Gavelbase Privacy Policy

Jul 28, 2025

privacy

Privacy Policy

Last Updated: July 28, 2025

Gavelbase LLC, doing business as Gavelbase ("Gavelbase," "we," "us," or "our"), operates a software-as-a-service (SaaS) platform (the "Platform") that enables businesses ("Members") to create, manage, and operate online marketplaces and auctions. This Privacy Policy explains how we collect, use, disclose, and protect information, including Personally Identifiable Information (PII), in connection with the Platform. By using the Platform, you agree to the practices described in this Privacy Policy.

Gavelbase is a software provider only and does not directly store or process payment information (e.g., credit card details) or sensitive PII beyond names and addresses collected for Member account management. Payment information and additional PII collected through Member-run marketplaces are handled by third-party services, primarily Stripe Connect, as configured by Members. This Privacy Policy applies to Members and their users (e.g., buyers, sellers, consignors, crew members) accessing Member-run marketplaces powered by the Platform.

1. Scope of This Privacy Policy

This Privacy Policy covers:

  • Information collected and stored by Gavelbase for Member account management and Platform operation.

  • Information collected by Members through their marketplaces, where Gavelbase provides tools but does not directly store or process payment information or sensitive PII.

  • The role of third-party services (e.g., Stripe Connect, external platforms for cross-listing) in collecting, storing, or processing PII and payment information.

This Privacy Policy does not apply to:

  • Information collected by Member-run marketplaces outside of Gavelbase’s Platform.

  • Information collected by third-party services (e.g., Stripe Connect, external platforms) under their own privacy policies.

2. Information We Collect

2.1 Information Collected and Stored by Gavelbase

We collect and store the following information directly from Members to provide and improve the Platform:

  • Account Information: When you register as a Member, we collect and store PII such as your business name, contact name, address, email address, billing information, and account settings (e.g., domain names, theme preferences). Names and addresses are stored for account management, billing, and communication purposes.

  • Usage Data: We collect information about how you interact with the Platform, such as IP addresses, browser type, device information, pages visited, and actions taken (e.g., creating listings, configuring fees).

  • Support Communications: Information you provide when contacting us for support, such as emails, inquiries, or feedback.

2.2 Information Collected by Members Using Platform Tools

Members may use Platform tools to collect information, including PII, from their users (e.g., buyers, sellers, consignors, crew members). This may include:

  • Transaction Information: Names, addresses, phone numbers, email addresses, or other PII provided by buyers or sellers during transactions.

  • Payment Information: Credit card details, bank account information, or other payment data processed via Stripe Connect.

  • Listing Information: Details about items listed, such as descriptions, images, or pricing.

  • Messaging Data: Communications between buyers and sellers facilitated through Platform tools.

Gavelbase does not directly collect, store, or process this information, except for names and addresses stored for Member account management as described in Section 2.1. All payment information and additional PII collected through Member-run marketplaces are stored and processed by Stripe Connect or other third-party integrations configured by the Member.

2.3 Information Collected by Third Parties

The Platform integrates with third-party services, such as:

  • Stripe Connect: Collects and stores PII (e.g., names, addresses, contact information) and payment information (e.g., credit card details) for transaction processing.

  • External Platforms for Cross-Listing: When Members cross-list items to external platforms (e.g., other Gavelbase-powered sites or third-party marketplaces), those platforms may collect data about the items, such as listing details, images, pricing, or user information, as per their own privacy policies.

These third parties operate under their own privacy policies, and Members are responsible for ensuring compliance with those policies.

3. How We Use Information

3.1 Use by Gavelbase

We use the information we collect and store directly (e.g., Member names, addresses, account information) to:

  • Provide, maintain, and improve the Platform’s functionality.

  • Process Member subscription payments and manage billing.

  • Communicate with Members about their accounts, updates, or support inquiries.

  • Analyze usage patterns to enhance Platform performance and user experience.

  • Comply with legal obligations or enforce our Terms of Service.

3.2 Use by Members

Members use Platform tools to collect and manage information, including PII, for purposes such as:

  • Facilitating transactions (e.g., processing payments, shipping items).

  • Managing inventory, consignors, or crew accounts.

  • Communicating with buyers and sellers.

  • Configuring fees or taxes.

