♻️ pre-loved items available — growing daily. How it works →
+ Sell Sign In Register
WishThrift
🛍️ Browse All Items + Sell an Item
👗 Women 👔 Men 🧣 Kids
👚 Clothing 👟 Shoes & Footwear 👜 Bags & Handbags 💍 Jewellery & Watches 📱 Electronics 📷 Cameras 🎮 Gaming 🛋️ Furniture 🏠 Home & Garden 🔧 Tools & DIY 🍳 Kitchen 📚 Books 🎸 Music 💿 Vinyl & CDs ⚽ Sports 🚲 Bicycles 🚗 Vehicles 🧸 Toys & Games 👶 Baby & Kids 🐾 Pet Supplies 🎨 Art & Collectibles 📦 Other
🔑 Sign In 📝 Register
❓ How It Works 🆘 Help Center ℹ️ About Us

Privacy Policy

Privacy Policy

Last updated: May 2026

WishThrift (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what personal information we collect when you use wishthrift.com, how we use it, who we share it with, and the choices and rights you have. It applies to all visitors, buyers, and sellers worldwide.

1. Information We Collect

  • Account information — name, email address, username, password (stored only as a one-way hash), city, country, and role (buyer or seller) when you register.
  • Profile information — display name and avatar (if you upload one).
  • Listing information — photos, titles, descriptions, prices, currency, condition, category, shipping preference, and the city/country you choose to attach to a listing.
  • Wishlist — the list of listings you save with the heart button. Stored against your account, not shared with sellers.
  • Messages — the content of messages exchanged between buyers and sellers through our on-site inbox, along with timestamps and read state.
  • Reviews and ratings — star ratings and written reviews you leave for sellers. These are public.
  • Verification documents (sellers who opt in only) — full legal name, country, ID type, an uploaded photo of a passport / driving licence / national ID, and an optional social or business URL. Handled separately — see §7 below.
  • Usage data — pages visited, listings viewed, search queries, and aggregate site interactions. Collected only if you consent to Analytics cookies (see §5).
  • Technical data — IP address (hashed for view-deduplication on listings), browser type, device type, and referrer.

2. How We Use Your Information

  • To operate the WishThrift marketplace and let buyers and sellers find each other.
  • To enable on-site messaging and email notifications when you receive a new message.
  • To display public listings, profiles, ratings, and reviews on the site and in search engines.
  • To send account-related emails (registration, password resets, message notifications, verification decisions).
  • To review and decide on Verified Seller applications you submit (see §7).
  • To detect and prevent fraud, spam, abuse, and platform misuse.
  • To remember your cookie preferences so the consent banner doesn’t reappear on every visit.
  • To improve the service through anonymised analytics — only with your consent (see §5).

3. What We Never Do

  • We never sell your personal data to third parties.
  • We never process financial transactions — payments and exchanges happen directly between buyers and sellers off-platform.
  • We never display your email address or full IP address publicly.
  • We never share your verification ID document with anyone outside our review team.

4. Information That is Public

Anyone — including search engines and visitors who are not logged in — can see your username, display name, avatar, member-since month, your active and sold listings, and any ratings or reviews left on your profile. If you list an item, the city and country you attach to that listing are also public. Everything else is private to you and (where relevant) to the buyer/seller you are messaging.

5. Cookies and Similar Technologies

The first time you visit wishthrift.com you will see a cookie consent banner with three categories. Your choice is stored in a cookie called wt_consent for 12 months. You can change your mind at any time by clicking the cookie icon in the bottom-left corner of any page.

CategoryWhat it coversDefault
Strictly NecessaryLogin session, security tokens (CSRF nonces), wishlist storage, and the wt_consent cookie itself. The site cannot function without these.Always on
AnalyticsGoogle Analytics 4 (measurement ID G-BWMEFQ1R2Q) with IP anonymisation. Helps us see which listings and categories are popular. Uses Google Consent Mode v2 — if you decline, no analytics cookies are set and only aggregated cookieless pings are sent to Google.Off until you accept
MarketingReserved for future advertising and remarketing tools. We are not currently running ad campaigns, so no marketing cookies are set even if you accept this category today.Off until you accept

You can also block cookies in your browser settings. Doing so may prevent you from logging in or using your wishlist.

