantity, photos, dates acquired and pressed.	You, when you add to My Collection.
Penny Pals information	Mailing address, optional notes about the pennies you'd like to receive, monthly match assignments, photos of mailed envelopes (proof of mailing), exchange history.	You, when you enroll in Penny Pals and submit proof.
Want / Have and collector deal information	Machines you mark as "I WANT THIS" or "I HAVE THIS", collector requests, buy offers, seller prices, counteroffers, accept/reject/not-available actions, notes attached to offers, and shipping details you choose to send after an offer is accepted. Shipping details may include recipient name, street address, apartment/unit, city, state/region, postal code, country, and an optional delivery note.	You and the other collector involved in the request or accepted deal.
Trading and Marketplace information	Listings you post, offers you make or receive, in-app messages with trade partners, ratings, transaction history, and shipping details you choose to share for a transaction.	You and other users you transact with.
Location information	Approximate device location (when you grant location permission) used for the map and "find me" feature; or a manually saved location.	Your device's location services (only with your permission), or you when you save a location manually.
Subscription and payment information	Subscription status, plan, expiration. Payment details (card number, etc.) are never received or stored by us - they are handled directly by Stripe, PayPal, Apple, or Google. We store the customer/subscription IDs returned by those providers.	You, via Stripe / PayPal / Apple App Store / Google Play.
Communications	Push notification tokens, email correspondence with support, in-app feedback.	Your device, our email system, you.
Device and usage information	IP address, User-Agent string, mobile device identifier (when applicable), pages or screens visited, features used, error logs.	Automatically when you use the Service.
Advertising identifiers (if you opt in)	Apple's IDFA or Google's Advertising ID, used to measure ad performance and limit ad frequency. Only collected if you grant App Tracking Transparency permission on iOS or do not opt out on Android.	Your mobile device, only if you opt in.

We do not collect: government IDs, financial account numbers, biometric identifiers, health information, precise real-time GPS history (only point-in-time when you tap "find me"), or information about anyone other than the registered user.

4. How we use information

We use the information we collect to:

• Create and maintain your account, authenticate logins, and recover access.
• Provide the core features you signed up for: tracking your collection, finding nearby machines, exchanging pressed pennies through Penny Pals, matching Want / Have collector requests, supporting accepted collector deals, listing items in Trading Post and Marketplace, and supporting subscription billing.
• Match you with another Penny Pals member each month and route the exchange (your name, mailing address, and optional notes are shared with your matched pal - see Section 6).
• Notify you when another collector may have a penny you want, or wants a penny you have, and let either side send a buy offer, seller price, counteroffer, acceptance, rejection, or not-available response.
• After an accepted collector deal, share shipping details only when the buyer explicitly chooses to send those details to the seller for that specific deal.
• Keep shipping details out of advertising, personalization, and analytics. Shipping details are used only for the user-to-user mailing function, safety review, abuse prevention, and legal compliance.
• Process subscription payments and manage refunds (handled by Stripe, PayPal, Apple, or Google as applicable).
• Send transactional emails (account confirmations, subscription receipts, Penny Pals notifications, Want / Have request and offer notifications, password resets).
• Send push notifications you have opted in to (new matches, messages, proof approvals, etc.).
• Display the upsell banner inside the app for non-Premium users; show third-party advertising when AdMob is enabled and you have not paid to remove ads.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with legal obligations.
• Improve the Service through aggregated, de-identified analytics.

We do not sell your personal information for money. See Section 14 for the California-specific definition of "sell" and "share".

5. Legal basis (EU/UK users)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following lawful bases under the GDPR:

• Performance of a contract - to deliver the features you sign up for, including Penny Pals matching, Want / Have collector requests and accepted deals, Trading Post, and subscriptions.
• Consent - for optional features that share data with other users (Penny Pals, Want / Have accepted deals, Trading Post, Marketplace), for push notifications, for analytics where required, and for personalized advertising. You can withdraw consent at any time.
• Legitimate interest - to keep the Service secure, prevent abuse, debug errors, and improve features. We balance these interests against your rights and freedoms.
• Legal obligation - to comply with tax, anti-fraud, and regulatory requirements.

6. Sharing with third parties

We share your information in the following circumstances:

• With other users, when you choose to use a feature that involves user-to-user contact:
  • Penny Pals: your name, mailing address, and the optional notes you wrote during enrollment are shared with the pal you are matched with each month, so they can address an envelope to you. The recipient identity stays hidden from you until the admin approves the proof of mailing.
  • Want / Have collector requests: your username, the machine you marked as wanted or owned, and the offer/counteroffer actions you take are visible to the other collector involved in that request. When an offer is accepted, the buyer may choose to send shipping details to the seller for that specific accepted deal. We do not show or send shipping details automatically, we do not send shipping details in transactional email or push notifications, and shipping details are not public. Administrators may access this information only when necessary for support, safety, abuse review, or legal compliance.
  • Trading Post and Marketplace: your username, listings, messages, offers, and any shipping details you choose to share with another user are visible to that user.
• With service providers (processors) who help us operate the Service. They are contractually limited to using the data only on our instructions. Section 7 lists each provider, what they receive, and links to their privacy policies.
• With law enforcement or regulators when we are legally required to disclose.
• In connection with a corporate transaction (sale, merger, or acquisition). If this happens we will notify you and provide options before any new entity uses your data differently.

