Privacy Policy

Last updated 8 June 2026

This policy explains what personal data Rello collects, why we collect it, who we share it with, and the rights you have over it. It covers both the Rello website (relloapp.io) and the Rello Chrome extension. We've written it in plain English; where a term has a specific meaning under UK data-protection law, we mean that meaning.

Who we are

Rello is a Chrome extension for resellers who sell on Vinted and eBay. Rello is operated from the United Kingdom by The Reseller Group LTD, a company registered in England and Wales, at 14 Chevin Close, Shrewsbury, SY1 3RJ, the data controller responsible for your personal data. For any privacy question or to exercise your rights, email hello@relloapp.io.

The information we collect

When you join the waitlist

If you sign up on relloapp.io, we collect your email address, and — if you choose to apply for beta testing — your name, a rough sense of how many items you list per day, and what tools you currently use. If you tell us you're a member of The Reseller Group Patreon, we check your email against that Patreon's active member list to confirm eligibility for priority access. We also record technical details your browser sends (such as your user-agent string and the page that referred you), which help us understand where sign-ups come from.

When you use the extension

To run the extension you create an account with us (email and a password, held only as a secure hash). When you connect your marketplaces, Rello works with:

  • Your Vinted account — Rello uses your existing, already-logged-in Vinted browser session. We never ask for or store your Vinted password. Your listings, orders, offers, and messages are processed so the extension can repost, crosslist, handle offers, and show your wardrobe.
  • Your eBay account— connected through eBay's official OAuth sign-in, so we receive an access token rather than your eBay password. We read your eBay listings to crosslist them to Vinted.
  • Listing and order data — item titles, descriptions, photos, prices, categories, and order details needed to perform the actions you ask for.

When you pay

Subscriptions are handled by Stripe. We receive confirmation of your plan and billing status; we do not see or store your full card details — Stripe handles those directly.

Automatically, as you use our services

Like most websites and apps, we collect basic usage and diagnostic data — pages visited, features used, and error logs — to keep the service working and to improve it. Where we use a privacy-respecting analytics provider, we configure it to avoid collecting more than we need.

Shipping labels and AI (please read this one)

When you use Rello to print a shipping label, the extension can read the buyer's name from the label so you can pack the right order. To do this, label image data — which includes the buyer's name and delivery details — is sent to Google's Gemini API for optical character recognition, and the extracted text is returned to you. This is the one point where order data leaves our own systems and is processed by Google. We send only what's needed for the extraction. If you would rather this never happens, you can leave the AI buyer-name feature switched off.

Why we use your data (our lawful bases)

  • To provide the service you asked for (performance of a contract) — running automations, crosslisting, printing labels, managing your account and subscription.
  • With your consent — joining the waitlist, checking your Patreon membership, and using the optional AI label feature. You can withdraw consent at any time.
  • For our legitimate interests — keeping the service secure, preventing abuse, fixing bugs, and understanding how the product is used, balanced against your rights.

Who we share it with

We don't sell your personal data. We share it only with the service providers (“processors”) that make Rello work, each handling a specific job:

  • Supabase — database and storage for our records
  • Resend — sending the emails you ask us to send
  • Stripe — subscription billing
  • Google (Gemini API) — AI buyer-name extraction from labels, as described above
  • Amazon Web Services — hosting and temporary image caching
  • Patreon — confirming Reseller Group membership, if you ask us to
  • PostHog — product and website usage analytics, if you accept analytics cookies
  • Meta and TikTok — advertising and retargeting pixels, if you accept advertising cookies

We may also disclose data where the law requires it, or to protect our rights, users, or service.

Where your data is processed

Some of these providers process data outside the UK. Where that happens, we rely on appropriate safeguards (such as UK adequacy decisions or the UK addendum to the EU Standard Contractual Clauses) to keep your data protected to UK standards.

How long we keep it

We keep waitlist data until you unsubscribe or ask us to delete it. We keep account and order data for as long as you have an account, and for a reasonable period afterwards to meet legal, tax, and accounting obligations. Label image data sent for AI extraction is processed transiently and is not retained by us for that purpose beyond what's needed to return the result.

Your rights

Under UK GDPR you have the right to:

  • access the personal data we hold about you
  • have inaccurate data corrected
  • have your data deleted (“the right to be forgotten”)
  • restrict or object to how we use it
  • receive your data in a portable format
  • withdraw any consent you've given

To exercise any of these, email hello@relloapp.io and we'll respond within one month. Waitlist emails carry a one-click unsubscribe link in every message.

Cookies and tracking

Essential cookies are always on — they're needed for the site to work and to remember your cookie choice. Everything else only runs after you accept on the cookie banner:

  • Analytics — we use PostHog to understand how the site is used (pages viewed, buttons clicked) so we can improve it.
  • Advertising and retargeting— we use the Meta (Facebook/Instagram) and TikTok pixels to measure ad performance and show Rello ads to people who've visited the site. These set cross-site cookies.

If you decline, none of the analytics or advertising cookies load. You can change your mind any time by clearing this site's cookies in your browser, which brings the banner back.

Security

We protect your data with encryption in transit, access controls, and hashed passwords. No system is perfectly secure, but we take reasonable steps appropriate to the sensitivity of the data we hold, and we'll notify you and the regulator of any breach where the law requires it.

Children

Rello is a tool for resellers and isn't intended for anyone under 18. We don't knowingly collect data from children.

Changes to this policy

We may update this policy as the product changes. When we do, we'll update the date at the top, and for significant changes we'll let waitlist members and users know.

Contact and complaints

Questions or concerns: hello@relloapp.io. If you're in the UK and think we've mishandled your data, you also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk, though we'd appreciate the chance to put things right first.