GG-MARKETPLACE
GG-MARKETPLACE
Legal

Privacy Policy

Last updated: May 21, 2026 · GDPR compliant

1. Who we are

GG-MARKETPLACE ("we", "us", "our") is the data controller for personal data collected via gg-marketplace.com.

Contact our DPO at privacy@gg-marketplace.com for any data-related request.

2. Data we collect

Account data: email, display name, password hash, profile photo, bio, location, social handles.

Transaction data: orders placed and received, amounts, products, timestamps, dispute history.

Payment data: tokenized card references via Stripe and crypto wallet addresses you provide. We never store raw card numbers.

Technical data: IP address, browser, device, language, referrer, session activity for security and analytics.

KYC data (Priority Sellers only): government-issued ID, address proof.

3. How we use your data

Provide, operate and improve the Platform.

Process payments and payouts, hold funds in escrow, and resolve disputes.

Prevent fraud, abuse, money laundering and account takeover.

Send transactional emails (orders, refunds, security alerts) and, with your consent, marketing.

Comply with legal obligations including tax, anti-money-laundering and law enforcement requests.

4. Legal basis (GDPR)

Contract performance: account, orders, payouts, support.

Legal obligation: tax, AML/KYC, fraud reporting.

Legitimate interest: security, analytics, product improvement.

Consent: marketing emails and optional cookies.

5. Sharing with third parties

Stripe (payments), Lovable Cloud (hosting and database), crypto networks (when you withdraw on-chain), and authorities when legally required.

We never sell your personal data.

6. International transfers

Data may be processed outside the EEA. We rely on Standard Contractual Clauses and equivalent safeguards to protect it.

7. Retention

Account data: while your account is active plus 24 months.

Transaction and KYC data: 7 years (legal/tax retention).

Server logs: 90 days.

8. Your rights

Access, rectification, erasure, restriction, portability and objection. To exercise any right, email privacy@gg-marketplace.com.

You may also lodge a complaint with your local supervisory authority.

9. Security

Encryption in transit (TLS 1.3) and at rest, row-level security on the database, hashed passwords (Argon2), and 2FA on sensitive operations.

10. Children

The Platform is not directed at anyone under 18. We do not knowingly collect data from minors.

11. Changes

We will notify you of material changes by email and on the platform at least 14 days before they take effect.