This document is referenced by the RareDrop Privacy Policy and is intended to replace the prior SDK list with a version aligned to the current RareDrop app, while preserving the disclosure purpose of the original file. It describes major third-party service providers, SDK-related components, and infrastructure vendors that may process limited data in connection with the RareDrop app.
| Provider / Service | Purpose of Use | Data Potentially Involved | Notes |
|---|---|---|---|
| Stripe | Payment processing, fraud prevention, payment confirmation, refunds, dispute handling | Transaction data, payment status, device/browser signals, limited billing/payment identifiers | Full payment instrument details are handled under Stripe’s own systems and policies. |
| PayPal | Payment processing, checkout, refund/dispute support | Transaction data, payment status, account/payment identifiers, risk signals | Processed under PayPal’s own terms and privacy policy. |
| Google Sign-In | User authentication and account sign-in | Google account identifier, email address, profile data authorized by user | Only used if the user chooses this sign-in method. |
| Sign in with Apple | User authentication and account sign-in | Apple account identifier, relay or real email address, authorized profile data | Only used if the user chooses this sign-in method. |
| Twilio | SMS verification messages, transactional messaging, security notifications | Phone number, message metadata, delivery status | Used for login verification and security-related messaging. |
| Zoho | Email delivery and business/customer support communications | Email address, message content/metadata, delivery status | Used for account, support, and business communications. |
| Amazon Web Services (AWS) | Cloud hosting, storage, databases, logs, security, backend service operation | Account data, order data, logs, uploaded content, application data | Used as core infrastructure provider. |
| Cloudflare | CDN, DNS, web/application security, traffic routing, caching, DDoS mitigation | IP address, request metadata, traffic/security logs | Used for performance and security of web-facing services. |
| Permission / Access | Purpose | Required or Optional |
|---|---|---|
| Notifications | Order updates, shipping notices, account security alerts, optional marketing messages where permitted | Optional |
| Camera / Photos | Uploading images or evidence to customer support, profile/media-related actions where available | Optional |
| Network Access | Basic app connectivity, content loading, account and order processing | Necessary for service operation |
This document continues the original intent of the prior SDK list: to identify third-party components or service providers, summarize why they are used, and explain the types of information they may access or process in connection with the app.