WatchSnipe — Privacy Policy

← Back to WatchSnipe
# WatchSnipe Privacy Policy

*Last updated: March 2026*

## What We Collect

When you use WatchSnipe, we store the following data:

- **Telegram user ID and username** — to identify your account and deliver alerts
- **Wish list entries** — the watch preferences you add (brand, model, price range, condition, notes)
- **Alert history** — records of which listings matched your wishes and when alerts were sent
- **Feature requests and feedback** — text you submit via /feedback

## What We Do NOT Collect

- Message content outside of bot commands
- Location data, contacts, or phone numbers
- Browsing or usage analytics
- Payment card details (handled entirely by Stripe/Telegram)

## How Data Is Used

- **Wish matching** — Your wish list entries are compared against watch-for-sale listings scraped from public marketplaces (r/Watchexchange). Listing text is sent to an AI service (Google Gemini via OpenRouter) to extract structured data and evaluate matches.
- **Alert delivery** — When a match is found, we send you a Telegram message with listing details.
- **Service improvement** — Aggregate, anonymized metrics (match rates, brand detection accuracy) help us improve the matching pipeline.

## Third-Party Services

| Service | Purpose | Data Shared |
|---------|---------|-------------|
| **OpenRouter / Google Gemini** | AI-powered listing analysis and match evaluation | Listing title, body text (public marketplace data) |
| **Telegram** | Bot messaging and alert delivery | Your Telegram user ID, alert messages |
| **Stripe** | Payment processing | Handled by Stripe; we only receive subscription status |
| **DigitalOcean** | Infrastructure hosting | All data stored on encrypted volumes |

AI providers process listing data for extraction and matching only. Your personal wish list data is not sent to AI providers — only public listing text is processed.

## Data Storage and Security

- Data is stored in an encrypted SQLite database on a DigitalOcean server (NYC1 region)
- Server access is restricted to SSH key authentication only (no password login, no root access)
- Firewall rules limit access to necessary ports only
- Daily encrypted backups are retained for 7 days

## Data Retention

- **Active accounts** — Data is retained while your account is active
- **Inactive accounts** — If you stop using the bot, your data remains until you request deletion
- **Deleted data** — When you request deletion, all personal data (account, wishes, alerts, feedback) is permanently removed within 7 days

## Your Rights

You have the right to:

- **Access** your data — Use /list to see your wish list, /alerts for alert history
- **Delete** your data — Contact the admin to request full account deletion
- **Export** your data — Contact the admin for a data export
- **Correct** your data — Edit or remove wish list entries at any time

## Contact

For privacy questions, data requests, or to exercise your rights, contact the bot administrator through Telegram.

## Changes

We may update this policy as the service evolves. Significant changes will be communicated via bot message to active users.