Privacy Policy
This Privacy Policy explains how DMarketplace collects, uses, stores, and shares personal data when you use our website, mobile web experience, checkout, merchant tools, and related services (together, the Services). It should be read together with our Terms of Use and Return Policy. Last updated: May 2026.
Who we are and scope
The data controller for personal data processed through the Services is the legal entity operating DMarketplace (we, us, our). Merchants who sell on DMarketplace act as independent controllers for data they need to fulfil your orders (for example shipping details and support messages). Where we process data on behalf of merchants (for example hosting order records), we act as a processor according to agreed terms.
This policy applies to shoppers, visitors, and merchants using DMarketplace interfaces. Third-party websites, wallet apps, blockchain networks, card issuers, and payment rails have their own policies; when you leave our Services or sign transactions in an external wallet, their terms govern those interactions.
Personal data we collect
Identifiers and contact data: name, email address, phone number, delivery and invoice addresses, country or region selection, and language or currency preferences you set in the product.
Account, commerce, and support data: order history, basket contents, product views where logged, messages you send to support, dispute notes, ratings or reviews you submit, and merchant onboarding documents you upload.
Technical and usage data: IP address, device type, browser type and version, approximate location derived from IP, diagnostic logs, timestamps, referring URLs, and security signals (for example failed logins or bot detection scores).
Payment-related metadata: payment method type, transaction identifiers, settlement status, risk flags, and chargeback or fraud investigation records. We do not store full private keys for your wallet; your wallet app controls signing secrets.
Wallet addresses, on-chain data, and public ledgers
When you connect a wallet, we process the public wallet address, chain identifiers, and transaction hashes needed to link your session to checkout, anti-abuse controls, and reconciliation. Blockchains are public: once broadcast, transaction details may be permanently visible and outside our ability to erase.
We may analyse on-chain activity that relates to our contracts or labelled addresses as part of fraud prevention, compliance, and product analytics, including comparing your address to public sanctions or abuse lists where permitted by law.
How and why we use personal data
To provide the Services: display catalogues, calculate taxes or regional eligibility (for example gift card regions), operate carts and checkout, communicate order updates, and enable merchant fulfilment.
To secure the platform and comply with law: detect and prevent fraud, abuse, and policy violations; authenticate sessions; enforce transaction limits; respond to lawful requests from authorities; and maintain audit trails required for regulated activities.
To improve DMarketplace: measure feature usage, diagnose errors, run A/B tests where appropriate, and develop recommendations. Where required, we rely on consent or legitimate interests balanced against your rights.
Legal bases (EEA, UK, and similar jurisdictions)
Depending on the processing activity, we rely on performance of a contract, legitimate interests (such as fraud prevention, network security, and analytics with appropriate safeguards), legal obligation, or consent where we expressly request it (for example certain marketing cookies). You may withdraw consent at any time without affecting prior processing that was lawful.
Cookies, local storage, and similar technologies
We use strictly necessary technologies to operate sessions, remember locale and currency, keep your basket, and protect against cross-site request forgery. With your consent where required, we use analytics or marketing cookies to understand campaign performance.
You can control many cookies through your browser or our cookie banner where available. Blocking strictly necessary cookies may break checkout or wallet connection flows.
Sharing and categories of recipients
We share data with infrastructure and security vendors (hosting, CDN, logging), payment and crypto settlement partners, customer messaging providers, identity or KYC vendors when you complete verification, and professional advisers (lawyers, auditors) bound by confidentiality.
We share order fulfilment data with the merchant you purchased from and their logistics partners. We do not sell personal data for money. We may share aggregated or de-identified statistics that cannot reasonably identify you.
We may disclose information if required by law, court order, or governmental request, or to protect the rights, property, or safety of DMarketplace, users, or the public. We may also disclose data to enforce our Terms or investigate fraud.
International transfers
We may process and store data in the European Economic Area and other countries where we or our suppliers operate. When we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate, we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures where required.
You may request a copy of relevant transfer mechanisms by contacting us using the details below.
Retention
We retain personal data only as long as necessary for the purposes described, including statutory retention periods for tax, accounting, and anti-fraud obligations. Order and payment records are typically kept for several years after the last activity unless a longer period is required by law.
Marketing consents, cookie logs, and support tickets are kept for shorter periods defined by operational need and policy. Blockchain-derived identifiers may persist on-chain regardless of our deletion practices.
Security
We implement technical and organisational measures appropriate to the risk, including encryption in transit, access controls, monitoring, and vendor due diligence. No online service is perfectly secure; you should protect your devices, enable wallet protections, and report suspected compromise promptly.
Your privacy rights
Depending on your location, you may have the right to access, rectify, erase, restrict processing, object to certain processing, data portability, and to lodge a complaint with a supervisory authority. You may also have rights relating to automated decision-making where applicable.
To exercise rights, contact us via @dMarketplaceSupportBot on Telegram or the contact channel we publish on the site. We may need to verify your identity before responding and may decline requests that are manifestly unfounded or excessive.
If you are in the EEA or UK and believe we lack a lawful basis for processing, you may contact your local supervisory authority. We will cooperate in good faith with regulators.
Children
The Services are not directed to children under the age where they can lawfully consent to data processing in their country (often 16 or 13 with parental permission). If you believe we have collected data from a child, contact us and we will take appropriate steps to delete it.
Third-party sites, issuers, and wallet software
Product pages may link to brand or issuer websites. Gift cards and digital goods remain subject to the issuer’s own terms, privacy notices, and redemption rules. Wallet providers (for example browser extensions or hardware vendors) process data under their policies.
We are not responsible for third-party practices, though we select partners with reasonable care for critical payment and infrastructure functions.
Automated decision-making and profiling
We may use automated tools to score fraud risk, enforce velocity limits, or tailor offers. These processes may produce legal or similarly significant effects only where permitted by law and, where required, with human review or consent. You may contact us for meaningful information about logic and consequences.
Changes to this Privacy Policy
We may update this policy to reflect product, legal, or regulatory changes. We will post the new version with an updated date and, where appropriate, provide additional notice (for example by email or banner). Continued use after the effective date constitutes acceptance unless objection is required by law.
Contact and questions
For privacy requests or questions about this policy, message @dMarketplaceSupportBot on Telegram. Please include a description of your request and any order identifiers that help us locate your data.
If we appoint a data protection officer or EU representative, their contact details will be added to this section. Nothing in this policy limits mandatory rights you have under applicable consumer or data protection laws.