NearbayScanNearby

Nearbay

Privacy Policy

Effective May 23, 2026

This Privacy Policy explains how Nearbay collects, uses, shares, and protects personal data when you use nearbay.net and related services. Nearbay helps people scan household items, publish listings, find nearby items, rent items from neighbors, chat, review rentals, and manage PayPal authorization holds.

Nearbay is in beta. We designed this policy to describe the product as it works today, including AI scanning, location features, payments, transactional email, consent-based analytics, and trust features. If you use Nearbay, you agree that we may process data as described here.

Data we collect

  • Account data: Firebase/Google sign-in identifiers, user ID, email address, and authentication metadata.
  • Scan data: videos you upload or record, extracted thumbnail frames, AI-detected item names, brands, categories, condition, descriptions, timestamps, suggested prices, and edited owner prices.
  • Location data: precise browser location when you grant permission, approximate IP-based location when precise location is unavailable, and item coordinates used to show nearby listings.
  • Listing and rental data: availability toggles, item prices, rental duration, rental fee, deposit amount, PayPal order/authorization/capture status, owner/renter IDs and emails, cancellation/return state, and timestamps.
  • Currency localization data: country and currency inferred from IP geolocation, request headers, or browser language, plus exchange-rate metadata used to show estimated local-currency amounts.
  • Trust and communication data: chat messages, reviews, star ratings, reviewer role, and participant emails shown to the other rental participant when needed for the rental workflow.
  • Analytics and device data: if you accept analytics cookies, PostHog events such as page views, scan submitted, item updated, rent clicked, rental authorized, and review submitted. We also process standard server data such as IP address, user agent, request logs, and error logs.

How we use data

  • Provide the service: authenticate users, scan videos with AI, create listings, search by proximity, create rentals, process PayPal authorization flows, send transactional emails, show chat/reviews, and maintain account state.
  • Improve safety and trust: prevent self-rentals, enforce ownership checks, prevent deletion of items with active rentals, investigate abuse, and provide reputation signals.
  • Improve the product: understand usage and failures through consent-based analytics, diagnose errors, improve mobile performance, and prioritize product work.
  • Comply with obligations: keep transaction records, respond to lawful requests, enforce terms, and protect users, Nearbay, and service providers.

Legal bases where GDPR applies

  • Contract: to provide account, listing, rental, chat, review, and payment workflows you request.
  • Consent: for optional analytics cookies and precise browser location where the browser asks permission.
  • Legitimate interests: security, fraud prevention, product diagnostics, abuse prevention, and service improvement, balanced against user privacy.
  • Legal obligations: recordkeeping, tax/accounting support, dispute handling, and responding to valid legal requests.

AI scanning, media, and sensitive content

Nearbay sends uploaded scan videos to Google Gemini to identify rentable or sellable items and estimate market value. We also store the original scan video and extracted thumbnail frames in Google Cloud Storage. A lifecycle rule deletes scan media from the storage bucket after 90 days, but item records, rentals, chats, and reviews may remain for service integrity.

Do not film people, minors, private documents, passwords, health information, financial documents, or anything you are not allowed to share. AI outputs can be wrong, incomplete, or outdated. Owners must review and edit listings before making items available.

Who we share data with

  • Other users: public listing details, approximate listing location, owner reputation, and rental participant information needed to complete a rental. Rental participants can see relevant chat, review, item, status, and contact details.
  • Google/Firebase/Google Cloud/Gemini: authentication, hosting/runtime, storage, maps, and AI scanning.
  • PayPal: payment authorization, capture, refund/void/expiration status, and fraud/payment processing handled by PayPal.
  • Resend: transactional emails such as rental creation, authorization, cancellation, and return/capture notices.
  • PostHog: analytics only after consent is granted, plus server-side PayPal lifecycle events where configured.
  • ipapi: approximate IP geolocation when precise browser location is denied, unavailable, or times out, and limited IP/country lookup to choose a suitable language for unprefixed routes.
  • Frankfurter: exchange-rate data used to display approximate local-currency amounts. PayPal checkout, authorizations, captures, and refunds currently remain denominated in USD unless explicitly shown otherwise.
  • Authorities or professional advisers: when reasonably necessary to comply with law, enforce terms, investigate abuse, or protect rights and safety.

Cookies and analytics

Nearbay uses a consent banner for analytics. Until you accept, PostHog client-side capture is opted out by default. Your choice is stored locally as nearbay.consent. You can reopen cookie settings from the footer. Necessary authentication, security, and payment functionality may still rely on browser or provider storage.

Retention

  • Scan videos and generated image thumbnails in the Nearbay scan bucket are scheduled for deletion after 90 days.
  • Listings remain until you delete them or your account is removed, except records needed for completed rentals may be retained.
  • Rental, PayPal status, chat, review, email log, and audit records may be retained as needed for trust, dispute resolution, fraud prevention, accounting, and legal compliance.
  • Analytics retention follows our PostHog project settings and your consent state.

Your choices and rights

  • You can edit or delete your own item listings in Nearbay.
  • You can decline analytics cookies or change your choice from the footer.
  • You can disable precise browser location; Nearbay may use approximate IP location for nearby search.
  • Depending on your jurisdiction, you may request access, correction, deletion, restriction, portability, objection, or withdrawal of consent. EU/EEA users also have the right to complain to a data protection authority.
  • To make a privacy request, contact support@nearbay.net. We may need to verify your identity before acting on a request.

Security, international transfers, and children

We use hosted providers with security programs and data processing terms, access controls, Firebase authentication, Cloud Run/GCS infrastructure, and least-privilege operational practices where possible. No internet service is perfectly secure.

Nearbay and its providers may process data in countries other than yours. Where required, transfers rely on provider contractual safeguards or other lawful transfer mechanisms.

Nearbay is for users who are at least 18 years old. We do not knowingly allow children to create accounts or list/rent items.

Changes

We may update this policy as the product changes. Material changes will be posted on this page and, when appropriate, communicated in the app or by email.