Privacy Policy

Effective date: February 27, 2026 · Last updated: March 9, 2026

🛡

Your vault is private. Period.
MetalMetric staff never access, view, analyze, or share the contents of your vault. Your portfolio data belongs to you alone. We do not sell data to third parties, we do not run ads, and we do not use third-party tracking scripts beyond the analytics disclosure below.

1. Who We Are

MetalMetric ("we," "us," "our") operates the website at metalmetric.com and its associated services. MetalMetric is an independently owned and bootstrapped company. We built this platform as precious metals collectors ourselves, and we treat your data with the same care we'd expect for our own.

By using MetalMetric, you also agree to our Terms of Use, which governs acceptable use of the service.

2. Information We Collect

We collect only what is necessary to operate the service. Here is a complete accounting:

Data Type	Purpose	Stored By
Email address	Account creation, login, transactional emails (receipts, alerts)	Clerk (authentication)
Name (if provided)	Displayed in your account profile	Clerk
Vault items & portfolio data	Storing and displaying your collection, calculating values	Neon (PostgreSQL database)
Payment information	Processing subscriptions (Pro, Elite)	Stripe (we never see your full card number)
Email subscription preferences	Sending price alerts and product updates you opted into	MailerSend
Dealer account information	Operating the dealer portal, QR receipt system, and affiliate tracking	Neon (PostgreSQL database)
Page views & session data (anonymized)	Understanding aggregate site usage to improve the product	Google Analytics (IP anonymized)

We do not collect browsing history, device fingerprints, location data, or behavioral profiles. Server logs (IP address, timestamp, page requested) are automatically generated by our hosting provider and are not used for tracking or profiling.

3. Your Vault Data

We understand that your vault contains sensitive information about your precious metals holdings. We take this responsibility seriously.

🔒 Our Vault Privacy Commitment

MetalMetric employees, contractors, and automated systems do not access the contents of your vault — not for analytics, not for product development, not for marketing, and not for any other purpose.

Your vault data is stored in an encrypted database. It is read only when you request it through the application (loading your vault, calculating values, generating reports). No human at MetalMetric views this data.

The only exception: if you contact our support team and explicitly ask us to help troubleshoot a specific vault item, we may access that item with your written permission, and only for the duration needed to resolve your issue.

4. Analytics

MetalMetric uses Google Analytics with IP anonymization enabled. This means we can see aggregate information such as which pages are visited and general geographic regions (country level), but we cannot identify individual users from this data. No vault data, portfolio values, or account information is ever shared with Google Analytics.

Google Analytics sets cookies to measure sessions. These are analytics cookies, not advertising cookies — they are never used for ad targeting or retargeting. You can opt out at any time using the Google Analytics Opt-out Browser Add-on.

Beyond Google Analytics, we use no other analytics platforms, no Facebook Pixel, and no behavioral tracking of any kind.

5. What We Do Not Do

We believe it is important to be explicit about what we will never do with your data:

We do not sell your data. Not to advertisers, data brokers, analytics companies, or anyone else. Ever.
We do not display advertisements. MetalMetric is funded entirely by subscriptions. There are zero third-party ad scripts on our platform.
We do not share your vault contents with any third party for any purpose.
We do not profile you. We do not build behavioral profiles, interest graphs, or predictive models from your usage.
We do not use your data to train AI models. Your vault data, portfolio information, and usage patterns are never used as training data.
We do not retarget you. Analytics data is never connected to advertising platforms.

6. Dealer Accounts & QR Receipts

If you are a registered MetalMetric dealer, additional data is collected to operate the dealer portal:

Business name and contact information — used to display your listing in the dealer directory.
QR receipt data — when a customer scans a dealer QR code, the transaction reference and timestamp are logged. Customer identity is not collected at the point of scan.
Scan analytics — aggregate scan counts and claim rates are visible to the dealer who issued the receipt. Individual customer data is not exposed.
IP address (hashed) — scan events log a hashed IP address for fraud prevention. Raw IP addresses are not stored.

Dealer listings are publicly visible on /dealers. If you are a dealer and wish to update or remove your listing, contact us at the address below.

7. Third-Party Services

We rely on a small number of trusted third-party services to operate MetalMetric. Each is used for a specific, limited purpose:

Clerk — Authentication and account management. Handles your login securely so we never store passwords. Clerk's privacy policy
Stripe — Payment processing for Pro and Elite subscriptions. We never see or store your full card number. Stripe's privacy policy
Neon — PostgreSQL database hosting. Stores your vault items and account data in encrypted form. Neon's privacy policy
MailerSend — Transactional email delivery for alerts and account notifications. MailerSend's privacy policy
Vercel — Website hosting and serverless functions. Vercel's privacy policy
Google Analytics — Anonymized page view analytics. Google's privacy policy

These services process data only as necessary to provide their specific function. We do not grant any third party access to your vault data beyond what is technically required for database hosting.

8. Security

All data transmitted between your browser and MetalMetric is encrypted using TLS (HTTPS) on every request. Your vault data is stored in an encrypted PostgreSQL database with SSL enforced on all connections, accessible only to authenticated application requests.

Authentication tokens are issued by Clerk using industry-standard JWTs signed with RSA-256 keys and verified on every request. Payment data is handled entirely by Stripe, which is PCI DSS Level 1 certified — the highest level of payment security certification.

While no system is perfectly immune to breach, we take every reasonable precaution to protect your data. If we ever become aware of a data breach that affects your information, we will notify you promptly via the email address associated with your account.

9. Data Retention

We retain your account and vault data for as long as your account is active. If you cancel your subscription, your data remains intact — you simply revert to the free tier. Your vault items are never deleted due to a subscription change.

If you choose to delete your account entirely, we will permanently delete all associated data — including vault items, portfolio history, and personal information — within 30 days. Some data may persist in encrypted database backups for up to 90 days, after which it is automatically purged.

10. Cookies

MetalMetric uses the following cookies:

Session cookie (__session) — Maintains your authenticated login. Set by Clerk. Expires when your session ends.
Analytics cookies (_ga, _ga_*) — Set by Google Analytics to measure page visits. IP is anonymized. You can opt out via the Google Analytics opt-out add-on.
Local storage preferences — Stores UI preferences like your selected theme and dismissed notifications. Never transmitted to our servers.

We do not use advertising cookies, retargeting cookies, or any form of cross-site tracking cookies.

11. Your Rights

Regardless of where you are located, we extend the following rights to all MetalMetric users:

Access — You can view all data we hold about you at any time through your account dashboard.
Export — Elite users can export their full vault data as CSV. If you need a full data export and are not on Elite, contact us and we will provide it free of charge.
Correction — You can update your personal information at any time through your account settings or by contacting us.
Deletion — You can request complete deletion of your account and all associated data by emailing us. We will process the request within 30 days.
Portability — Upon request, we will provide your data in a standard, machine-readable format (CSV or JSON).

To exercise any of these rights, email us at the address listed below.

12. Children's Privacy

MetalMetric is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has created an account, we will promptly delete the account and all associated data.

13. Changes to This Policy

If we make material changes to this privacy policy, we will notify you by email at least 14 days before the changes take effect. Minor clarifications or formatting changes may be made without notice, but the effective date at the top of this page will always reflect the latest revision.

We will never retroactively weaken your privacy protections without your explicit consent.

14. Contact Us

If you have questions about this privacy policy, your data, or anything else, reach us at:

Email:
Website: metalmetric.com

We aim to respond to all privacy-related inquiries within 48 hours.