7. Third-party processors

The following third-party services receive personal data when you use the Service. Each is bound by its own privacy policy.

Provider	What we send	Purpose	Their policy
Stripe	Email, name, payment method (entered directly into Stripe's checkout), customer ID	Subscription billing on the website	stripe.com/privacy
PayPal	Email, name, subscription ID	Subscription billing on the website (alternative to Stripe)	paypal.com/legalhub/privacy-full
Apple (App Store, IAP)	Subscription receipts, anonymous purchase token	iOS subscription billing, Sign in with Apple	apple.com/legal/privacy
Google (Play Billing)	Subscription receipts, anonymous purchase token	Android subscription billing	policies.google.com/privacy
RevenueCat	Subscription state, anonymous user ID	Mobile subscription receipt validation and entitlement management	revenuecat.com/privacy
Brevo (formerly Sendinblue)	Email address, transactional message body	Sending transactional emails (welcome, receipts, Penny Pals notifications, Want / Have request and offer notifications, password resets)	brevo.com/legal/privacypolicy
Expo (push notifications)	Push token, notification body and metadata	Delivering push notifications to your mobile device through Apple's APNs / Google's FCM	expo.dev/privacy
AdMob (Google) - when ads are enabled	Advertising identifier (IDFA on iOS with your permission, or AAID on Android), approximate location, device info, in-app interactions with ads	Serving ads inside the mobile apps for non-Premium users; measuring ad performance	policies.google.com/privacy
OpenStreetMap Foundation	IP address (necessary to deliver map tiles)	Map background tiles on the website	wiki.osmfoundation.org/wiki/Privacy_Policy
Photon (komoot)	Search query string, IP address	Address autocomplete and geocoding	komoot.com/privacy
Project OSRM	Coordinates of route start and end, IP address	Calculating road-trip routes between machines	project-osrm.org
Google APIs (only for "Sign in with Google")	Email, name, Google account ID - only on the verified id_token	Letting you sign in with your Google account instead of a password	policies.google.com/privacy
Hosting provider - our hosting provider	All data we store, by virtue of running on their infrastructure	Hosting the website, API, and database	Not listed yet

8. Cookies and similar technology

Our website uses a small number of cookies and equivalent storage mechanisms:

• Strictly necessary: session tokens stored in your browser's localStorage so you stay signed in between visits, plus a CSRF nonce during the Sign in with Google flow. Cannot be disabled without breaking the Service.
• Functional: your saved location, your last-selected map radius, and a per-user banner-dismissed timestamp so the upsell banner respects your "X" tap. Can be cleared by signing out or clearing your browser data.
• Subscription gateway redirects: temporary cookies set by Stripe or PayPal during checkout, governed by their own policies (Section 7).

We do not currently use third-party analytics or advertising cookies on the website. If we add them in the future, this section and our consent banner will be updated.

The mobile apps store equivalent data (auth tokens, location, banner state) in the device's secure storage area. We do not use third-party analytics SDKs in the apps. The optional AdMob SDK (when enabled) uses the device's advertising identifier instead of a cookie.

More detail is available in our Cookie Policy.

9. Data retention

We keep personal information only as long as necessary for the purposes described in this policy or as required by law.

Category	Retention
Active account	For as long as your account exists.
Account after deletion request	Hard-deleted within 30 days, except as required for tax, legal, or fraud prevention purposes.
Penny Pals exchange history	Retained while your account is active so you can see past matches in History.
Want / Have requests, offers, and accepted deal records	Retained while your account is active so both collectors can see request status, accepted price, and shipping/delivery status. Shipping details shared for an accepted deal are retained only as long as needed to complete the deal and support abuse or safety review, then deleted or anonymized according to our regular account-deletion and backup cycles.
Photos uploaded as proof or to your collection	Stored on our servers until you delete them or your account.
Subscription records	Retained for at least 7 years for tax compliance.
Server access logs	30 to 90 days for security and abuse investigation.
Deleted listings and offers	Soft-deleted for 90 days for fraud prevention, then hard-deleted.

10. Security

We use industry-standard security measures, including:

• HTTPS (TLS) for all client-server traffic.
• Passwords stored as one-way hashes (never plaintext).
• Short-lived JWT access tokens with refresh-token rotation, server-side revocation, and a per-user token version that lets you sign out everywhere.
• Per-IP and per-username rate limiting on authentication endpoints.
• Server-side image re-encoding on upload to strip metadata and any embedded payloads.
• Restricted internal access to data, on a need-to-know basis.

No system can be perfectly secure. You can help by choosing a strong unique password, enabling biometric unlock on your device, and signing out from devices you no longer use.

11. International data transfers

Our servers are located in the hosting provider region. If you access the Service from outside that region, your information will be transferred to and processed there. When personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country that has not been deemed adequate by the relevant authority, we rely on Standard Contractual Clauses, the EU-US Data Privacy Framework (where applicable), or your explicit consent.

12. Children's privacy (under 13)

The Service is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with information, please contact us at privacy@pennypresses.net and we will delete it promptly.

If you are between 13 and 18 (or the age of majority in your jurisdiction), you may use the Service only with the involvement of a parent or guardian, particularly for any feature that involves sharing your address or making payments.

13. Your rights

Depending on where you live, you may have the following rights:

• Access - request a copy of the personal information we hold about you.
• Rectification - correct inaccurate or incomplete information.
• Deletion ("right to be forgotten") - ask us to delete your account and personal data.
• Restriction - ask us to limit how we use your data.
• Objection - object to specific processing, including direct marketing.
• Portability - receive your data in a portable, machine-readable format.
• Withdraw consent at any time, where processing is based on consent.
• Not be subject to fully automated decision-making that produces legal or similarly significant effects. We do not currently use such processing.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@pennypresses.net. We respond within 30 days. We may need to verify your identity before acting on a request, to protect you from impersonation.

14. California-specific notices (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), gives you these additional rights:

• Right to know what categories of personal information we have collected, the sources, the purposes, and the categories of third parties to whom we have disclosed it. (Sections 3, 4, and 7 of this policy provide that information.)
• Right to delete personal information we have collected from you, subject to certain exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the "sale" or "sharing" of personal information. We do not sell personal information for money. When AdMob is enabled, sharing the advertising identifier with Google for ad personalization may be considered a "sale" or "share" under California law. You can opt out by tapping the "Do Not Sell or Share My Personal Information" link in the app, by enabling Limit Ad Tracking on your device, or by emailing us.
• Right to limit use of sensitive personal information. We do not collect sensitive personal information as defined by CPRA.
• Right to non-discrimination - we will not deny service, charge a different price, or provide a different level of service because you exercised any CCPA right.

To exercise any of these rights, email privacy@pennypresses.net or use the in-app "Privacy Choices" link in your profile. Authorized agents may submit requests on your behalf with written permission and verification.

In the preceding 12 months we have collected the categories of personal information listed in Section 3 and disclosed them to the categories of recipients listed in Sections 6 and 7.

15. EU and UK notices (GDPR)

• Controller: PennyPresses, Business address available on request.
• Representative in the EU/UK (where required under Article 27 GDPR): Not appointed.
• Data Protection Officer: not appointed (we do not meet the GDPR Article 37 thresholds requiring a DPO). For privacy questions, contact privacy@pennypresses.net.
• Supervisory authority: you have the right to lodge a complaint with your local supervisory authority. A list of EU authorities is available at edpb.europa.eu. UK residents may contact the Information Commissioner's Office.

16. Mobile app disclosures (Apple, Google)

Our iOS app and Android app collect data as described in Section 3. These categories correspond to the disclosures we make in the Apple App Store Privacy "Nutrition Labels" and the Google Play Data Safety form. Specifically:

• Identifiers: account email, username, device push token. Linked to you. Used for app functionality and account management.
• Contact info: mailing address for Penny Pals and, only after an accepted collector deal, shipping details you explicitly choose to send to the seller for that specific deal. Linked to you. Used for app functionality.
• User content: photos you upload, notes, listings, messages, Want / Have requests, offers, counteroffers, and deal status. Linked to you. Used for app functionality.
• Location: approximate location, only when you grant permission. Linked to you. Used for the map feature.
• Purchases: subscription history. Linked to you. Used for billing.
• Diagnostics: crash logs, performance data. Not linked to you. Used to improve the app.
• Identifiers (advertising) - only if AdMob is active and you opt in: IDFA on iOS, AAID on Android. Linked to you. Used for advertising. You can revoke at any time in your device settings.

iOS users will see an App Tracking Transparency prompt the first time we want to access the IDFA for advertising. You can decline and continue using the app; ads will still appear but will not be personalized.

17. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of the page reflects the most recent revision. If we make material changes, we will notify you in-app or by email at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

18. Contact us

For any privacy question, request, or complaint:

• Email: privacy@pennypresses.net
• Postal mail: PennyPresses, Business address available on request