Privacy Policy

Last updated: April 2026

1. Who We Are

This Privacy Policy describes how Lug2Lug LLC (“we”, “us”) collects, uses, and protects your information when you use lug2lug (the “Service”). We are committed to keeping your data minimal and secure.

2. Information We Collect

Account data.
When you sign in with Google OAuth we receive your email address, display name, and profile picture. We store these in our user database to identify your account.
User contributions.
Comments, forum threads, replies, edit suggestions, watch collections, favorites, custom lists, and any text or images you upload to community discussions.
Behavioral data.
The specific watches you view, compare, favorite, and interact with, used to power our personalized discovery algorithm and taste profile.
Preferences.
Settings stored locally in your browser (price source, recommendation weights, dismissed watches, recently viewed) to personalize your experience.
Basic request data.
Standard server logs including IP address, browser type, and pages visited, retained for security and operational purposes.

3. How We Use Information

  • Operate, maintain, and refine the personalized recommendation engine
  • Display your public content (profile, public collections, forum posts) to other users
  • Maintain and moderate the community discussion forums
  • Detect and prevent abuse, fraud, or security issues
  • Communicate with you regarding account updates, platform changes, or the launch of proprietary Lug2Lug LLC products, merchandise, and services
  • Respond to questions or requests you send us

4. What's Public vs. Private

Public by default:
Your display name, profile picture, forum threads and replies, comments on watch pages, edit suggestions, and collections explicitly marked as public.
Private by default:
Your email address, favorites, recently viewed watches, private collections, and browser-stored preferences.

5. Third-Party Services

Google OAuth:
Used for sign-in. Subject to Google’s Privacy Policy.
Supabase:
Our database and authentication provider. Data is stored on Supabase’s infrastructure.
Pricing data sources:
We aggregate publicly available listings from eBay and Chrono24. We do not share your personal information with these services.

6. Cookies, Local Storage & Affiliate Tracking

We use browser local storage to save session tokens (for keeping you signed in) and your preferences. We may use cookies or URL parameters to properly route affiliate link clicks so retailers can attribute referrals to the platform. These affiliate tracking tags do not uniquely identify you.

eBay Partner Network: Lug2Lug is a participant in the eBay Partner Network affiliate program. When you click an eBay link on our site, we may earn a commission on any resulting purchase at no additional cost to you. This does not influence which listings we display or the prices we show — we aggregate publicly available data from eBay regardless of whether you click an affiliate link. You can recognize affiliate links by the campid query parameter when you navigate to eBay.

We do not use third-party advertising cookies, cross-site tracking pixels, or fingerprinting services. If we add website analytics software (such as Google Analytics or Plausible) in the future, we will update this Policy to disclose it.

7. Data Sharing — The “No Selling” Promise

Lug2Lug LLC does not sell your personal data to third-party data brokers or marketing agencies. We do not share it with advertisers.

Data is only shared with essential third-party service providers (such as our database host Supabase, authentication provider Google, and email infrastructure) strictly for the purpose of operating the platform. We may disclose information when legally required (subpoena, court order), or to protect the rights, property, or safety of Lug2Lug LLC, our users, or the public.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data (via your profile settings)
  • Delete your account and associated data
  • Export your data in a portable format
  • Opt out of non-essential data processing

To exercise any of these rights, contact us at contact@lug2lug.org.

9. Data Retention

We retain your account data as long as your account is active. If you delete your account, we remove your personal data within 30 days, though anonymized aggregate data (e.g., total thread counts) may be retained for operational purposes.

10. Security

We use industry-standard security measures including HTTPS, encrypted database storage, and access controls. No system is perfectly secure; we cannot guarantee absolute protection against unauthorized access.

11. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have such information, we will delete it.

12. International Users (GDPR / CCPA)

The Service is operated from the United States. By using the Service, users outside the U.S. consent to their information being transferred to and processed in the United States.

EU/UK residents (GDPR): You have rights to access, rectification, erasure, restriction, portability, and objection regarding your personal data. Our legal bases for processing are your consent (account creation, content posting) and our legitimate interests (operating and improving the Service, security).

California residents (CCPA): You have the right to know what personal information we collect, request deletion, and opt out of any sale of personal information. As stated above, we do not sell personal information. To exercise any of these rights, contact us at contact@lug2lug.org.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date. Continued use after changes constitutes acceptance.

14. Contact

For privacy questions or requests, contact us at:

Lug2Lug LLC
502 W 7th St, Ste 100
Erie, PA 16502
United States
contact@lug2lug.org