Privacy Policy

Last updated: 2026-05-27

1. Data Controller

EuroDomains, contact at privacy@eurodomains.net.

Account: email, hashed password (argon2id), display name, locale

Profile: country, optional VAT id, optional bio

KYC: identity documents (encrypted at rest, AES-256-GCM)

Activity: listings, offers, bids, messages, escrow events

Technical: IP address (hashed sha256 for analytics), user agent, session token (hashed)

Cookies: see /legal/cookies

Contract performance (account, marketplace transactions)

Legal obligation (tax, AML)

Legitimate interest (fraud prevention, analytics with hashed identifiers)

Consent (marketing emails, non-essential cookies)

Active account: until deletion

Soft delete: 30 days reversible window, then hard delete (Phase 11 BullMQ job)

Tax / AML records: 10 years (legal requirement)

Audit log: append-only, hash-chained, retained for 7 years

IP / user agent: 90 days then anonymised

We do not sell personal data. Limited disclosure to:

Payment provider (Phase V2 — Stripe/Mollie); currently mock provider

Email provider (Phase V2 — currently mock); we never share to marketers

Authorities upon legal request

Access (export all your data — /settings/danger)

Rectification (edit profile)

Erasure (soft delete + 30-day window)

Restriction / objection

Data portability (JSON export)

Right to lodge complaint with your supervisory authority

TLS 1.2+ enforced

argon2id password hashing

AES-256-GCM for TOTP secrets + KYC documents

Session cookies HttpOnly + Secure + SameSite=Strict

Hashed IPs in logs (sha256 first 16 chars)

Rate limiting (Phase 0 + per-feature)

Data stays in the EU (Hetzner Germany). No transfers to third countries by default.

Material changes announced 30 days in advance via in-app banner + email.