← Back to Curio

Privacy Policy

Last updated: April 21, 2025

Raging Goat ("we," "us," or "our") operates the Curio mobile application (the "App"). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Curio you agree to the collection and use of information described in this policy. If you do not agree, please do not use the App.

1. Information We Collect

1.1 Account Information

When you create a Curio account we collect your:

• Email address
• Display name
• Profile photo (optional)

Passwords are handled by Firebase Authentication and are never stored by us in plain text.

1.2 Collection Content

You create and manage the following data within the App:

• Collection names, descriptions, and cover images
• Item names, descriptions, photos, UPC/barcode codes, condition ratings, purchase prices, current values, dates acquired, tags, notes, and custom field values
• Trade listings and trade notes

1.3 Social and Community Data

• Follow and follower relationships
• Comments on public collections
• Direct messages with other users
• Activity feed entries (new collections, items, milestones, badge achievements, and trade listings)
• Leaderboard rankings for public collections

1.4 Price and Value Data

• Price watches and alert thresholds you configure
• Daily portfolio value snapshots
• Price check results derived from in-app data and, for Pro subscribers, from the eBay API

1.5 Device Permissions

• Camera — used to take photos of collection items and to scan barcodes. Access is requested only when you initiate a scan or photo capture.
• Photo Library — used to import images for your items. Access is requested only when you choose to add a photo from your library.
• Face ID / Touch ID — used for biometric sign-in. Biometric data never leaves your device; only a success/failure result is returned to the App. Your credentials are stored in the encrypted iOS Keychain.

1.6 Information We Do Not Collect

Curio does not collect your precise location, contacts, microphone audio, health data, or browsing history.

2. How We Use Your Information

• Provide the service — store and sync your collections, items, and photos across your devices.
• Social features — power the activity feed, comments, direct messaging, trade board, leaderboards, and follower relationships.
• Price and analytics features — calculate portfolio analytics, generate value snapshots, and run price checks.
• Communicate with you — send service-related notices, respond to support requests, and deliver beta invitations.
• Improve the App — diagnose bugs and understand which features are used so we can make Curio better.

3. Third-Party Services

Curio relies on a limited number of third-party services. We do not sell your personal information to any third party.

3.1 Firebase (Google)

We use Firebase for authentication, cloud database (Firestore), file storage (Cloud Storage), and push notifications (Cloud Messaging). Your account data, collection content, messages, and photos are stored on Google Cloud infrastructure. Google's privacy policy applies to data processed by Firebase: policies.google.com/privacy.

Firebase Analytics is disabled in Curio. We do not use Google Analytics or any third-party behavioral analytics SDK.

3.2 eBay API

Pro subscribers can request live market pricing. When you use this feature, we send item identifiers (UPC codes or keywords) to the eBay Browse API and receive current listing data in return. No personal information is shared with eBay. eBay's privacy policy: ebay.com/privacy.

3.3 UPC Item Database

When you scan a barcode, the UPC code may be sent to the UPCitemdb service to retrieve product information (title, brand, images). No personal information is included in these requests.

3.4 Apple (App Store and StoreKit)

Subscriptions are processed through Apple's App Store. Payment and billing information is handled entirely by Apple and is not accessible to us. Apple's privacy policy: apple.com/privacy.

4. Public and Shared Content

Certain content you create may be visible to other Curio users:

• Public collections — visible to all users and appear on category leaderboards, including collection name, description, item count, total value, and your display name and photo.
• Trade listings — visible to all users, including item details, condition, value, and your display name and photo.
• Comments — visible to anyone viewing the public collection they are posted on.
• Profile information — your display name, photo, bio, follower count, and following count are visible to other users.
• Activity feed — actions such as creating collections or items, reaching milestones, and earning badges are shared with your followers.

Private collections are visible only to you and to specific users you explicitly invite (as viewers or editors).

5. Data Storage and Security

Your data is stored on Firebase (Google Cloud) servers. We use HTTPS for all data in transit and rely on Firebase's built-in encryption for data at rest. Biometric credentials are stored in the iOS Keychain using the most restrictive accessibility level (whenUnlockedThisDeviceOnly), meaning they cannot be extracted from backups or accessed by other apps.

While we take reasonable measures to protect your data, no system is perfectly secure. We encourage you to use a strong, unique password for your Curio account.

6. Data Export and Portability

You can export your collections at any time in CSV, JSON, or XLSX format. Pro subscribers can also generate PDF insurance reports and collection catalogs. Exports are created on your device and are not transmitted to our servers.

7. Data Retention and Deletion

We retain your data for as long as your account is active. You can delete individual items or entire collections from within the App at any time — associated photos are also removed from our servers.

To request full account deletion, contact us at curio.collectors.app@gmail.com. We will delete your account and all associated data within 30 days of a verified request.

8. Children's Privacy

Curio is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it promptly.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data (see Section 6)
• Object to or restrict certain processing

To exercise any of these rights, email curio.collectors.app@gmail.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top and, where appropriate, notify you in the App. Your continued use of Curio after changes are posted constitutes acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or your data, contact us at:

Raging Goat
Email: curio.collectors.app@gmail.com