Last updated: 11 June 2026
⚠️ Before publishing: replace the operator name, address, and contact email below with your real legal details (and add a separate Impressum if you operate from Germany/EU).
This policy explains what data potpotpot ("the app", "we") collects, why, and your rights. potpotpot is a mobile app that helps an individual maker organize their own pottery work. We aim to collect as little as possible and never sell your data.
potpotpot is operated by [Your legal name / company], [address]. Contact: hello@potpotpot.app. For EU/UK users, this is the data controller.
To provide the app's core features: storing and syncing your pottery records and photos, showing your stats, and — only where you opt in — public profiles, AI helpers, and the Etsy connection described below. We do not use your content for advertising and we do not sell it.
Your data is stored in our self-hosted backend (a Supabase/PostgreSQL instance) on a server located in the EU (Germany). Access is restricted by per-user row-level security, so you can only read your own private data.
If you choose to connect your Etsy shop, you authorize potpotpot through Etsy's standard OAuth sign-in. We then access only your own shop, to:
Your Etsy access tokens are encrypted and stored on our server, used solely to act on your own shop on your behalf. We never share or re-sell Etsy API access to any third party, and we never touch any shop but yours. Listing data we display is cached briefly on our server in line with Etsy's API Terms of Use. You can disconnect Etsy at any time, which deletes the stored tokens. Etsy's own handling of your data is governed by Etsy's Privacy Policy.
Some features (e.g. drafting a project from a photo, or suggesting a firing stage) send the relevant photo or text to an AI provider (Anthropic) for processing, only when you actively use that feature. This content is processed to return a result and is not used to train models. You may also supply your own API key to use these features under your own provider account.
We rely on a small number of processors to run the app:
We keep your data while your account is active. You can delete your content in the app, and you can request full deletion of your account and associated data by emailing hello@potpotpot.app; we will erase it within 30 days, except where we must retain something to meet a legal obligation.
Depending on where you live (including under the EU/UK GDPR), you have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact hello@potpotpot.app. You may also lodge a complaint with your local data protection authority.
Data is transmitted over TLS, access is scoped per user, and sensitive secrets (such as Etsy tokens and any API key you provide) are stored encrypted. No system is perfectly secure, but we take reasonable measures to protect your data.
potpotpot is not directed to children under 16, and we do not knowingly collect their data.
We may update this policy; we'll change the "Last updated" date above and, for material changes, notify you in the app.
Questions? hello@potpotpot.app.