Download on the App Store Download on Google Play

Privacy Policy for LacquerStash

Last Updated: February 28, 2026

1. Introduction

Welcome to LacquerStash ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). Please read this privacy policy carefully.

If you do not agree with the terms of this privacy policy, please do not access the application.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the App includes:

Personal Data

Personally identifiable information, such as your name, email address, and demographic information that you voluntarily give to us when you register with the App or when you choose to participate in various activities related to the App.

Technical Data

When you use the App, we may automatically collect certain technical information such as your IP address, device type, operating system, app version, and log data. This information is collected to ensure secure operation of the App, prevent abuse, and improve performance.

Usage and Subscription Data

We may collect information about how you use the App (such as feature interactions and timestamps) for analytics and product improvement.

If you purchase a subscription, we may collect subscription and transaction-related data (such as product identifiers and entitlement status) to provide paid features and manage access.

Content and Media

We collect the data you upload to the App, including but not limited to:

  • Images of nail polish bottles, swatches, and manicures.
    • We use device permissions such as Camera/Photos only to let you capture and upload polish photos and swatches. We do not access these without your action.
  • Lists of collections, wishlists, and inventory.
  • User-generated tags, notes, and reviews.
  • Optional contact information you choose to provide in Destash Listings (such as email, Reddit username, or Instagram handle). This information is visible to other users and is shared at your discretion.

3. How We Use Your Information

We may use the information we collect from you to:

  • Create and manage your account.
  • Monitor and analyze usage and trends (including via Mixpanel) to improve your experience with the App.
  • Notify you of updates to the App.
  • Enforce our Terms and Conditions.

4. Public Nature of Content

LacquerStash includes community features that allow users to contribute reviews, images, listings, and other content.

  • Public Content: Content you designate as public (such as reviews, public lists, Destash Listings, and community contributions) will be visible to other users of the App.
  • Anonymization Upon Deletion: If you delete your account, your public contributions may remain visible in anonymized form and will no longer be associated with your personal identity.
  • User Responsibility: You are responsible for the information you choose to make public within the App.

5. Third-Party Data Processing and Services

We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance.

Key third-party providers we use include:

  • Google & Firebase: We use Google services for authentication (Google Sign-In) and Firebase for application infrastructure. Specifically, we use Firebase Remote Config to manage app behavior, such as enabling maintenance mode or requiring mandatory updates. Remote Config may collect non-personally identifiable technical information (such as device model, operating system version, and instance IDs) to target these configurations to your device.
  • Apple: We use Apple services for authentication (Sign In with Apple).
  • Cloudflare: We use Cloudflare for secure backend hosting, API services, database storage, and content delivery. Cloudflare may process IP addresses and technical request metadata to deliver services securely.
  • Mixpanel: We use Mixpanel for analytics to understand feature usage and improve the App. Mixpanel receives event data such as feature interactions, timestamps, device and app context (e.g., OS version, app version), and, where available, your internal user ID and email address to associate activity with your account. We do not use data for targeted advertising and do not sell personal data.
  • RevenueCat: We use RevenueCat to manage in-app subscriptions and entitlement status. RevenueCat processes subscription identifiers, transaction metadata, app user IDs, and may receive your email address (if associated with your account) to link purchases to your account. RevenueCat does not process payments directly; payments are handled by Apple or Google.

6. Legal Basis for Processing Personal Data (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the personal information concerned and the specific context in which we collect it. We normally collect personal information from you only where:

  • We need the personal information to perform a contract with you (e.g., to create and manage your account, provide core App features, and provide subscription-based features where applicable).
  • Analytics processing (e.g., via Mixpanel) is based on our legitimate interest in improving and securing the App.
  • The processing is in our legitimate interests and not overridden by your rights (for example, preventing abuse and ensuring service security).
  • We have your consent to do so (where required by law).

Where we rely on legitimate interests as a legal basis, we ensure that such interests are balanced against your rights and freedoms in accordance with applicable data protection law.

We only collect personal data that is necessary for the purposes described in this Privacy Policy.

7. Your Data Protection Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. LacquerStash aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you: Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification: You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object: You have the right to object to our processing of your Personal Data.
  • The right of restriction: You have the right to request that we restrict the processing of your personal information.
  • The right to data portability: You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent: You also have the right to withdraw your consent at any time where LacquerStash relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

Note on Content Ownership vs. Erasure: While you have the right to request deletion of your Personal Data (such as your account profile and email), content you have contributed to the public database (such as images, swatches, reviews, etc.) may be retained by LacquerStash indefinitely as per our Data Ownership terms, but will be anonymized so it is no longer personally identifiable to you.

8. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, please note that some of our service providers may process Personal Data outside your country of residence, including in the United States and other locations where they operate.

We ensure that such transfers are conducted in accordance with applicable data protection laws. Our third-party providers, including Google/Firebase, Cloudflare, Mixpanel, and RevenueCat, utilize Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent safeguards to ensure an adequate level of protection for your Personal Data.

9. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy:

  • Account Data: We retain your account information for as long as your account is active or as needed to provide you services.
  • Account Deletion: If you request the deletion of your account, your Personal Data (such as email and profile info) will be deleted or fully anonymized within 30 days of the request.
  • Anonymized Contributions: Non-personally identifiable content (such as anonymized reviews, swatch data, and polish information) may be retained indefinitely to maintain the integrity of our community database.
  • Analytics Data: Analytics data may be retained in aggregated or pseudonymized form for service improvement and security purposes, and may not be linked back to an identifiable individual.

10. Data Ownership and Rights

IMPORTANT: PLEASE READ CAREFULLY

While you retain the rights to the content you create, by uploading, posting, or submitting any content (including images, text, lists, and data) to LacquerStash, you grant LacquerStash a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform, and display such content (in whole or in part) worldwide and/or to incorporate it in other works in any form, media, or technology now known or later developed.

Upon account deletion, your contributed content will be fully anonymized so that it is no longer associated with your personal identity, ensuring it is no longer considered Personal Data under GDPR.

We are not responsible for maintaining any backup of your data. You are solely responsible for creating backups of your own content.

10.1 Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects concerning you.

11. Acceptable Use Policy

The App is provided specifically for the purpose of tracking, managing, and sharing nail polish collections. Strict adherence to this purpose is required.

Prohibited Activities

You are explicitly prohibited from using the App for:

  1. General Storage: Using the App as a general file hosting or "free storage" service for files, images, or data unrelated to nail polish.
  2. Private Non-Relevant Content: Creating private lists or uploading private images that are not related to nail polish (e.g., personal documents, unrelated photos, general backups).
  3. Illegal or Harmful Content: Uploading content that is illegal, harassing, hateful, obscene, or otherwise objectionable.

12. Account Termination and Ban

We reserve the strict right to suspend, terminate, or delete your account and refuse any and all current or future use of the App (or any portion thereof) at any time, without warning, and for any reason, including but not limited to:

  • Violation of these Terms or Privacy Policy.
  • Engaging in the Prohibited Activities listed in Section 11.
  • Abuse of system resources or storage limits.

If your account is terminated for a violation, you may be permanently banned from the service, and all data associated with your account may be immediately and permanently deleted.

13. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

14. Policy for Children

We do not knowingly solicit information from or market to children under the age of 16. If you become aware that any data has been collected from children under age 16, please contact us using the contact information provided below.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We encourage you to review the "Last Updated" date at the top of this page periodically. Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions or comments about this Privacy Policy, please contact us at:

Data Controller:
Rohan Taneja
Berlin, Germany

Email: lacquerstash.app@gmail.com