Privacy Policy
Last updated: May 31, 2026
In short
- Your collection is private – other users cannot see it, and neither do we, the operators of the app, look into it. Only what you publish yourself is public (a marketplace listing, a shared link).
- We do not sell your data to anyone and we do not run ads against it.
- You can download everything at any time and delete your account together with all your data whenever you want.
Who processes your data
The data controller is Mincmistr s.r.o., company ID (IČO) 240 06 921, registered office at no. 115, 431 51 Okounov, Czech Republic, entered in the Commercial Register at the Regional Court in Ústí nad Labem, file no. C 54971. Contact: [email protected].
What we store
- Account: e-mail, password (stored only in an encrypted, unreadable form), registration date, language and currency preference.
- Your catalog: coins, photos, categories, descriptions, values, purchase date, seller.
- Marketplace listings: what you publish on the OutOfDark marketplace or through external integrations (eBay, Aukro) – title, photos, price, description.
- Billing details (Premium only): name or company, billing address, VAT ID (optional), IP address at the time of payment. Used to issue a tax invoice and calculate VAT.
- Activity log: who performed key actions and when (sign-in, password change, marketplace publishing, AI calls). For your security and ours.
- Operational records: IP address (truncated so it cannot be traced to a specific person), time of access and browser type – for troubleshooting and defence against attacks.
- Web analytics: anonymized information about visits to the marketing website via Google Analytics 4 – pages visited, traffic source, approximate location and device type. Used to measure website traffic, not to identify a specific person. You can find the details in Cookies.
Why we process the data
We process the data only for specific purposes:
- creating and maintaining your account,
- providing the app and storing your catalog,
- processing payments and invoicing,
- securing the service and preventing abuse,
- customer support,
- sending necessary account e-mails,
- measuring traffic to the marketing website,
- AI features, if you use them yourself.
Legal basis for processing
We process your account, catalog and the operation of the app to perform our contract. We keep billing details to perform the contract and to comply with legal obligations. We process security and operational logs and anonymized web analytics on the basis of our legitimate interest in protecting and improving the service. AI features process data only when you use them yourself.
| Purpose | Legal basis |
|---|---|
| Account, catalog, sign-in | Performance of contract |
| Payments and invoices | Performance of contract and legal obligation |
| Accounting | Legal obligation |
| Security and operational logs | Legitimate interest |
| Customer support | Performance of contract or legitimate interest |
| Transactional e-mails | Performance of contract |
| Web analytics (Google Analytics) | Legitimate interest (anonymized measurement) |
| AI features | Performance of contract (you trigger them yourself) |
Who has access
- You: primarily. No one else can reach your catalog through the website (per-user isolation at the database level).
- Anyone you send a share link to: a public link shows the coin for viewing only, with no ability to change anything. The link stops working after 7 days, or when you revoke it manually.
- Buyers on the marketplace: the photos and description of your listing are public once published. If someone clicks "I'm interested", you receive their contact by e-mail and they receive yours.
- The operator (Mincmistr s.r.o.): has technical access for support, incident response and maintenance. It does not read your catalog without a reason, and every access leaves a record.
Sharing with third parties
To run the app we pass certain data to the following providers, always for a specific purpose. Some providers may process data outside the EU/EEA, in particular in the USA. In that case we use the available legal safeguards, for example standard contractual clauses or transfers under the EU–US Data Privacy Framework, where the provider is certified:
- Hetzner Online GmbH (DE) – hosting of the app and the database. All data goes here primarily.
- Cloudflare, Inc. (US, servers also in the EU) – website acceleration and delivery, domain management, defence against attacks. It sees IP addresses and web requests (with an anonymized IP). On web forms (for example registration) we also use Cloudflare Turnstile for bot protection.
- Cloudflare R2 – encrypted backups. The contents of the backups are protected and access to them is under our control.
- Resend, Inc. (US) – sending transactional e-mails (account confirmation, password reset, marketplace notifications). It receives your e-mail and the body of the message.
- Anthropic, PBC (US) – AI coin identification, AI chat companion. The coin photo + descriptive data go to the Anthropic API. Anthropic is contractually bound not to use your data to train its model. You can turn AI features off at any time in settings.
- Numista (FR) – searching for similar coins in their catalog (optional). Coin photo + identification query.
- eBay Inc. (US) – when you connect your eBay account and publish a listing, eBay receives the photos + description + price. eBay is the controller of data on its platform; we are only an intermediary.
