We value your privacy

    We use cookies to keep the site running (essential) and, with your permission, for analytics and personalized content. You can opt out of non-essential cookies at any time. Learn more

    🎉 List 5 items and earn a $50 balance reward!Start selling
    Indie Watches
    Sign InRegister

    Privacy Policy

    Effective Date: February 14, 2026

    1. Introduction

    EcomBoost LLC ("we," "us," or "our") operates the Indie Watches platform ("Platform") at indiewatches.store, a web application providing a marketplace, community forums, brand directory, price analytics, and related services for microbrand watch enthusiasts. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our Platform.

    We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA). By using Indie Watches, you consent to the data practices described in this Privacy Policy. If you do not agree, please discontinue use of the Platform.

    This Privacy Policy is incorporated into and subject to our Terms of Service.

    2. Information We Collect

    2.1 Personal Information You Provide

    We collect information you voluntarily provide when you:

    • Create an account: Email address, password, and display name. If you sign up via Google or other social login providers, we receive your name, email address, and profile picture from those services.
    • Build your profile: Bio, avatar photo, location, watch collection details (brand, model, reference number, photos, purchase price, and condition).
    • Use the marketplace: Listing details (watch descriptions, photos, pricing), shipping addresses, and transaction history.
    • Enable Two-Factor Authentication (MFA): TOTP enrollment data for your authenticator app. We store the encrypted enrollment but never your recovery codes after initial display.
    • Participate in forums: Posts, comments, replies, and any media you upload to community discussions.
    • Set price alerts and wishlists: Watch models, brands, price thresholds, and notification preferences you choose to monitor.
    • Enter giveaways or referral programs: Your referral code, referred user details, and giveaway entry information.
    • Contact us: Name, email, and the content of your communications, including inbound email replies.

    2.2 Payment and Transaction Information

    Marketplace transactions are processed through Stripe, including Stripe Connect Express for seller payouts and KYC verification, and Stripe Tax for automatic sales tax calculation. We do not directly store your full credit card numbers or bank account details. Stripe collects and processes payment information in accordance with the Payment Card Industry Data Security Standard (PCI DSS). We receive transaction confirmations, amounts, partial payment identifiers, and tax calculations for record-keeping, escrow management, and 1099-K reporting compliance.

    2.3 Usage and Device Information

    We automatically collect certain information when you access the Platform, including:

    • Device data: Browser type, operating system, device identifiers, and screen resolution.
    • Usage data: Pages visited, features used, search queries, click patterns, time spent on pages, and referral sources.
    • Location data: Approximate location derived from your IP address via GeoJS (we do not collect precise geolocation). Used for cookie consent framework selection (GDPR/CCPA) and displaying relevant content.
    • Log data: IP address, access timestamps, error logs, and server request data.
    • Push notification tokens: If you opt in to browser push notifications, we store your VAPID subscription endpoint.

    2.4 Email Engagement Data

    We use Resend as our email service provider. When we send you emails, we may collect open rates, click-through data, and delivery status through tracking pixels and link tracking. This data helps us improve our communications. You can manage your email preferences (weekly digest, order updates, promotions, price alerts, and newsletter) in your account settings.

    2.5 Advertising and Remarketing Data

    With your consent, we may collect data through third-party advertising pixels and tags for remarketing and ad attribution purposes. Our advertising partners include:

    • Google Ads: Conversion tracking, remarketing audiences, and Enhanced Conversions (hashed email shared with Google for cross-device attribution when you complete a purchase)
    • Meta (Facebook/Instagram): Conversion API (CAPI) server-side events and client-side pixel for ad measurement and retargeting
    • TikTok: Pixel for conversion tracking and audience building
    • Pinterest: Tag for conversion tracking
    • Snapchat: Pixel for ad attribution
    • Microsoft Bing: UET tag for search ad measurement

    These pixels are only activated with your consent via our cookie consent banner.

    2.6 Attribution and UTM Tracking

    We capture UTM parameters (source, medium, campaign, term, content) from inbound URLs to understand how visitors discover our Platform. This data is stored in your browser's sessionStorage (last-touch, session-scoped) and localStorage (first-touch, persisted across sessions). Attribution data may be attached to checkout and analytics events. No personally identifiable information is included in UTM data.

