Legal
Privacy Policy
Last updated: June 6, 2026
Dropiio is a price-tracking service. We collect only what's necessary to run it — your email address and the product URLs you want us to watch. We don't sell data, we don't run ads, and we don't share your information with third parties beyond what's required to deliver the service.
If you have any questions about this policy, email us at support@dropiio.com.
1 Who we are
Dropiio ("we", "us", "our") operates the price-tracking service available through the Dropiio iOS app and the web application at dropiio.com. This Privacy Policy explains how we handle your personal data when you use any part of this service.
2 Data we collect
We collect the minimum data needed to provide the service:
- Email address — provided by you during onboarding. Used to identify your account, sign you in with a verification code, and send transactional messages if needed.
- Product URLs and target prices — entered by you in the app. Stored so we can scrape and compare prices on your behalf.
- Price history — every price check writes a data point. Stored to power the history charts in the app and dashboard.
- Device push tokens — when you grant notification permission in the iOS app, your device token is stored to route push notifications to your device.
- Session tokens — short-lived JWT access tokens and rotating refresh tokens used to keep you logged in on the app and web dashboard. Stored server-side and can be revoked from Settings.
Dropiio is free, so we do not collect payment card details. We also do not collect browsing history, location data, or any data beyond what is listed above.
3 How we use your data
- To scrape the product URLs you submit and compare prices against your targets.
- To send you push notifications when a price drop is detected.
- To authenticate you in the app and web dashboard via a 6-digit email verification code.
- To display your tracked products, price history, and account stats in the app and dashboard.
- To respond to support requests you send to us.
We do not use your data for marketing, profiling, or advertising.
4 Data sharing and third parties
We share data with third parties only where necessary:
- Apple — the app is distributed through the App Store, and push notifications are routed through Apple Push Notification service (APNs). Only your device token and the notification payload are sent. App Store interactions are handled under Apple's Privacy Policy.
- Cloud infrastructure — our servers run on standard cloud providers (e.g. AWS, Hetzner). Your data is stored on these servers in encrypted form at rest.
We do not sell, rent, or trade your personal data to any third party.
5 Data retention
We retain your data for as long as your account is active. Specifically:
- Tracked products and price history — kept indefinitely while your account exists, including after soft-delete, so you can re-add a URL and recover its history.
- Session tokens — access tokens expire after a short period; refresh tokens are rotated on use. Revoking a session from Settings invalidates it immediately.
- Push tokens — retained until you uninstall the app or revoke notification permissions, at which point the token becomes invalid and is removed on the next delivery attempt.
When you request account deletion, we permanently delete all stored data (email, product URLs, price history) within 30 days and send you confirmation.
6 Security
We take reasonable technical measures to protect your data:
- All data in transit is encrypted via TLS.
- Data at rest is encrypted on our infrastructure providers.
- JWT tokens use short expiry windows and are rotated on every refresh.
- Sessions can be individually revoked from the web dashboard under Settings.
No system is completely secure. If you suspect unauthorised access to your account, email support@dropiio.com immediately and we will revoke all active sessions.
7 Your rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data (e.g. update your email from Settings in the app).
- Delete your account and all associated data — email support@dropiio.com with the subject "Account deletion".
- Export your tracked product data and price history — email us and we'll send a machine-readable export within 30 days.
- Revoke active sessions at any time from the web dashboard Settings page.
To exercise any of these rights, contact us at support@dropiio.com. We'll respond within 30 days.
8 Cookies and local storage
The web dashboard uses browser local storage to persist your authentication tokens between sessions. We do not use tracking cookies or third-party analytics scripts. No advertising or cross-site tracking technologies are used.
9 Children's privacy
Dropiio is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child has provided us with personal data, contact us at support@dropiio.com and we will delete it promptly.
10 Changes to this policy
We may update this policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. For material changes, we'll notify you in the app. Continued use of the service after a policy update constitutes acceptance of the revised policy.
11 Contact
For any privacy-related questions or requests, reach us at: