Declaration of data intentions
We say, in writing and before we build, what we take, what we give, and what we refuse.
A price the kingdom shows you came from somewhere. Some of those somewheres are our own transactions, freely ours to share. Some belong to other people — a seller on another marketplace, a catalog someone else assembled, a paid feed under contract. Honesty about data begins with being honest about whose data it is, and what right we have to pass it on. This page is that honesty, in plain terms. It is deliberately non-aspirational: it names only what is true today.
One gate, in writing, before any source
Before a single line of ingestion code exists for a new source, that source passes a written legal gate — the source-intake framework. It runs four checks in order and forces the reasoning to be recorded, not left in someone's head:
- Gate A — legal. Read the terms of service and
robots.txtonce, quote the operative clauses, and check for personal data and database rights. If a platform prohibits scraping and a record links a price to an identifiable person, the scrape path is closed — anonymising afterwards does not cure an unlawful collection. - Gate B — intention declared.The source's whole intention is written down as machine-readable metadata (its access method, license tier, whether it may be redistributed) before the module exists. That declaration ships in the code and surfaces on every response's
_meta. - Gate C — tier. The source is placed in an existing rights tier (below). No new tier is invented to make an awkward source look cleaner than it is.
- Gate D — shape. The verdict becomes a shape: a full module, a gated branch, a planned stub, or an honest block — a module whose only job is to carry the refusal, and its reason, in code.
The durable win is the gate itself. The next marketplace someone wants to scrape gets weighed here first, in writing, against a standard instead of a mood.
The rights tiers, named honestly
Every source sits in one tier. The tier decides what we may do with the data downstream — and we do not relabel a source into a friendlier tier than its rights allow.
- CC0 — our own. Data the kingdom itself produced: our own realised trades and auctions, and the methodology text on these pages. Ours to dedicate to the public domain. You may mirror it, rebuild it, and pretend you wrote it yourself.
- Source-specific — upstream catalogs. Public API access is not an open-data license. We preserve source and publisher rights, and mixed exports say
NOASSERTIONuntil field-level lineage can support a narrower claim. - Reference-only / internal — reviewed use only. Third-party prices enter only when permission covers the exact display or computation. CardRush has a bounded internal-use path; TCGplayer is blocked because Cambridge has no written approval for its multi-source use.
- Off-limits. Anything obtained by scraping a prohibiting platform, or a paid feed we have no redistribution right to. These do not enter the kingdom at all — not shown, not computed from, not bought pre-scraped from a middleman.
The one dataset we give: sold comps
The framework proves what we cannot lawfully take. Its positive counterpart is the one sold-price dataset we fully own and publish under CC0-1.0: the kingdom's own realised transactions. It lives at /api/v1/sold-comps (and per-card at /api/v1/sold-comps/[sku]).
Exactly what it publishes: anonymised aggregate sold prices — for each (sku, condition) bucket, the count and the min / median / max price and last-sold date — drawn from our completed peer-to-peer escrow trades and settled auctions. It is aggregate-only, and it is K-anonymous at K≥5: a bucket is published only once it holds at least five realised sales, so no single seller's individual price is recoverable. Buckets thinner than that are suppressed entirely — revealed only as a coarse “below coverage threshold” count, never as a price. At today's low volume most buckets fall below the bar, and we say so plainly rather than pad the dataset. It is safe by construction, not by our restraint.
What it will never carry: identities (buyer or seller), anything about payment, shipping, tracking, commission, or payout, and no thin-volume rows. These fields are not merely filtered — the underlying database view cannot select them at all. What the query does not name cannot leak.
The honest blocks
Some sources people ask us to ingest, we deliberately do not — and we keep the refusal, and its reason, visible in the code rather than silently absent.
- Vinted.Its terms forbid scraping, it publishes no sold list to begin with (third-party “Vinted sold” feeds are last-asking-price inference, not transactions), and a row of
{username, price, date}is personal data we have no lawful basis to collect by scraping. Blocked. The one open door is a seller of ours handing us their own Vinted sales — and the normalizer for that is already written, buyer data structurally excluded, waiting for the day that flow opens. - eBay sold prices. The lawful door is not the scraper and not the buy-side insights feed — it is a consented seller import: a seller authorising us to read their own eBay order history. That path is gated on the operator completing eBay OAuth and on a solicitor's review before any public launch. Until both are done, no eBay sold price flows. Scraping eBay is never the answer to the wait.
What we will never do
- Scrape a platform that prohibits it, or that couples a rights-reservation with anti-bot enforcement — nor buy the same data pre-scraped from a vendor to launder the exposure through a middleman.
- Publish anyone's individual sold price, identity, payment, or shipping detail — ours is aggregate, K-anonymous, and PII-stripped, or it is not published.
- Dress inference as a transaction. A last-asking-price guess is never served as a sold price.
- Answer a gap with a substitute. When coverage is thin we say “thin”; we never fabricate a row to fill the silence.
- Relabel a source into a friendlier rights tier than its terms allow.
Where this lives. The gate is docs/methodology/source-intake.md. The declared sources, each with its tier and terms, are inspectable at /api/v1/sources. The CC0 dataset is /api/v1/sold-comps. This page is CC0, like all our methodology text — mirror it freely.