Subs Market
MarketplaceSign in

Privacy Policy 🔒

Last updated: March 20, 2026

Contents

Introduction

Welcome to Subs Market. Protecting your personal data is our priority. This document explains what data we collect, how we use it, how we protect it, and what rights you have.

Subs Market ("we", "us", "our") operates as a marketplace for sharing subscriptions. We process personal data in accordance with EU Regulation 2016/679 (GDPR).

What Data We Collect

We collect data in several categories:

Account Information

  • Email address
  • Full name
  • Phone number (optional)
  • Service account identifier (for verification)

Payment Information (Stripe Connect)

  • Payment data processed via Stripe (we never see card numbers)
  • Bank account for payouts (sellers only)
  • Transaction and invoice history

Website Usage Data

  • IP address
  • Browser type and operating system
  • Record of your activity on the platform

How We Use Your Data

We use your data for the following purposes:

  • Create and manage your account
  • Verify your access to the shared subscription
  • Process payments and payouts via Stripe
  • Communicate about orders, issues, and updates
  • Provide technical support
  • Platform security and fraud prevention

Legal Bases for Processing

  • Performance of a contract: account, order and payment operations.
  • Legal obligation: accounting, tax records and statutory duties.
  • Legitimate interest: service security, fraud prevention and operational logs.
  • Consent: only where required (for example optional marketing activities).

Data Security

We protect your data in the following ways:

  • HTTPS encryption for all communications
  • PostgreSQL database with restricted access (Supabase with RLS)
  • Stripe and Stripe Connect as certified payment providers
  • Row-Level Security (RLS) - each user only sees their own data

We use reasonable technical and organizational safeguards, but absolute security of internet transmission cannot be guaranteed. If you have security concerns, please contact us.

Sharing with Third Parties

We share some data with trusted third parties that are necessary for the platform to function.

Stripe (payment processor) and Stripe Connect (for seller payouts)

Stripe receives payment data, name, email, and bank details (for sellers). Stripe operates under its own privacy policy.

Apify (automated service availability verification)

Apify is a third party that verifies service availability using the submitted identifier or publicly available information. Apify does not have access to your password.

Supabase (database hosting)

Supabase hosts our database in West EU (Ireland).

Payment and verification services may involve international data transfers outside the EEA. In such cases we rely on safeguards required by law (for example Standard Contractual Clauses).

We do not sell your personal data. We share data only to the extent necessary to provide the service, meet legal obligations, or based on another valid legal basis.

Cookies and Tracking

Our website uses cookies. At the moment we only use strictly necessary technical cookies for login, session, and security.

Essential Cookies

We use essential cookies for authentication, session management, and security. These cookies are necessary for the platform to function.

Cookie Control

You can reject or remove most cookies in your browser settings. However, without cookies you will not be able to log in to the platform.

Your Rights

As an EU resident, you have the following rights under GDPR:

  • Right to Access - You have the right to request a copy of all personal data we have about you.
  • Right to Correction - You have the right to request correction of inaccurate or incomplete data.
  • Right to Deletion - You have the right to request deletion of your data (right to be forgotten) with certain exceptions.
  • Right to Portability - You have the right to request your data in a structured format and transfer it elsewhere.
  • Right to Object - You have the right to object to processing of your data for certain purposes.
  • Right to Withdraw Consent - If processing is based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided below.

Data Retention

We retain your data only as long as necessary:

  • Account data: Retained while you have an active account
  • Transaction data: Retained for 7 years for legal and tax compliance
  • Activity logs: Retained for 90 days for security and troubleshooting

Contact

Privacy Contact

The app is currently in development and operated by the project owner (natural person). Company registration details will be added before commercial launch. For privacy questions or to exercise your rights, contact us at the email above.

You also have the right to lodge a complaint with your national data protection authority.

Back to home