GENERAL DATA PROTECTION AND PRIVACY POLICY FOR MARKETPLACE28.
Effective Date: 08/08/2025
Welcome to MARKETPLACE28 (“we”, “us”, “our”). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our global online platform. Our practices comply with the General Data Protection Regulation (GDPR) and applicable data protection laws.
1. Who We Are
MARKETPLACE28 is a global online marketplace operated by a company registered in Cyprus, with international users and sellers. We are committed to protecting your personal data and processing it lawfully, fairly, and transparently.
2. What Data We Collect
We may collect the following types of personal data when you interact with our platform:
Full name
Email address
Location (city and country)
IP address
Payment and transaction details (processed via secure third parties)
Browser cookies and device information
Content you submit (e.g., store listings, advertisements, communications)
3. Purposes and Legal Bases for Data Processing and Categories of Recipients
We process your personal data for multiple purposes based on the following legal grounds:
| Purpose | Legal Basis | Shared With |
|---|---|---|
| To provide, maintain and improve our Services | Contractual necessity | Internal teams, authorized service providers |
| To verify your identity and confirm user actions (e.g., posting an advert) | Legitimate interests | None |
| To contact you regarding your account, adverts, or transactions | Contractual necessity | None |
| To detect, prevent and investigate fraud, illegal activity, or misuse | Legitimate interests / Legal obligation | Legal authorities if required |
| To analyze platform usage (e.g., via Google Analytics) | Legitimate interests | Analytics providers under DPA |
| To provide customer service and respond to inquiries | Contractual necessity | Internal teams |
| To personalize your user experience | Consent / Legitimate interests | None |
| To comply with legal obligations (e.g., tax, anti-fraud, AML laws) | Legal obligation | Regulatory authorities |
We may also share your data with trusted service providers acting on our behalf under binding agreements. Your data is never sold or traded for marketing or commercial gain.
4. Cross-Border Data Transfers
Some recipients of your data may be located outside your country or in jurisdictions where local laws provide less protection. Where this occurs, we ensure appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms) are in place to maintain GDPR-level protection.
5. Use of Cookies and Similar Technologies
When you use our Services, we and authorized third parties use cookies and similar technologies to:
Enable essential platform functions
Analyze site traffic and user interactions
Improve security
Provide personalized content or ads (only with consent)
You can control or disable cookies via your browser settings. For full details, refer to our User Cookie Notice.
6. Data Retention and Erasure
Your personal data is stored only as long as necessary for the purposes listed in this policy. Our standard retention periods are:
Up to two (2) years from your last activity on MARKETPLACE28
Longer where required by legal obligations (e.g., tax, contracts, fraud)
Data may be restricted instead of deleted when deletion is not possible (e.g., due to ongoing legal issues)
After expiration of the applicable retention period, we will delete or anonymize your personal data unless retention is legally required or justifiable.
7. Data Subject Rights
As a data subject under GDPR, you have the following rights:
Access – Request access to your personal data
Rectification – Correct inaccurate or incomplete data
Erasure – Request deletion of your data (“Right to be Forgotten”)
Restriction – Request restriction of processing under certain conditions
Portability – Receive your data in a structured, machine-readable format
Objection – Object to processing based on legitimate interest
Withdraw Consent – For any processing based on consent
Lodge a Complaint – With a data protection supervisory authority
To exercise any of the above rights, contact us at:
support@marketplace28.store
8. GDPR Obligations for Sellers on MARKETPLACE28
Who Needs to Comply?
EU-based sellers must comply with GDPR when processing personal data (e.g., communicating with buyers, storing buyer information).
Non-EU sellers offering goods or services to buyers in the EU are also subject to GDPR.
Sellers who do not target EU buyers are generally not required to comply with GDPR.
Why It Matters
Non-compliance may result in penalties up to €20 million or 4% of annual global turnover, whichever is higher. EU residents may also bring legal action over personal data misuse.
We encourage all sellers to visit the official EU GDPR portal for compliance guidance.
9. What MARKETPLACE28 Has Done to Support GDPR Compliance
We have implemented the following measures:
Mapped the entire lifecycle of personal data across the platform
Enhanced tools for EU users to access, modify, or delete their data
Designed transparent registration, consent, and cookie management flows
Adopted privacy-by-design across technical development
Rolled out GDPR training for relevant staff
Restricted or anonymized stored data beyond retention periods
Enabled global users—not just EU residents—to access their stored data upon request
10. Account, Ad, and Store Management
As a user of MARKETPLACE28, you may:
Register an account
Create and manage adverts
Open and manage a store
Edit your data or delete your account via your dashboard
Receive verification communications for authentication and fraud prevention
You are responsible for keeping your account secure and ensuring any third-party data you access or process is handled in compliance with data protection laws.
11. Data Security Measures
We implement technical and organizational measures to protect your personal data, including:
End-to-end encrypted transmissions
Role-based access and internal data protection policies
Regular audits and system updates
Secure data storage practices
Anonymization and pseudonymization where applicable
12. International Users
Your personal data may be transferred, stored, or processed in jurisdictions outside your country of residence. When this occurs, we ensure that appropriate legal safeguards are in place to maintain a high standard of data protection.
13. Updates to This Privacy Policy
We may revise this Privacy Policy from time to time. Material changes will be communicated to you via email or platform notifications. The most current version will always be available at: www.marketplace28.com/privacy
14. Contact Us
If you have questions or requests regarding your data or this Privacy Policy, please contact:
MARKETPLACE28 – Data Protection Officer Email: support@marketplace28.store
Address: Ktenas Business Centre, Michael Georgallas 4, Engomi – Nicosia, Cyprus