    2.7 Brand and Market Data

    We collect and aggregate pricing signals from marketplace transactions, historical records, and other publicly available brand and model information to power our price charts, Price Index pages, and analytics features. We may also use automated tools to catalog official watch brand and model information from public pages. This data is processed in anonymized and aggregated form and does not include personal information.

    2.8 Product Data Feeds

    We generate product data feeds for Google Merchant Center and Microsoft Merchant Center (Bing Shopping) containing publicly available listing information (title, description, price, images, condition, brand). These feeds enable our listings to appear in shopping search results and do not include buyer or seller personal information.

    3. How We Use Your Information

    We use the information we collect for the following purposes:

    3.1 Providing and Improving Services

    • Operating, maintaining, and improving the Platform and its features
    • Processing marketplace transactions, managing escrow, and calculating sales tax via Stripe Tax
    • Facilitating seller onboarding and payouts through Stripe Connect Express
    • Facilitating communication between buyers and sellers
    • Delivering price alerts, push notifications, and personalized recommendations
    • Managing giveaways, referral rewards, and achievement systems
    • AI-powered content moderation to detect and prevent sharing of contact information in private messages
    • Automated brand popularity ranking based on follower counts, review activity, listings, and community engagement
    • Automated seller and buyer credibility scoring based on transaction history, reviews, disputes, and account age

    3.2 Aggregated Data and Market Insights

    • Producing anonymized price charts, Price Index pages, flip scores, and market trend reports using aggregated marketplace sales data and transactions
    • Analyzing usage patterns to improve user experience and Platform performance
    • Generating aggregated brand performance metrics, trending scores, and popularity rankings for our brand directory
    • Using data from watch collections, listings, transactions, reviews, and community activity to compile aggregate statistics, rankings, and insights displayed publicly on the Platform (e.g., average sale prices, brand popularity, collection trends, and community benchmarks)

    By using the Platform, you acknowledge and agree that information you contribute—including listing details, collection data, pricing, reviews, and community posts—may be used in aggregate form to power site-wide analytics, rankings, and insights. All aggregate outputs are derived from anonymized and de-identified data. Individual user identities are never exposed in public-facing analytics, price charts, or market reports without your explicit consent.

    3.3 Communications and Marketing

    • Sending transactional emails via Resend (order confirmations, shipping notifications, delivery updates, escrow status)
    • Delivering marketing communications about new features, events, and promotions (with your consent)
    • Weekly digest emails with trending watches, new brands, and community highlights
    • Brand outreach campaigns and follow-up nudges for brand partnerships
    • Checkout abandonment and browse recovery emails
    • Win-back emails to re-engage users who have been inactive for 30 or more days, featuring platform highlights and new listings
    • Referral reminder emails sent 14 days after signup to encourage users who have not yet shared their referral code
    • Providing push notifications for price alerts, messages, and community activity (opt-in required)

    You can manage your email preferences at any time through your account settings, choosing independently for each email type: weekly digest, newsletter, order updates, price drop alerts, and promotions. You may also unsubscribe via the link in any marketing email.

    3.4 Audience Segmentation

    We use Resend Audiences to segment our email lists based on your preferences. When you update your email preferences, your contact information is synced to the appropriate audience segments (e.g., Weekly Digest, Newsletter, Promotions, Transactional). You control which segments you belong to via your settings.

    3.5 Safety and Security

    • Detecting and preventing fraud, abuse, and unauthorized access
    • AI-powered content moderation for listings and messages
    • Seller credibility scoring and automated flagging of suspicious activity, including new-seller cooldown restrictions and price anomaly detection
    • Verification holds on high-value orders (≥$2,000) requiring manual admin clearance
    • Automated dispute evidence aggregation from order and shipment metadata
    • Enforcing our Terms of Service and community guidelines
    • Supporting Two-Factor Authentication (MFA) via TOTP
    • Complying with legal obligations and responding to lawful requests

    4. Sharing Your Information

    We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

    4.1 Service Providers

    We share data with trusted third-party service providers who assist in operating the Platform, including:

