Skip to content
Рынок$3.67M
Объём 24ч590
Движений 24ч58
Предметов106
Портфелей создано356

Политика конфиденциальности

Обновлено: апрель 2026

Что мы собираем

When you use SboxFolio, we collect the following information:

  • Steam ID - automatically provided during Steam OpenID authentication
  • Email address - only collected when signing in via Google OAuth or Discord OAuth
  • Display name and avatar URL - provided by your OAuth provider
  • Portfolio data - items you add, quantities, buy prices, buy dates, and personal notes
  • Language preference - your selected language for the interface

Что мы не собираем

We explicitly do NOT collect:

  • Passwords - we never store your password. Authentication is handled via OAuth providers.
  • Payment information - we do not process or store payment data of any kind
  • Steam credentials - we only receive your Steam ID during authentication
  • Personal documents or browsing history outside SboxFolio - we never see what you do on other sites
  • Any data sold to third parties - we do not sell, trade, or rent personal data

Analytics

We use two privacy-conscious analytics services to understand how the site is used and to fix problems:

  • Google Analytics 4 (G-YCEQ8W9VPY) - page views, navigation paths, and acquisition channel (where visitors arrived from). GA4 sets first-party cookies (_ga, _ga_*). It uses a device-level identifier but does not receive your email, Steam ID, or portfolio contents from us.
  • Cloudflare Web Analytics - auto-enabled because the site sits behind Cloudflare's CDN. It collects page loads, country, and device type without cookies and without any identifier that can be linked to you personally.

You can block both by using a browser extension that blocks third-party scripts (e.g. uBlock Origin) - the site will keep working.

Как используются данные

We use your data solely for:

  • Portfolio tracking and display in your account
  • Price calculations and P&L analysis
  • Optional public portfolio sharing (only if you enable this feature)

We do not sell, trade, or share your data with third parties. We do not use your data for advertising or marketing purposes.

Файлы cookie

SboxFolio itself sets only a single cookie:

  • Session cookie (Auth.js) - encrypted JWT that keeps you signed in. Strictly necessary; disabling it prevents login.

Google Analytics 4 (see the Analytics section above) additionally sets _ga and _ga_* cookies on your device. These can be cleared any time from your browser; the site will keep working without them.

Услуги третьих сторон

SboxFolio relies on the following third-party services:

  • Neon - PostgreSQL database hosting (encrypted at rest)
  • Vercel - web hosting and CDN
  • Cloudflare - CDN edge and DDoS protection; also auto-enables Cloudflare Web Analytics (cookieless, aggregated).
  • Google Analytics 4 - aggregated usage analytics (cookies, no PII shared by us).
  • Yandex Metrica - aggregated usage analytics for the RU/UA audience and Yandex search ranking signals. Includes Webvisor, which records anonymous interaction sessions (clicks, scrolls, form fills with input contents masked) so we can spot UX problems. Cookies + session data are stored by Yandex per their policy.
  • Steam Web API + sboxcharts + SCMM - market prices, item metadata, and inventory verification. Steam authentication uses OpenID.
  • Google OAuth & Discord OAuth - optional sign-in providers.
  • ProxyWing - residential proxy we use server-side to fetch Steam inventory data. No client traffic goes through it.

Each service has its own privacy policy. We recommend reviewing them to understand how they handle your data.

Хранение данных

We retain your data as long as your account exists. If you delete your account, all associated data will be permanently removed from our systems within 30 days. This includes portfolio data, preferences, and all personally identifiable information.

Удаление данных

You can request the complete deletion of your account and all associated data at any time. To do so, contact us on Telegram: @ProstoXleb. We will process your request within 30 days and confirm deletion once complete.

Безопасность

We take security seriously:

  • HTTPS everywhere - all connections are encrypted in transit
  • Encrypted JWT sessions - session tokens are signed and encrypted
  • No plaintext passwords - we never store passwords. Authentication is delegated to OAuth providers
  • Database encryption - data stored in Neon PostgreSQL is encrypted at rest

Изменения

We may update this Privacy Policy at any time. Changes will be posted on this page with an updated "Last updated" date. Continued use of SboxFolio following any changes constitutes your acceptance of the new policy.

Контакт

If you have questions about this Privacy Policy or your data, please contact us on Telegram: @ProstoXleb