Privacy Policy
Last updated: 29 May 2026
Ozari Collective Pty Ltd (ABN 39 400 756 232) operates Ozari Vault, a free card-discovery tool. This Privacy Policy explains what we collect, how we use it, and your rights — in plain language.
1. What we collect
When you use Ozari Vault, we may collect:
- Your name and email — only when you start a collection (so we can keep your pulls saved across visits).
- Photos of cards you scan — uploaded so our AI can identify the card and estimate its value.
- Scan results — what the card was identified as, its estimated value, and any notes attached.
- Optional shared pulls — if you tick "share to community" on any pull, we display a sanitised version (first name only, no contact info) in the community gallery.
- Basic device info — anonymous device identifier so we can save your collection to your device until you sign in. No browser fingerprinting, no tracking pixels, no advertising IDs.
2. How we use it
- To identify cards and give you their estimated value.
- To save your collection so you can come back to it.
- To improve the tool — usage patterns help us refine the AI's accuracy and figure out what to build next.
- To show off great pulls in the community gallery (only the ones you tick to share).
- Internally for Ozari team use — for example, an Ozari team member browsing community pulls in their dashboard for inspiration.
3. What we don't do
- We don't sell your data — to anyone, ever.
- We don't share your contact details with third parties without your consent.
- We don't show you advertising in Ozari Vault.
- We don't use your card photos for anything other than identifying the card and estimating its value.
4. How we store it
All data is stored on Google Firebase in Australia (australia-southeast1 region). It's encrypted in transit (HTTPS) and at rest. Access is restricted to the Ozari team via role-based Firestore security rules.
5. Sharing pulls to the community
When you tick "share to community" on a pull, we display:
- Your first name only (e.g. "Sam" — never "Sam Smith").
- The card and its estimated value.
- The photo you uploaded (which other users will see).
Your email is never shown publicly. You can untick "share" on any pull at any time to remove it from the gallery.
6. AI processing
Card identification and valuation are powered by AI. The image and basic identifying text are sent off to a third-party AI provider for processing under their data terms — they don't train on your data, and the image isn't retained for marketing.
7. Your rights
You can at any time:
- Ask for a copy of all your data.
- Ask us to delete your account and all associated pulls.
- Untick a previously shared pull to remove it from the gallery.
- Update your name or email by emailing us.
These rights are protected under the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth).
8. Retention
We keep your pulls for as long as you have an active collection. If you ask us to delete your account, we delete your profile and pulls within 30 days. Aggregated, non-identifying usage stats may be retained for analytics.
9. Cookies & local storage
We use browser local storage to remember:
- Your anonymous session ID (so your collection persists on this device).
- That you've completed the welcome gate (so it doesn't show every visit).
We don't use any third-party analytics cookies, advertising cookies, or social-media trackers.
10. Children
Ozari Vault is suitable for general audiences. If you're under 18, please use the tool with a parent or guardian's involvement. We don't knowingly collect data from anyone under 13.
11. Changes
If we change this policy materially, we'll prompt you to re-accept the welcome gate on your next visit so you can review the new version.
← Back to Ozari Vault