LEGAL

PRIVACY
POLICY

Last updated: January 2026

At Trlly, your privacy is fundamental to everything we do. This policy explains what data we collect, how we use it, and why you can trust us with your browsing experience.

The short version: We collect anonymous price data to help everyone shop smarter. We don't know who you are, what you buy, or anything personal about you.

1. WHAT WE COLLECT

The Trlly extension collects the following data when you browse Ocado product pages:

  • Product Information: Product ID, name, and current price
  • Price Data: Regular price and Smart Pass price (if displayed)
  • Timestamp: When the observation was made
  • Observer Hash: A random, anonymous identifier assigned to your browser

2. ACCOUNT DATA (OPTIONAL)

If you choose to create a Trlly account to access premium features like product watching and price alerts, we collect:

  • Email Address: Used for account authentication and important notifications
  • Watched Products: Products you choose to track for price alerts
  • Alert Preferences: Your notification settings
  • Subscription Status: Whether you have a free or premium account

Creating an account is entirely optional. You can use the basic price history features without any account.

3. PAYMENT DATA

For premium subscriptions, payment processing is handled entirely by Stripe, our payment provider:

  • We never see, store, or have access to your full card number
  • We only receive confirmation that payment was successful
  • We store a Stripe customer ID to manage your subscription
  • Stripe's privacy policy applies to payment data: stripe.com/privacy

4. WHAT WE DON'T COLLECT

We explicitly do not collect:

  • Your name or any personal identifiers (unless you create an account)
  • Your shopping cart contents or purchase history
  • Your browsing history outside of Ocado
  • Your location, IP address, or device information
  • Your payment information or Ocado account details
  • Any data that could identify you as an individual

5. THE OBSERVER HASH

When you install Trlly, your browser generates a random string of characters (like "a7b3x9..."). This is your observer hash.

  • It's created randomly and stored only on your device
  • It cannot be traced back to you, your browser, or your computer
  • It's used only to avoid counting duplicate observations
  • You can reset it anytime using "Clear Data" in the extension popup

6. HOW WE USE DATA

The anonymous price data we collect is used to:

  • Build price history charts displayed to all Trlly users
  • Calculate price trends and detect genuine deals
  • Improve the accuracy of our price tracking over time

We do not sell data, show ads, or share individual-level data with anyone.

7. DATA STORAGE

Price data is stored securely using Supabase infrastructure:

  • Servers located in the European Union
  • Data encrypted in transit and at rest
  • Retained for up to 2 years to provide historical price charts
  • Aggregated data may be retained longer for statistical purposes

8. LOCAL STORAGE

The extension stores minimal data locally on your device:

  • Your random observer hash
  • Your extension preferences (enabled/disabled, Smart Pass toggle)
  • A count of your contributions (for your own reference)

This data never leaves your device unless you choose to contribute price observations.

9. YOUR RIGHTS

You have full control over your participation:

  • Opt-out: Disable the extension at any time to stop contributing data
  • Clear Data: Use the "Clear Data" button to reset your local storage and observer hash
  • Uninstall: Remove the extension completely to delete all local data
  • Data Request: Since we don't collect personal data, there's nothing personal to request

10. THIRD-PARTY SERVICES

Trlly interacts with:

  • Ocado.com: We read publicly visible price information from product pages
  • Supabase: Our backend service for storing aggregated price data and user accounts
  • Stripe: Payment processing for premium subscriptions (see section 3)

We do not use any analytics, advertising, or tracking services.

11. CHILDREN'S PRIVACY

Trlly is not directed at children under 13. We do not knowingly collect data from children.

12. CHANGES TO THIS POLICY

If we make changes to this privacy policy, we will:

  • Update the "Last updated" date at the top
  • For significant changes, notify users through the extension

Continued use of the extension after changes constitutes acceptance of the updated policy.

13. GDPR COMPLIANCE

For users in the European Union, we comply with the General Data Protection Regulation (GDPR):

  • We have a lawful basis for processing (legitimate interest for price data, consent for account data)
  • We minimize data collection to what's strictly necessary
  • We implement appropriate security measures
  • We respect your right to erasure - delete your account anytime via the extension
  • We respect your right to data portability - contact us to export your data
  • We respect your right to withdraw consent - simply sign out or delete your account

14. CONTACT

Questions about this privacy policy? Contact us at:

Email: privacy@trlly.co.uk