Privacy Policy

MEDIOCRACY, LLC

d/b/a Marketless Farmer

Website: https://marketlessfarmer.com

Email: support@marketlessfarmer.com

We respect your privacy.

This Privacy Policy explains how we collect, use, and protect your information when you use Marketless Farmer (the "Service").

1. Information We Collect

1.1 Information You Provide

We may collect information you provide directly, including:

• Account information (email, full name, profile details)
• Listing details (titles, descriptions, prices, photos)
• Messages sent to other users through the Service
• Seller verification acknowledgments
• Location data (mapped coordinates for "Nearby" features)

1.2 Technical Data

We may automatically collect:

• IP address (for abuse prevention and security)
• Browser type and version
• Device information
• Request timestamps
• Error logs

1.3 Payment Data

We do not store credit card numbers or full payment details.

Seller subscription payments and event listing payments made on the website are processed by Stripe. We only receive confirmation of payment status and limited billing metadata necessary to manage subscriptions.

In-app purchases on the iOS and Android apps are processed by Apple's App Store and Google Play. Subscription state and one-time purchase events are relayed to us through RevenueCat. We receive purchase confirmation, the product identifier, and your entitlement status (whether you have an active subscription or have purchased a one-time product). We do not receive your card details or your App Store / Google Play account credentials.

1.4 Notifications

If you enable notifications in the iOS or Android app, your device generates a push notification token (assigned by Apple Push Notification Service on iOS or Google Firebase Cloud Messaging on Android). We store this token, linked to your account, solely to deliver notifications you have opted into — for example, alerts about new messages from other users.

You can disable notifications at any time in your device settings, and we will stop sending notifications to that device.

2. How We Use Data

We use your information to:

• Authenticate your account
• Display listings and profiles
• Facilitate communication between neighbors and sellers
• Operate and improve the Service
• Detect abuse, fraud, or misuse
• Enforce our Terms of Service
• Provide customer support

We do not sell your personal information.

3. Children's Privacy

The Service is not directed to children under 13.

We do not knowingly collect personal information from children under 13. If we become aware that such information has been collected, we take reasonable steps to delete it.

Users between the ages of 13 and 17 may use the Service only under the supervision of a parent or legal guardian who agrees to be responsible for the account.

4. User-Generated Content

Listings, messages, and profiles are visible to other users of the Service based on your privacy settings.

You are responsible for the information you choose to share. We cannot control how other users may use or respond to information you make publicly available.

5. Do Not Upload Sensitive Data

You may not upload:

• Government IDs
• Passport images
• Health or medical information
• Financial documents (bank statements, etc.)
• Biometric identifiers
• Documents containing Social Security numbers

If such content is detected, we take reasonable steps to remove it.

6. Third-Party Providers

6.1 Supabase

Used for authentication, database management, and storage with row-level security controls.

6.2 Vercel

Provides hosting and infrastructure with standard logging.

6.3 Stripe

Used for processing seller subscription payments and event listing payments made on the website. Stripe receives payment card details, billing address, and transaction amounts. We do not store your full payment card details.

See Stripe's privacy policy: https://stripe.com/privacy

6.4 RevenueCat

Used to manage in-app subscription and purchase state for the iOS and Android apps. RevenueCat receives an anonymized user identifier and purchase events from the App Store or Google Play, which we use to verify subscription status and grant access to features.

See RevenueCat's privacy policy: https://www.revenuecat.com/privacy/

6.5 Apple Push Notification Service (APNs)

Used to deliver notifications to iOS devices. Apple receives a device-specific push token in order to route notifications to your device.

6.6 Firebase Cloud Messaging (Google)

Used to deliver notifications to Android devices. Google receives a device-specific push token in order to route notifications to your device.

See Google's privacy policy: https://policies.google.com/privacy

6.7 Mapbox

Renders the maps used for the "Nearby" map view. Mapbox receives requests to load map tiles based on the area you are viewing.