- Aukro s.r.o. (CZ) – analogously for the Aukro integration.
- Stripe Payments Europe, Limited (Dublin, IE) – payments for the Premium plan. Stripe receives your e-mail, name or company, billing address, VAT ID (optional) and payment card details. Stripe issues the invoice and automatically calculates VAT. Stripe is in the EU (Ireland) and the processing is governed by its privacy policy.
- Sentry (US) – error tracking. When an error occurs in the app, a technical description of the error and minimal request context are sent (anonymized IP, a user identifier without the e-mail, sanitized form data). Retained for 30 days.
- Have I Been Pwned – when you choose or change a password, we check whether it has appeared in known data breaches. Only a short hash of the password is sent (the first few characters of the encrypted hash), never the full password. This protects you from passwords that have already leaked.
- Google Ireland Limited (IE) – Google Analytics 4 to measure website traffic. Through the cookies
_gait collects anonymized information about the visit (pages visited, traffic source, approximate location, device type). It concerns the marketing website, not the data in your catalog. You can find the details in Cookies.
What is public
- Coin share link: only if you deliberately activate it. Whoever you give the link to can see the coin. It can be revoked at any time.
- Marketplace listing: everything you publish to the marketplace is public (photos, description, price). Photos in an eBay/Aukro listing remain accessible through a stable URL even after the listing is taken down – for immediate invalidation the token has to be rotated manually (see support).
- Your e-mail on the marketplace: when someone expresses interest in your listing, they receive your e-mail in the notification message (and you receive theirs). This is a deliberate sharing of contact details so that the details of the sale can be arranged.
Marketing e-mails
From time to time we may send you a marketing e-mail – news, usage tips or information about new features. We send them only when we have your consent or another legal basis for doing so, and each such e-mail can be unsubscribed from with a single click. Necessary account e-mails (account confirmation, password reset, marketplace notifications) are always sent.
Cookies
Besides technically necessary cookies (sign-in, language, form protection), we use Google Analytics 4 for anonymized measurement of traffic to the marketing website, and advertising and retargeting cookies to display relevant ads. We do not sell data from your catalog to third parties. You can find the complete overview in Cookies.
How long we keep data
- Your catalog and account: until you delete your account yourself. Deleting the account is irreversible and erases all your data (coins, photos, marketplace history).
- Invoices (Stripe Premium): 10 years as required by law (Section 35 of the VAT Act + Section 31 of the Accounting Act). You can find them in the app under Subscription as long as your account is active. After deleting your account, write to [email protected] and we will send you a link to the invoice.
- Activity log and security events: we keep them first in the live system and then in an archive, for a total of at most 18 months (for security and incident response).
- AI calls: a preview of the input and output for only 24 hours (cost control), after which it is deleted. Basic metadata (model, token count, cost) for 6 months.
- Technical payment records: we keep them for a limited time so that we can resolve billing errors and technical incidents.
- Sentry error events: 30 days.
- Backups in R2: 7 days rolling daily, encrypted with a key held outside R2.
What happens when you delete your account
After clicking Settings → Backup → Delete account, a 30-day protective period runs (the account is deactivated and the data waits for permanent deletion in case of a mistake). After 30 days the catalog, photos, marketplace history and AI calls are completely erased. If you have an active Premium subscription at the time of deletion, we set it so that Stripe cancels itself at the end of the current paid period – no further billing.
Exceptions due to legal obligations:
- Customer record and invoices in Stripe: these remain with Stripe for at least 10 years (Czech accounting rules). After deleting your OutOfDark account you no longer have self-service access to the Stripe portal (sign-in is disabled). If you need a copy of an invoice, write to [email protected] and we will send you a link. If you want us to anonymize your customer record in Stripe (the name to "Deleted user"), write to the same e-mail.
- Activity log: the actions remain for 18 months without identifying the person (the user identifier is replaced with an empty value and the e-mail disappears).
Your rights
- The right of access to your data
- The right to rectification or completion
- The right to erasure (the right to be forgotten)
- The right to restriction of processing
- The right to object
- The right to withdraw consent – where some processing is based on consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.
- The right to lodge a complaint with the Office for Personal Data Protection (ÚOOÚ, the Czech data protection authority)
To exercise a right, write to [email protected]. We will respond within 30 days. In addition, you can download your data yourself at any time directly in the app – a complete backup of your collection as well as a portfolio export.
Changes
We may update this document. We will notify registered users by e-mail of any material changes.