  • Cross-listing items to external platforms.

Gavelbase provides these tools but does not control or assume responsibility for how Members use them or the data they collect, except for the limited PII (names and addresses) stored by Gavelbase for Member account management.

4. How Information Is Shared

4.1 Sharing by Gavelbase

We may share information collected and stored directly by Gavelbase (e.g., Member names, addresses, account information) as follows:

  • Service Providers: With third-party vendors (e.g., hosting providers, analytics services) who assist in operating the Platform, subject to confidentiality agreements.

  • Legal Compliance: To comply with applicable laws, regulations, or legal processes (e.g., subpoenas, court orders).

  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred to a successor entity.

  • With Consent: With your explicit consent for specific purposes.

We do not sell or rent Member information to third parties for marketing purposes.

4.2 Sharing by Members

Members may share information, including PII, collected through their marketplaces with:

  • Buyers, sellers, or consignors to facilitate transactions.

  • External platforms for cross-listing items.

  • Stripe Connect for payment processing and PII storage.

Members are responsible for ensuring that any sharing complies with applicable data privacy laws and third-party terms.

4.3 Third-Party Integrations

Information collected via Platform tools (e.g., PII, payment data, or item data for cross-listing) is stored and processed by third parties like Stripe Connect or external platforms. Gavelbase does not directly access or share this information, except as necessary to provide the Platform’s functionality (e.g., facilitating API calls to Stripe or cross-listing platforms) or for Member account management (e.g., names, addresses). Members must review and comply with the privacy policies of these third parties.

5. Data Storage and Security

5.1 Gavelbase Data Storage

Information collected and stored directly by Gavelbase (e.g., Member names, addresses, account information, usage data) is stored on secure servers with industry-standard encryption and security measures. However, no system is completely secure, and we cannot guarantee the absolute security of your data.

5.2 PII and Payment Data Storage

Gavelbase does not store payment information (e.g., credit card details) or sensitive PII beyond the names and addresses collected for Member account management. All other PII (e.g., buyer or seller names, addresses, contact information) and payment information collected through Member-run marketplaces are stored and processed by Stripe Connect, which implements its own security measures, including:

  • Tokenization of payment data to prevent storage of sensitive cardholder data on Gavelbase servers.

  • Secure payment forms (e.g., Stripe Elements) for data collection.

  • Encryption of PII and payment data during transmission and storage.

5.3 Member Responsibility for Data Security

Members are responsible for:

  • Securing their accounts and any systems used to access the Platform.

  • Ensuring that data collection and storage practices (e.g., via Stripe Connect or external platforms for cross-listing) comply with applicable data privacy laws.

  • Handling any data breaches or security incidents involving PII, payment data, or item data stored by Stripe Connect or external platforms.

Gavelbase is not liable for any data breaches, unauthorized access, or misuse of PII, payment data, or item data, except where caused by Gavelbase’s gross negligence or willful misconduct related to the limited PII (names and addresses) we store.

6. Data Privacy Compliance

6.1 Member Responsibilities

Members are responsible for ensuring compliance with all applicable data privacy laws, including but not limited to:

  • General Data Protection Regulation (GDPR): For users in the European Union, Members must obtain explicit consent for collecting and processing PII, provide data subject rights (e.g., access, deletion), and ensure lawful data handling.

  • California Consumer Privacy Act (CCPA): For California residents, Members must provide notice of data collection, offer opt-out rights, and comply with data deletion requests.

  • Other applicable data privacy regulations in your jurisdiction.

Gavelbase provides tools to assist with data collection (e.g., PII for transactions, item data for cross-listing), but Members are solely responsible for:

  • Obtaining necessary consents from users (e.g., buyers, sellers) for PII collection, processing, or sharing with external platforms.

  • Configuring Platform tools to comply with data privacy laws.

  • Verifying the accuracy and legality of data collected or stored via Platform tools, Stripe Connect, or external platforms.

  • Responding to data subject requests (e.g., access, deletion, portability) for data collected through their marketplaces.

6.2 Gavelbase’s Role

Gavelbase acts as a data controller only for the limited PII (names and addresses) collected for Member account management. Gavelbase is not a data controller or processor for PII, payment data, or item data collected by Members through their marketplaces or shared with external platforms. We provide tools to facilitate data collection but do not:

  • Store or manage payment information or sensitive PII beyond Member account names and addresses.

