◈ PawnSmarts
Privacy Policy
Effective Date: March 19, 2026
PawnSmarts ("we," "us," "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. This policy applies to the PawnSmarts pawn shop management software ("Service") and the pawnsmarts.com website.
1. Information We Collect
Account Information
When you create an account, we collect:
- Email address (used for login, communications, and account recovery)
- Password (stored as a one-way cryptographic hash — we cannot see your password)
Shop and Business Data
Data you enter into the Service, including but not limited to:
- Shop name, address, phone number, and license information
- Customer records (names, addresses, ID information, physical descriptions)
- Pawn loan records (items, amounts, dates, payments, renewals)
- Inventory and sales records
- Staff member information
This data is your data. We store it on your behalf and do not access, analyze, or use it for any purpose other than providing the Service to you.
Automatically Collected Information
We may collect basic technical information to keep the Service running:
- Browser type and version
- IP address (for authentication and security purposes)
- Timestamps of login sessions
We do not use tracking cookies, analytics services, or advertising pixels.
2. How We Use Your Information
| Information | Purpose |
|---|
| Email address | Account authentication, password recovery, service communications, subscription billing |
| Password hash | Secure login verification |
| Shop and business data | Providing the Service — storing, syncing, and displaying your data back to you |
| Technical data | Security monitoring, debugging, and maintaining Service availability |
We do not use your data for advertising, profiling, marketing to third parties, or any purpose other than operating the Service.
3. How We Protect Your Information
- Encryption in transit: All data between your browser and our servers travels over TLS encryption (the same standard used by banks).
- Encryption at rest: Data stored on our database servers is encrypted at rest.
- Row Level Security: Every database table is protected by Row Level Security (RLS). The database itself enforces that only your authenticated session can read or write your data. This is a database-level control, not an application-level filter.
- Password hashing: Your password is stored as a one-way cryptographic hash. It cannot be reversed, viewed, or recovered by anyone — including us.
- No shared access: There is no admin panel, support backdoor, or "view as user" capability that would allow anyone to access your session or data.
4. Who We Share Your Information With
Nobody. We do not sell, rent, trade, or share your personal or business data with any third party. Specifically:
- We do not sell your data to data brokers, advertisers, or marketing companies.
- We do not share your customer records with any other business or pawn shop.
- We do not provide your data to analytics or tracking services.
- We do not display advertising within the Service.
The only exceptions are:
- Infrastructure providers: Your data is stored on Supabase (our database host). Supabase provides the infrastructure but does not access your data. Their privacy practices are governed by their own privacy policy.
- Payment processing: If you use Stripe for subscription payments or customer payments, Stripe processes the payment data under their own privacy policy. We do not store your credit card numbers.
- Legal requirements: We may disclose information if required to do so by law, court order, or lawful government request. We will notify you if legally permitted to do so.
5. Your Rights
You have the right to:
- Access your data: You can view all data stored in the Service at any time by using the application.
- Export your data: You can download a complete copy of all your data at any time using Settings > Backup & Restore > Download Full Backup.
- Delete your data: You may request complete deletion of your account and all associated data by emailing [email protected]. We will process deletion requests within 30 days.
- Correct your data: You can update or correct any information in the Service at any time through the application interface.
- Cancel your account: You may cancel your subscription at any time. Your data will be retained for 90 days after cancellation, then permanently deleted unless you request earlier deletion.
6. Data Retention
- Active accounts: Your data is retained as long as your account is active and your subscription is current.
- Canceled accounts: Data is retained for 90 days after cancellation to allow you to reactivate or export your data, then permanently deleted.
- Deletion requests: Processed within 30 days. Once deleted, data cannot be recovered.
7. Customer Data (Your Customers)
The Service stores information about your pawn shop customers (pledgors) that you enter as part of your normal business operations. This information is part of your business data and is subject to the same protections described in this policy.
You are the data controller for your customer information. You are responsible for complying with all applicable privacy laws regarding the personal information of your customers, including any notice or consent requirements in your jurisdiction.
We act solely as a data processor for your customer information — we store it securely on your behalf and do not access, use, or share it for any purpose.
8. Children's Privacy
The Service is intended for use by business operators who are at least 18 years old. We do not knowingly collect information from persons under 18. If we learn that we have collected information from a person under 18, we will take steps to delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Effective Date" at the top of this page indicates when the policy was last revised.
10. Contact
Questions about this Privacy Policy or your data? Contact us:
Email: