TwinMarket Privacy Policy
Effective date: April 21, 2026
1. Overview
This Privacy Policy explains how TwinMarket collects, uses, shares, and retains information when you use the website, create an account, manage a subscription, or contact us.
TwinMarket is a housing-market research product. This policy covers TwinMarket's own practices. Third-party services such as Google, Stripe, YouTube, or other externally hosted resources may have their own privacy notices and practices.
2. Information We Collect
We may collect the following categories of information:
- Account information:
email address, Google account identifier, username derived from your email address, terms-acceptance timestamp, and account status information such as whether your account is active or deactivated
- Authentication and sign-in data:
information returned by Google during OAuth sign-in and OAuth token data stored by the application's Google login integration
- Subscription and billing records:
Stripe customer ID, Stripe subscription ID, subscription status, renewal/cancellation status, current billing period dates, and related account-level billing metadata
- Saved-market and product-use data:
saved markets, selected plan during signup, and the market IDs needed to render pages or comparisons while you use the product
- Session and technical data:
standard request information such as IP address, browser type, referrer, timestamps, and similar metadata that may appear in hosting, security, CDN, or infrastructure logs when you use the site
- Embedded-content and third-party asset data:
when a page loads third-party hosted assets or you choose to play the embedded YouTube overview video, those providers may receive information such as your IP address, browser details, and request metadata needed to serve that content
3. What We Do Not Currently Collect
The current TwinMarket app does not request browser geolocation permission and does not collect precise device location through an in-app "use my location" flow.
The codebase includes a login-event model, but the current application flow does not actively write separate per-login IP and user-agent records into that table. Even so, standard infrastructure and server logs may still include technical request metadata for security and operations.
TwinMarket does not store full payment card numbers or card security codes on its own servers. Payment details are handled by Stripe.
4. Sources of Information
We collect information:
- directly from you when you sign in, save markets, subscribe, cancel, or contact us
- from Google when you use Google OAuth to authenticate
- from Stripe when subscription checkout, renewal, cancellation, or webhook events are processed
- automatically from your browser, device, and infrastructure providers when the website loads and serves content
5. How We Use Information
We use information to:
- create and maintain your account
- authenticate users and secure access to the service
- provide market pages, saved-market features, and account-level personalization
- process and administer subscriptions, renewals, cancellations, and billing support
- troubleshoot issues, monitor service performance, and prevent fraud or abuse
- comply with legal obligations and enforce our Terms of Service
- communicate important transactional, security, policy, or service updates
6. How We Share Information
We may disclose information to:
- Google, for authentication
- Stripe, for subscription billing and payment processing
- hosting, infrastructure, CDN, and technical service providers that help operate the website
- embedded-content providers, such as YouTube, when you choose to load their content
- legal authorities or other parties when reasonably necessary to comply with law, enforce our rights, investigate abuse, or protect users and the service
- a successor entity as part of a merger, financing, acquisition, or asset transfer, subject to applicable law
TwinMarket does not sell personal information, and we do not share personal information for cross-context behavioral advertising.
7. Cookies and Similar Technologies
TwinMarket uses essential cookies and similar technologies needed for session management, login state, security, and basic site functionality.
We do not currently describe the product as using a separate behavioral advertising or third-party analytics stack. Some pages do load third-party hosted assets, and those providers may use their own cookies or similar technologies when their content is requested by your browser.
8. Data Retention
We retain information for different periods depending on the category of data and why it is needed.
- Account records are generally retained while your account is active and for a reasonable period afterward for support, security, backup, legal, and reactivation purposes.
- Saved-market records are retained until you remove them, your account data is cleaned up, or retention is no longer necessary for legitimate operational purposes.
- Subscription and billing-support records may be retained after account closure for bookkeeping, dispute handling, fraud prevention, tax, audit, and legal compliance.
- OAuth records are generally retained while needed to support account login and are removed from the application database when your account is deactivated through the current self-serve flow.
- Short-lived session data is retained only as long as needed for the session or normal application operation.
- Infrastructure, hosting, or security logs may be retained according to operational, security, fraud-prevention, and legal needs.
9. Deactivation, Deletion, and Reactivation
TwinMarket currently offers a self-serve account deactivation flow, not an immediate hard-delete flow for every record in every system.
Under the current product behavior:
- you must cancel an active paid subscription before deactivating your account
- deactivation marks the account inactive, records a deactivation timestamp, signs you out, and removes linked OAuth records from the application database
- some records may still be retained after deactivation for billing, security, fraud prevention, legal compliance, backups, dispute handling, and possible account reactivation
- if you later sign in again with the same Google account, TwinMarket may reactivate your account and restore access to retained account data
10. Your Choices
Depending on the context, you may:
- stop using the service at any time
- cancel renewal online from the Manage Subscription page
- deactivate your account after any active paid subscription is no longer in force
- contact us to ask about the account information we maintain about you
If you contact us about a privacy or account request, we may need to verify your identity before acting on the request.
11. California and Other U.S. Privacy Disclosures
TwinMarket conspicuously posts this Privacy Policy and aims to keep it accurate to the product's actual data practices.
TwinMarket does not currently sell personal information or share personal information for cross-context behavioral advertising. If our operations or legal obligations change in a way that requires additional California-specific notices or request workflows, we will update this policy and the relevant product flows before relying on those practices.
12. Security
We use reasonable administrative and technical measures designed to protect information, but no method of transmission or storage is completely secure.
13. Children's Privacy
TwinMarket is intended for adults and is not directed to children under 18.
14. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we may update the effective date above and provide notice through the site or another reasonable channel.
15. Contact
For privacy questions or requests, contact:
hello@twinmarket.ai