Shelfd

Security at Shelfd

Last updated: 8 June 2026

Shelfd is operated by Photon Labs Ltd (registered in England and Wales, ICO registration ZC136232). We hold collectors’ data and process real payments, so security is built into how the product works rather than bolted on. This page explains, in plain terms, how we protect your information and your money. It complements our Privacy Policy and Terms & Conditions.

Encryption

Access control

Payments

Data minimisation

We try to hold as little as possible, for as short as possible:

Infrastructure

Monitoring

We monitor for errors and for abuse and fraud (for example, unusual sign-in or transaction patterns). Technical logs are retained briefly for security and reliability, then automatically deleted. Diagnostic monitoring is configured to redact personal data, as described above.

Your part

Security is shared. Use a strong, unique password, keep your device up to date, and never agree to complete a sale or trade outside the app — moving off-platform removes buyer protection and is where almost all marketplace scams happen. If you ever receive a message asking you to pay a seller directly, treat it as a red flag and report it to us.

Reporting a vulnerability

If you believe you’ve found a security issue, please tell us before disclosing it publicly. Email Shelfd@photonlabs.dev with the subject line “Security” and as much detail as you can (steps to reproduce, and what you were able to access). We will acknowledge your report, investigate, and keep you updated. We’re grateful to researchers who report responsibly and will not pursue action against good-faith testing that respects user privacy and doesn’t degrade the service.

Contact

Operator: Photon Labs Ltd
Email: Shelfd@photonlabs.dev
Regulator: Information Commissioner’s Office (ICO), ico.org.uk