6. Third Parties Who Process Data on Our Behalf

  • Hostinger — web hosting, database, and SMTP delivery of transactional emails (registration, password resets, message notifications). EU/UK data centres where available.
  • Google Analytics 4 — aggregated traffic analytics, only after you grant Analytics consent. Subject to Google’s privacy policy.
  • Gravatar (Automattic) — if you have not uploaded an avatar, WordPress may request one from Gravatar using a hash of your email address.

We do not currently use third-party advertising networks, retargeting pixels, or customer-data platforms.

7. Verified Seller Programme

Becoming a Verified Seller is optional. If you choose to apply, we collect:

  • Your full legal name, country, and ID type (passport, driving licence, or national ID).
  • A photo or scan of that ID document, uploaded by you.
  • An optional social or business URL.

The ID file is stored in a private directory on our server (wp-content/uploads/wt-verify/) that is blocked from public web access. It is accessible only to a WishThrift administrator with the ‘manage_options’ permission, and only via an authenticated request — the file is never given a public URL. We use the ID solely to confirm the identity you have stated on your application.

Retention: the uploaded ID file is deleted within 30 days of the verification decision (whether approved, rejected, or revoked), unless we are required by law to retain it longer. Your legal name, country, and the decision itself are kept against your account for as long as you remain a verified seller.

You can withdraw from the programme at any time by emailing privacy@wishthrift.com, which will also delete the stored ID file immediately.

8. Data Sharing and Disclosure

  • Other users — only your public profile and listing information, as described in §4.
  • Service providers — only the third parties listed in §6, only for the purposes described.
  • Law enforcement — we may share data when we receive a valid legal request (e.g., a court order or formal request from law enforcement), or when we believe disclosure is necessary to prevent imminent harm or fraud.
  • Successors — if WishThrift is ever acquired or merged, your data may be transferred to the successor entity, who will be bound by this policy or a successor with equivalent protections.

9. Your Rights

Wherever you live, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data — most fields can be edited directly from your account settings, or you can email us.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Withdraw consent at any time — for cookies via the cookie preferences icon, for other processing by emailing us.
  • Object to processing or restrict how we use your data.

To exercise any of these rights, email privacy@wishthrift.com. We will respond within 30 days. If you are in the UK or EU and believe we have mishandled your data, you have the right to complain to your local supervisory authority (in the UK, the Information Commissioner’s Office).

10. Data Retention

WhatHow long we keep it
Account data (profile, listings, wishlist)While your account is active. Deleted within 30 days of account deletion.
Verification ID fileDeleted within 30 days of the approval/rejection decision.
Verified status (legal name, country, decision)For as long as you remain a verified seller; deleted on account deletion.
Messages12 months after the last message in a thread, for abuse prevention.
Ratings and reviewsFor as long as the rated seller has an account.
Server access logsUp to 14 days (Hostinger default).
Cookie preference (wt_consent)12 months, or until you reset it.

11. Security

We use HTTPS/SSL site-wide, one-way hashing for passwords, server-side capability checks for every administrative action, and restricted file permissions for sensitive uploads. No system is 100% secure, however — if you suspect your account has been compromised, change your password and email us immediately at privacy@wishthrift.com.

12. International Transfers

WishThrift is a global marketplace. Data you provide may be processed in any country where we or our service providers operate, including outside your country of residence. We rely on the safeguards provided by our hosting and processing partners (including Standard Contractual Clauses where applicable) to keep your data protected to the standard required by UK and EU data-protection law.

13. Children

WishThrift is not intended for users under the age of 18. We do not knowingly collect personal data from children. If you believe a child has created an account, please email privacy@wishthrift.com so we can remove it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date at the top and, for material changes, notify users by email or via a prominent notice on the site. Continued use of WishThrift after a change means you accept the revised policy.

15. Contact

For any privacy questions, data requests, or concerns, contact us at privacy@wishthrift.com.

🍪