This is a live demo of MarketplaceKitbrowse freely, some write actions are disabled. Get the source code →
Menu
Post a listing

Browse

All listings

Legal

Terms of ServicePrivacy Policy
Log in

Privacy Policy

Last updated: January 30, 2025

1. Introduction and Data Controller Identity

MarketplaceKit is committed to protecting the privacy of its users. This privacy policy explains what data we collect, how we use it, and how we protect it.

Data controller:

Name: MarketplaceKit

Email: hello@example.com

2. Data We Collect

We collect the following categories of data:

2.1 Account data

  • Full name
  • Email address
  • Profile photo (if you use Google login or upload a custom photo)
  • Shop / display name (optional, if you rent professionally)
  • Phone number (optional)
  • City
  • Bio (optional)

2.2 Listing data

  • Equipment photos
  • Description and equipment details
  • Location (city and optionally exact address with GPS coordinates)
  • Rental prices
  • Security deposit

2.3 Usage data

  • Messages between users
  • Search history
  • Device and browser data
  • IP address
  • Platform access time
  • Reservations and their status
  • Ratings and reviews

2.4 Contact form data

  • Full name
  • Email address
  • Subject
  • Message content

3. Legal Basis for Processing

We process data on the following legal bases:

Data categoryLegal basis
Email, name, password (registration)Contract performance
Phone numberUser consent
Listing data (images, description, location)Contract performance
Messages between usersContract performance
IP address, device data, logsLegitimate interest — platform security
Analytics cookiesUser consent
NewsletterUser consent

4. Purpose of Processing

We use your data to:

  • Provide and improve our services
  • Create and maintain your account
  • Enable communication between users
  • Display listings to other users
  • Send notifications about activity on your account
  • Analyze platform usage for improvement
  • Prevent fraud and abuse
  • Comply with legal obligations

5. Data Sharing and Recipients

We do not sell your data to third parties. We may share data with:

  • Other users: Your public information (name, city, listings) is visible to other platform users
  • Legal authorities: When required by law or to protect our rights

Service providers (processors)

We use the following trusted partners who process data on our behalf:

Service providerPurposeLocation
Hetzner Online GmbHServer hosting and image storageGermany (EU)
Cloudflare, Inc.CDN and DDoS protectionUSA (EU-US DPF)
Google LLCOAuth login, Analytics, reCAPTCHAUSA (EU-US DPF)
Resend, Inc.Sending email notificationsUSA
Mapbox, Inc.Maps and geolocationUSA
Anthropic, PBCAI search assistantUSA
Sentry (Functional Software)Error trackingUSA
Upstash, Inc.Rate limitingEU

6. Data Storage and Security

We apply technical and organizational measures to protect your data, including:

  • Data encryption in transit (HTTPS/TLS)
  • Secure password storage (hashing)
  • Limited data access
  • Regular security system updates
  • Automatic database backups

Data retention periods

Data categoryRetention period
Account dataWhile account exists + 30 days after deletion
ListingsWhile active + 1 year after deletion
Messages2 years after last activity in conversation
Reservations3 years (statutory period for civil claims)
Ratings and reviewsPermanently (anonymized if account is deleted)
Logs and IP addresses6 months
Contact form data1 year

7. Cookies

We use cookies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze platform usage (with your consent)

A detailed overview of all cookies is available on our Cookie Policy.

8. Automated Decision-Making and Profiling

The platform uses limited automated decision-making:

  • AI category suggestion: When you create a listing, our AI system analyzes the title and description to suggest an appropriate category. This suggestion is not binding — you can manually choose a different category.
  • AI search: The AI assistant helps users find equipment using natural language. The system searches only publicly available listings.
  • Abuse prevention: We use automated systems (reCAPTCHA, rate limiting) to prevent spam and abuse.

None of these automated decisions have a significant legal effect on you. If you believe an automated decision is incorrect, you can contact us.

9. Your Rights

You have the following rights:

  • Right of access: You may request information about what data we process
  • Right to rectification: You can correct inaccurate data in your profile settings
  • Right to erasure: You may request deletion of your account and related data
  • Right to restriction: You may request temporary restriction of processing
  • Right to portability: You may request a copy of your data in a structured format
  • Right to object: You may object to processing based on legitimate interest
  • Right to withdraw consent: You may withdraw consent at any time (e.g. unsubscribe from newsletter)

To exercise these rights, contact us at hello@example.com. We will respond to your request within 30 days.

10. Right to Lodge a Complaint

If you believe that the processing of your data violates applicable law, you have the right to lodge a complaint with the supervisory authority.

Please contact your local data protection authority.

11. Obligation to Provide Data

Providing some data is necessary to use the platform:

  • Required data: Email address and name (for account creation)
  • Optional data: Phone number, bio, profile photo, display name

Without required data you will not be able to use the platform. Refusing to provide optional data will not affect core functionality.

12. Minors

Our platform is not intended for persons under 18 years of age. We do not knowingly collect data about minors. If we learn that we have collected data about a minor, we will delete it immediately. If you are a parent or guardian and believe your child has submitted data, please contact us.

13. International Data Transfers

Our primary servers are located in the European Union. Some of our service providers are located in the USA:

  • Google LLC, Cloudflare Inc. — participants in the EU-US Data Privacy Framework, which provides an adequate level of protection
  • Other providers (Resend, Mapbox, Anthropic, Sentry) — standard contractual clauses (SCC)

14. Policy Updates

We may update this privacy policy from time to time. We will notify you of significant changes by email or a notice on the platform. We recommend reviewing this page periodically. The date of the last update is shown at the top of this document.

15. Contact

For all privacy and data protection questions, contact us:

Name: MarketplaceKit

Email: hello@example.com