    • Stripe: Payment processing, seller payouts (Connect Express), KYC verification, fraud prevention, sales tax calculation (Stripe Tax), and 1099-K reporting
    • Resend: Transactional and marketing email delivery, audience management, and email analytics
    • Lovable Cloud: Backend infrastructure including database, authentication, file storage, and serverless functions
    • GeoJS: IP-based geolocation for cookie consent framework detection
    • Firecrawl: Web scraping for watch catalog data aggregation
    • Google Analytics / Google Ads: Website usage analytics (with consent) and conversion tracking with Enhanced Conversions
    • Google Merchant Center / Microsoft Merchant Center: Product data feeds for shopping search results
    • IndexNow / Google Indexing API: Search engine indexing for new and updated content

    These providers are contractually obligated to use your data only for the purposes we specify and in compliance with applicable data protection laws.

    4.2 Affiliate Partners

    Links to products on Amazon.com and other Amazon regional domains may contain our affiliate tag (Amazon Associates). When you click an Amazon link on our Platform and make a purchase, we may earn a commission. This does not affect the price you pay. Amazon may set cookies on your device in accordance with their own privacy policy.

    4.3 Advertising Partners

    With your consent (via our cookie consent banner), we share limited data with advertising partners for conversion tracking and remarketing:

    • Google Ads: Conversion tracking, remarketing, and Enhanced Conversions (hashed email for cross-device attribution)
    • Meta Platforms (Facebook/Instagram): Conversion API (server-side) and pixel data for ad measurement
    • TikTok, Pinterest, Snapchat, Microsoft Bing: Conversion pixels for ad attribution

    You can withdraw consent at any time by resetting your cookie preferences. We honor the Global Privacy Control (GPC) signal as an automatic opt-out.

    4.4 Other Users

    Certain information you choose to share on the Platform is visible to other users, including your display name, avatar, public watch collection, marketplace listings, forum posts, seller credibility score, community reputation, and achievement badges. We are not liable for information you voluntarily share in public areas of the Platform.

    4.5 Legal Requirements

    We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to: comply with a legal obligation; protect and defend our rights or property; prevent fraud or abuse; or protect the personal safety of users or the public.

    4.6 Business Transfers

    In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

    5. Data Security

    We implement industry-standard security measures to protect your personal information, including:

    • Encryption of data in transit (TLS/SSL) and at rest
    • Secure authentication mechanisms, including OAuth 2.0 social login and optional TOTP-based Two-Factor Authentication
    • Webhook signature verification (Svix/HMAC-SHA256) for inbound integrations
    • Row-Level Security (RLS) policies on all database tables to enforce access control
    • API secrets stored encrypted and never exposed in client-side code
    • Regular security audits and vulnerability assessments
    • Access controls limiting employee access to personal data on a need-to-know basis
    • Anti-fraud monitoring for marketplace transactions and escrow operations

    While we strive to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security and encourage you to use strong, unique passwords, enable Two-Factor Authentication, and exercise caution when sharing personal information.

    6. Your Rights and Choices

    Depending on your jurisdiction, you may have the following rights regarding your personal information:

    6.1 GDPR Rights (European Economic Area)

    • Access: Request a copy of the personal data we hold about you
    • Rectification: Request correction of inaccurate or incomplete data
    • Erasure: Request deletion of your personal data ("right to be forgotten")
    • Restriction: Request that we limit processing of your data
    • Portability: Request your data in a structured, machine-readable format
    • Objection: Object to processing based on legitimate interests or for direct marketing

    6.2 CCPA/CPRA Rights (California Residents)

    • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected
    • Right to Delete: Request deletion of your personal information
    • Right to Correct: Request correction of inaccurate personal information
    • Right to Opt-Out: We do not sell personal information. We share data with advertising partners only with your explicit consent via our cookie banner
    • Right to Limit Use of Sensitive Information: We do not use sensitive personal information for purposes beyond those disclosed
    • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

    6.3 Exercising Your Rights

    To exercise any of these rights, please contact us at privacy@indiewatches.store. We will respond to verified requests within thirty (30) days (or as required by applicable law). We may request additional information to verify your identity before processing your request.