  • Perform data privacy compliance tasks on behalf of Members.

  • Assume liability for non-compliance with data privacy laws for Member-collected data.

Members should consult qualified legal professionals to ensure compliance with data privacy regulations.

7. Your Rights

7.1 Member Rights

As a Member, you may have certain rights regarding the PII we store (e.g., names, addresses for account management), depending on your jurisdiction:

  • Access: Request a copy of the information we hold about you.

  • Correction: Request correction of inaccurate or incomplete information.

  • Deletion: Request deletion of your information, subject to legal retention requirements.

  • Portability: Request a copy of your information in a structured, machine-readable format.

To exercise these rights, contact us at support@gavelbase.com. We will respond within the timeframes required by applicable law.

7.2 End-User Rights

Buyers, sellers, consignors, or crew members using Member-run marketplaces should contact the respective Member to exercise their data privacy rights (e.g., access, deletion) for PII or item data collected through those marketplaces. Gavelbase does not directly control or process end-user data beyond Member account information and cannot respond to such requests.

8. Third-Party Services

The Platform integrates with third-party services, such as:

  • Stripe Connect: Stores PII (e.g., names, addresses, contact information) and payment information for transaction processing.

  • External Platforms for Cross-Listing: Collects data related to cross-listed items (e.g., item descriptions, images, pricing, or user information) when Members list items on other Gavelbase-powered sites or third-party marketplaces.

These third parties operate under their own privacy policies, and Members are responsible for:

  • Reviewing the privacy policies of these third-party services.

  • Ensuring that their use of third-party integrations complies with applicable laws and user consents.

  • Notifying their users about data collection by third parties, including external platforms for cross-listing.

Gavelbase is not liable for the data practices of third-party services.

9. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., pixels, analytics tools) to:

  • Authenticate Members and maintain session security.

  • Analyze Platform usage and performance.

  • Improve user experience.

You can manage cookie preferences through your browser settings. However, disabling cookies may affect Platform functionality. Members are responsible for managing cookies or tracking technologies used in their marketplaces and obtaining user consent as required by law.

10. International Data Transfers

The Platform is hosted in the United States, and information we collect and store directly (e.g., Member names, addresses) may be stored or processed in the U.S. or other jurisdictions. Members using Stripe Connect or external platforms for cross-listing may have PII, payment data, or item data transferred to servers outside their jurisdiction. Members are responsible for:

  • Ensuring that international data transfers comply with applicable data privacy laws (e.g., GDPR’s Standard Contractual Clauses).

  • Obtaining user consent for cross-border data transfers as required.

Gavelbase is not responsible for managing or ensuring compliance with international data transfer requirements for Member-collected data.

11. Children’s Privacy

The Platform is not intended for use by individuals under the age of 18. Gavelbase does not knowingly collect PII from children beyond names and addresses for Member account management, which are provided by authorized business representatives. Members are responsible for ensuring that their marketplaces comply with children’s privacy laws (e.g., COPPA in the U.S.).

12. Changes to This Privacy Policy

Gavelbase reserves the right to update this Privacy Policy at any time, with notice provided via email or through the Platform. Changes will take effect upon posting unless otherwise required by law. Continued use of the Platform after changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Gavelbase LLC
2477 Greenwood Rd
Prescott, MI 48756
Email: support@gavelbase.com

For data privacy requests (e.g., access, deletion), include “Data Privacy Request” in the subject line of your email.

14. Acknowledgment

By using the Platform, you acknowledge that:

  • Gavelbase collects and stores names and addresses for Member account management but does not store or process payment information or sensitive PII directly.

  • Payment information and additional PII are stored and processed by Stripe Connect, and item data may be collected by external platforms for cross-listing, with Members responsible for compliance with their privacy policies.

  • Members are solely responsible for obtaining consents, ensuring data privacy compliance, and managing data collected through their marketplaces or shared with external platforms.

  • Gavelbase is not liable for any data breaches, misuse, or non-compliance related to PII, payment data, or item data, except where caused by Gavelbase’s gross negligence or willful misconduct related to the PII we store.

Gavelbase Terms of Service Agreement ›