See Mapbox's privacy policy: https://www.mapbox.com/legal/privacy

6.8 PostHog

Product analytics: helps us understand which features people interact with so we can improve the Service. PostHog receives usage events and basic device metadata associated with an anonymized user identifier.

See PostHog's privacy policy: https://posthog.com/privacy

6.9 Sentry

Error monitoring: when something in the app or website fails unexpectedly, Sentry receives technical details about the error so we can diagnose and fix it. This may include your account identifier and the screen or URL where the error occurred.

See Sentry's privacy policy: https://sentry.io/privacy/

6.10 Resend

Used to send transactional and newsletter emails (account-related notifications, seller/neighbor communications, opt-in newsletter). Resend receives recipient email addresses and email content necessary to deliver these messages.

See Resend's privacy policy: https://resend.com/legal/privacy-policy

6.11 Google (OAuth Sign-In)

If you choose to sign in with your Google account, Google receives an authentication request from us and returns a verified email address and basic profile information (name, profile picture). We use this only to create or authenticate your account; we do not request access to your Gmail, Drive, or any other Google service.

See Google's privacy policy: https://policies.google.com/privacy

6.12 Apple (Sign in with Apple)

If you choose to sign in with Apple, Apple receives an authentication request and returns a verified email address (which may be a private relay address) and your chosen name. We use this only to create or authenticate your account.

See Apple's privacy policy: https://www.apple.com/legal/privacy/

We use third-party providers only as necessary to operate the Service.

7. Data Retention

• User content: Retained until you delete it or your account is terminated.
• Server logs: Deleted or anonymized after approximately 90 days.
• Subscription records: Retained as necessary for accounting and legal compliance.
• Inactive accounts: May be deleted or anonymized after extended inactivity.

We may retain limited information where required for legal compliance, dispute resolution, or enforcement of our agreements.

8. Oregon Consumer Privacy Act (OCPA) Rights

As an Oregon resident, you have the following rights under the Oregon Consumer Privacy Act:

• Right to know what personal data we collect and why
• Right to access your personal data
• Right to correct inaccurate personal data
• Right to delete your personal data
• Right to obtain a copy of your data in a portable format
• Right to opt out of the sale of personal data (note: we do not sell your data), targeted advertising, and profiling

To exercise any of these rights, email support@marketlessfarmer.com. We will respond within 45 days. To delete your account, see our account deletion instructions.

If we deny your request, you may appeal by emailing support@marketlessfarmer.com with the subject line "Privacy Request Appeal". We will respond to appeals within 45 days.

We will not discriminate against you for exercising your privacy rights.

8a. Other State Privacy Rights

Residents of California (CCPA/CPRA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Virginia (VCDPA), and Texas (TDPSA) have similar rights under their respective state laws — including the right to know what personal data we hold, the right to access it, the right to correct or delete it, the right to a portable copy, and the right to opt out of the sale of personal data, targeted advertising, and profiling.

We do not sell personal information and we do not engage in cross-context behavioral advertising.

To exercise any of these rights, email support@marketlessfarmer.com. We will respond within 45 days and will not discriminate against you for exercising your rights.

9. Your Rights

Depending on your jurisdiction, you may request:

• Access to your data
• Correction of inaccurate data
• Export of your data
• Deletion of your data

Requests may be submitted to: support@marketlessfarmer.com

We respond within 45 days of receipt of your request, consistent with applicable state privacy laws.

To delete your account and all associated data, visit our Delete Your Account page for step-by-step instructions, or go directly to your Profile page in the app.

10. Security

We use reasonable administrative and technical safeguards, including:

• Encryption in transit (HTTPS)
• Supabase Row-Level Security (RLS)
• Access controls
• Authentication safeguards

No method of transmission or storage is completely secure, but we take reasonable measures to protect your information.

11. International Transfers

The Service is operated from the United States. Your information may be stored and processed in the United States.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.