    6.4 Email and Notification Preferences

    You may independently opt out of each email type (weekly digest, newsletter, order updates, price alerts, promotions) through your account settings → Notifications. Push notifications can be disabled in the same settings. Transactional notifications critical to active orders (e.g., escrow updates, security alerts) cannot be fully disabled while your account is active.

    6.5 Cookie and Advertising Preferences

    You can manage cookie preferences at any time via the cookie consent banner or on our Cookie Policy page. We honor Global Privacy Control (GPC) signals. You may also opt out of interest-based advertising through the DAA opt-out tool or EDAA opt-out tool.

    7. Cookies and Tracking Technologies

    We use cookies and similar technologies to:

    • Essential cookies: Maintain your session, authenticate your account, process payments via Stripe, and remember your preferences
    • Analytics cookies: Understand how users interact with the Platform (Google Analytics, with consent)
    • Functional cookies: Enable features like theme preferences, saved searches, and recently viewed listings
    • Marketing cookies: Track conversions and enable remarketing across Meta, TikTok, Pinterest, Snapchat, and Bing (with consent only)
    • Email tracking: Tracking pixels in emails to measure open rates and engagement (managed by Resend)

    For complete details on the cookies we use, please see our Cookie Policy. Our consent banner adapts based on your detected location (GDPR opt-in vs. CCPA opt-out framework).

    8. Data Retention

    We retain your personal information for as long as your account is active or as needed to provide you with our services. Upon account deletion, we will remove or anonymize your personal data within ninety (90) days, except where retention is required by law (e.g., tax records for 1099-K reporting, legal disputes) or necessary for legitimate business purposes (e.g., fraud prevention).

    Anonymized and aggregated data used for analytics, price charts, and market reports may be retained indefinitely, as it does not identify individual users.

    Email engagement data (open rates, click data) is retained for twelve (12) months. Resend Audience membership is maintained until you opt out or delete your account.

    9. Children's Privacy

    Indie Watches is not directed to individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If we become aware that a minor has provided us with personal information, we will take steps to delete such information promptly. If you believe a minor has provided us with personal data, please contact us at privacy@indiewatches.store.

    10. International Data Transfers

    Your information may be transferred to and processed in countries other than your country of residence, including the United States. Our service providers (Stripe, Resend, Lovable Cloud) may process data in various jurisdictions. We ensure that appropriate safeguards are in place for international transfers, including standard contractual clauses approved by relevant data protection authorities.

    11. Third-Party Links and Services

    The Platform may contain links to third-party websites, services, or applications, including brand websites, carrier tracking pages, and social media platforms. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through the Platform.

    12. AI and Automated Decision-Making

    We use AI-powered tools for the following purposes:

    • Content moderation: Automated scanning of messages and listings to detect prohibited content (contact information sharing, counterfeit indicators)
    • Watch photo scanning: AI analysis of listing photos to detect potential issues
    • Brand/model description generation: AI-generated content for catalog enrichment
    • Seller credibility scoring: Automated scoring based on transaction history, reviews, disputes, and account age, recalculated daily
    • Brand popularity ranking: Daily automated trending scores based on follower counts, review activity, community engagement, and listing volume
    • Price anomaly detection: Automated flagging of listings priced significantly below market average
    • Market price aggregation: Automated aggregation of marketplace transactions and historical pricing records to power Price Index charts and market analytics

    These automated systems may affect your experience (e.g., message blocking, listing removal, account flagging). You have the right to request human review of any automated decision that significantly affects you by contacting privacy@indiewatches.store.

    13. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated via email notification and/or a prominent notice on the Platform at least thirty (30) days before they take effect. Your continued use of the Platform after the effective date constitutes acceptance of the revised Privacy Policy.

    14. Contact Us

    If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

    EcomBoost LLC
    Attn: Privacy Team
    Austin, Texas, United States
    Email: privacy@indiewatches.store

    For GDPR-related inquiries, you may also contact your local data protection authority if you believe your rights have not been adequately addressed.

    Related Pages