Privacy & Cookie Policy
Last updated: March 13, 2026
Who is the controller?
Cardsnipe, operated from Belgium. For questions about your data you can reach us at
info@cardsnipe.be.
What personal data do we collect?
- Account data — When you register we store your username, email address and a securely hashed password.
- Card images — Photos you upload for grading are processed by our AI. Grading results (score, card name) are stored in your account.
- Visit data — When you visit our homepage we record your IP address, browser user-agent and a timestamp. This is used solely for aggregate visitor statistics and is not linked to your account.
- Payment data — Credit purchases are processed by Stripe. We do not store your credit card number. Stripe may process data according to their own privacy policy.
- Contact messages — If you use the contact form we store your name, email and message to respond to your inquiry.
Cookies & local storage
Cardsnipe does not use marketing or analytics cookies. We also do not use any third-party tracking scripts (no Google Analytics, Facebook Pixel, etc.).
We use the following browser storage, all of which are strictly necessary for the service to function:
| Storage |
Type |
Purpose |
session_token |
httpOnly cookie |
Keeps you logged in between sessions. Not accessible by JavaScript. Removed on logout. |
is_logged_in |
Cookie |
Lets the interface detect whether you are logged in. Contains no sensitive data. |
cs_privacy_ok |
localStorage |
Remembers that you dismissed the privacy info banner. |
Stripe (loaded only on the payment page) may set its own cookies for fraud prevention and payment processing. These are functional cookies required for the payment you initiate. See Stripe's privacy policy.
Legal basis (GDPR)
- Contract — Processing your account data and grading results is necessary to provide the service you signed up for (Art. 6(1)(b) GDPR).
- Legitimate interest — Aggregate visitor statistics help us improve the service (Art. 6(1)(f) GDPR). We minimise the data collected and do not build individual profiles.
- Legal obligation — We may retain certain data when required by Belgian or EU law (Art. 6(1)(c) GDPR).
Third-party services
- Stripe — Payment processing. Data is transferred to Stripe Inc. under standard contractual clauses. Privacy policy.
- Brevo — Transactional emails (verification, password reset). Privacy policy.
- Google Fonts — Font files are loaded from Google servers. Privacy policy.
Data retention
Account data and grading history are kept as long as your account exists. Visit statistics are stored without link to your account. You can request deletion of your account and all associated data at any time.
Your rights
Under the GDPR you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data
- Request erasure of your data
- Restrict or object to processing
- Data portability
- Lodge a complaint with the Belgian Data Protection Authority (GBA)
To exercise any of these rights, contact us at info@cardsnipe.be.
Changes to this policy
We may update this policy from time to time. The "last updated" date at the top will always reflect the most recent version.