Third-Party Services

Handles all payment transactions on the platform.

• Data shared: payment card details, billing address, transaction amounts
• Stripe is both data processor and controller (for fraud prevention)
• Your full card number is never stored on our servers
• PCI DSS compliant

Handles account creation and single sign-on.

• Data shared: email, name, authentication tokens
• Used for account management and SSO
• Neon Auth for identity management

Protects the platform from automated abuse.

• Data collected: IP address, browser characteristics, mouse movement patterns
• Used during login, signup, and sensitive actions
• Google acts as data controller for this data

Powers GIF search and embedding in communities.

• Data shared: search queries
• Highest content safety filter applied
• No personal data transmitted

Our hosting and database providers.

• Vercel: application hosting, edge network, serverless functions
• Neon: PostgreSQL database with connection pooling
• All data encrypted in transit and at rest
• Both providers are SOC 2 compliant

Powers product and content search across the platform.

• Data indexed: product catalog data, search queries, interaction signals
• Enables fast, typo-tolerant search
• No personal data stored in search index

You can exercise your data rights directly with third-party controllers (like Stripe or Google) or through us for data we process on their behalf. Contact privacy@tokyofishmarket.com for assistance.

privacy@tokyofishmarket.com