Guppy LogoGuppy
ManifestoAbout Us

DropKit, Inc. Privacy Policy

Last Updated: October 27, 2025

Your privacy is important to us at DropKit, Inc. ("DropKit, Inc.", "we", "us", or "our"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use guppy.so, our apps, browser extensions (including the Guppy Trainer), and other online services that link to this Policy (collectively, the "Services").

In short

  • We collect account info you provide and usage data generated as you use the Services.
  • The Guppy Trainer extension, if enabled, collects product, pricing, and availability data from retail pages you visit to power features like price alerts and drop detection. You control whether the extension is active, and you can pause or uninstall it at any time.
  • We don’t sell personal information. We may "share" limited data for cross‑context behavioral advertising only with your consent (see State Privacy Rights).

1. Scope & Who This Applies To

This Policy covers visitors to our site, account holders, and users of our apps and extensions. It does not cover third‑party websites, stores, or services that we don’t control. Their practices are governed by their own privacy policies.

2. Information We Collect

A. Account & Identity Data — name, email, username, password (hashed), basic profile, preferences, and identity verification info if required (e.g., government ID checks to enforce one‑human–one‑Guppy and anti‑scalper policies).

B. Contact & Communications — messages you send us (support, feedback), marketing preferences, and notifications settings.

C. Device & Technical Data — IP address, approximate location (country/region), device identifiers, OS, browser, app version, crash logs, diagnostics, and interaction events (e.g., page views, button taps).

D. Browsing & Shopping Signals (Guppy Trainer Extension) — when the extension is installed and active, it may collect:

  • retailer/site domain, URL, and page type (e.g., product page, cart, checkout);
  • product metadata on the page (title, identifiers/SKUs, variant attributes), price, and availability status;
  • signals for drop detection (queue presence, countdowns, release text);
  • your explicit interactions (e.g., marking favorites), and purchase confirmations (order completed, transaction value) to power receipts, rewards, and analytics;
  • affiliate link attributes where applicable.

We design the extension to avoid collecting payment card numbers or full credential contents and to minimize collection of unrelated page data. You can pause the extension on any site or uninstall it at any time.

E. Payments — we receive limited payment information from our processors (e.g., last4, token, status). Full card numbers are not stored by DropKit, Inc..

F. Inferences — preferences, likelihood of interest, and shopping intent derived from your activity to customize alerts and prioritize queues.

3. Sources of Information

  • You, when you provide information directly (account, forms, settings, communications).
  • Automatic collection from your devices and our Services (cookies, SDKs, logs).
  • The Guppy Trainer extension, when enabled.
  • Third parties: payment processors, identity verification services, analytics/measurement partners, affiliate networks, and Merchants you interact with via the Services.

4. How We Use Information

  • Provide, maintain, secure, and improve the Services and Guppy Agents.
  • Detect drops, track prices/availability, issue alerts, and assist with queues/purchases.
  • Authenticate users; enforce one‑human–one‑Guppy and anti‑abuse rules; prevent fraud.
  • Process payments, subscriptions, rewards, and affiliate attributions.
  • Personalize experiences and recommendations; create aggregated insights.
  • Communicate with you about accounts, features, and marketing (with your preferences).
  • Comply with legal obligations and protect rights, property, and safety.

5. How We Disclose Information

We do not sell personal information. We may disclose information as follows:

  • Service Providers who process data for us (hosting, analytics, security, payments, support) under contracts restricting use.
  • Merchants when you choose to interact with them (e.g., to complete purchases, verify eligibility, manage returns); their use is governed by their policies.
  • Affiliate/Attribution Partners to credit referrals and rewards.
  • Analytics & Measurement to understand performance; where required, we obtain consent and offer opt‑outs.
  • Legal & Safety to comply with law, respond to lawful requests, or protect rights and safety.
  • Business Transfers in connection with mergers, acquisitions, or asset sales, subject to continuity of protections.
  • With Your Direction or Consent (e.g., linking external wallets or accounts).

We may disclose aggregated or de‑identified information that cannot reasonably be used to identify you.

6. Cookies & Similar Technologies

We and our partners use cookies, SDKs, and similar technologies to operate the Services, remember preferences, measure engagement, and personalize content. You can control cookies in your browser; some features may not work without them.

The Guppy Trainer extension may store local settings (e.g., site allow/deny lists, feature toggles). You can pause the extension per‑site or entirely, and you can uninstall it at any time.

7. Your Choices & Controls

  • Access, Correction, Deletion, Portability — email privacy@guppy.so. We will respond within a reasonable time and as required by law.
  • Marketing Preferences — opt out via links in emails or in‑app settings.
  • Targeted Advertising Controls — where applicable, use the “Do Not Sell or Share My Personal Information”/“Limit Use of Sensitive Personal Information” links in the footer or contact us.
  • Extension Controls — pause per‑site, disable signals collection, or uninstall.
  • Do Not Track — we respond to browser Global Privacy Control (GPC) signals where required.

8. Security

We implement administrative, technical, and physical safeguards to protect information. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

9. Data Retention

We retain information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and use; we delete or de‑identify data when it is no longer needed.

10. International Transfers

We process and store data in the United States. If you access the Services from outside the U.S., your information may be transferred to, stored, and processed in the U.S. and other countries that may have different data protection laws.

11. Children’s Privacy

The Services are not intended for or directed to children under 13, and we do not knowingly collect personal information from children. If we learn we have, we will delete it.

12. U.S. State Privacy Rights (CCPA/CPRA & others)

Residents of certain U.S. states (including California, Colorado, Connecticut, Utah, and Virginia) have rights subject to exceptions: to know/access, correct, delete, port, and to opt out of sales, sharing for targeted advertising, and certain profiling. We extend these rights to all users where feasible.

We do not sell personal information. We may engage in "sharing" for cross‑context behavioral advertising with your opt‑in consent; you may withdraw consent or opt out at any time via in‑product controls or by contacting us. We do not knowingly sell or share the personal information of users under 16.

To exercise rights, use in‑product controls or email privacy@guppy.so. If you submit a request, we will verify it using account information or other reasonable methods. Authorized agents may submit requests with proof of authority and identity.

13. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will provide notice (e.g., email, in‑app). Unless stated otherwise, changes are effective when posted.

14. Contact Us

DropKit, Inc.

169 Madison Ave STE 15546, New York, NY 10016

Privacy: privacy@guppy.so

Legal: legal@guppy.so