Privacy Policy

MerchVault (“we,” “us,” or “our”) operates a provably-fair mystery-merchandise platform. This Privacy Policy applies to information collected through our website, applications, and related services (the “Service”). It works alongside our Terms of Service.

Account data (via Clerk). When you sign up, our authentication provider Clerk collects and stores your email address, the name and any profile photo you supply, your authentication identifiers, and records of sign-in events. We receive a stable user ID and the email address.

Payment metadata (via Stripe). When you buy stubs, Stripe handles your card details directly; we never see or store full card numbers, CVCs, or bank credentials. Stripe returns to us a transaction identifier, the amount paid, the currency, the last four digits and brand of the card, and the billing country.

Activity data. We record the actions you take on the platform: stubs balance changes, vaults purchased, vault openings (including the public server-seed commitment and reveal), items added to your collection, buyback transactions, and timestamps. Certain fairness-related fields are publicly readable by design so rolls can be independently verified.

Analytics and attribution data. We record first-touch attribution and product analytics, including landing page, UTM parameters, referrer, anonymous session ID, demo opens, deposit funnel events, paid opens, sell-back events, repeat activity, and aggregate vault or category performance. We use this to understand launch traffic, conversion, product quality, and fraud risk.

Technical data. When you connect to the Service we automatically receive your IP address, approximate location derived from that IP, browser and device characteristics, referrer URL, and pages viewed. We use this data for security, abuse prevention, and to enforce geo-restrictions.

Shipping data. If you choose physical redemption of an item, we collect the recipient name, postal address, and a contact phone number or email required by carriers.

Communications. If you contact us, we keep the messages and any attachments for support and recordkeeping.

We use the data above to:

• Operate the Service, including authenticating you and processing purchases.
• Run the provably-fair commit-and-reveal protocol and publish the proofs.
• Fulfill orders, ship items, and handle returns and buybacks.
• Verify eligibility and enforce geographic, sanctions, and age restrictions.
• Detect, investigate, and prevent fraud, abuse, and violations of our Terms.
• Communicate with you about your account, purchases, and the Service.
• Comply with legal obligations and respond to lawful requests.
• Improve the Service, including diagnosing bugs and measuring performance.
• Measure traffic sources, funnels, conversion, repeat usage, and vault or category performance.

We do not sell your personal information. We share data only with the categories of recipients listed here and only as needed to operate the Service.

• Clerk: authentication, identity, and session management.
• Stripe or another listed payment provider: payment processing and fraud screening for purchases of stubs.
• Cloudflare: content delivery, edge routing, bot mitigation, and DDoS protection.
• Product analytics providers, if enabled: tools such as PostHog for event analytics, funnels, feature flags, or session replay. We configure these tools to avoid collecting full card details, passwords, precise shipping addresses, or other sensitive form values.
• Fulfillment partners: including authorized merchandise suppliers and shipping carriers, only for orders involving physical delivery and only with the data needed to ship the item.
• Professional advisors: counsel, accountants, and auditors bound by confidentiality.
• Law enforcement and regulators: where required by law, subpoena, or court order, or to protect the safety of any person or our legal rights.
• Successors: in the event of a merger, acquisition, financing, or sale of assets, subject to this Policy.

Provably-fair fairness data (server-seed hashes and post-open reveals, item IDs, vault IDs, and timestamps) is publicly readable by design. We do not publish your email address, real name, payment details, IP address, or shipping address in the public proof log.

We use cookies and similar technologies to keep you signed in, remember your preferences, secure the Service, and measure aggregate usage. Some cookies are set by our service providers (notably Clerk for session management and Stripe for fraud signals on the checkout page).

We also use first-party cookies and browser storage for attribution and product analytics. The mv_session_id value keeps anonymous browsing events together during a session. The mv_attr value stores first-touch source information such as UTM parameters, referrer, and landing path. These values do not store card numbers, passwords, shipping addresses, or payment credentials.

You can control cookies through your browser settings. Blocking some cookies may break sign-in or checkout.

Depending on where you live, you may have rights over your personal information under laws such as the California Consumer Privacy Act (CCPA/CPRA), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and similar U.S. state laws, or, where applicable, the EU/UK General Data Protection Regulation (GDPR). Subject to verification and applicable law, you may request to:

• Know what personal information we hold about you.
• Receive a portable copy of your data (export).
• Correct inaccurate personal information.
• Delete your personal information, subject to legal exceptions.
• Opt out of any “sale” or “sharing” of personal information for targeted advertising. We do not engage in either.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority.

To exercise any of these rights, email [email protected] from the address associated with your account. We may need to verify your identity before acting. We will not discriminate against you for exercising your rights.

Note on fairness data. Once a vault opens, the cryptographic proof of the roll is part of the platform’s public fairness ledger. Deleting your account will remove your personally identifying information, but anonymized proof rows will remain so the public ledger stays verifiable.

The Service is not directed to and is not intended for use by anyone under eighteen (18) years of age. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact [email protected] and we will delete it.

We retain personal information for as long as needed to provide the Service, to comply with legal, tax, accounting, and reporting obligations, to resolve disputes, and to enforce our agreements. Typical retention windows:

• Account data: for the life of the account plus up to twenty-four (24) months after closure.
• Payment metadata: for at least seven (7) years for tax and accounting compliance.
• Analytics and attribution data: generally up to twenty-four (24) months unless needed for security, fraud prevention, or accounting records.
• Server logs and IP records: typically ninety (90) days unless held for a security investigation.
• Shipping records: five (5) years for warranty, return, and tax purposes.
• Public fairness proofs: retained indefinitely as anonymized records.

We use industry-standard administrative, technical, and physical safeguards to protect personal information, including TLS in transit, encryption at rest where supported, principle-of-least-privilege access controls, and ongoing review of our vendors. No system is perfectly secure; we cannot guarantee absolute security and you provide information at your own risk.

MerchVault is operated from the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States and in any other country where our providers operate. Where required by law, we rely on appropriate safeguards (such as the European Commission’s Standard Contractual Clauses) for cross-border transfers.

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page reflects the most recent revision. Material changes will be communicated by email or an in-app banner. Continued use of the Service after the effective date constitutes acceptance of the revised Policy.

Privacy questions or requests? Reach the MerchVault privacy team at [email protected].

MerchVault is not affiliated with any artist, band, label, or trademark featured on this platform. All merchandise is authentic and sourced from authorized suppliers.