Privacy Policy

The ZenMap is the controller of personal data collected through this platform.

Privacy contact: [email protected]

We collect and process the following categories of personal data:

• Account data: name, email address, encrypted password, phone number;
• Listing data: title, description, contact details, location information;
• Payment data: processed exclusively by Stripe (we do not store card data); transaction reference, amount and currency are retained for accounting purposes;
• Technical data: IP address, device type, browser, session cookies, approximate geolocation derived from IP (country level);
• Usage data: pages visited, search queries, interactions with listings.

Your data is processed for the following purposes:

• Provision and management of platform services;
• Account management and authentication;
• Payment processing and fraud prevention;
• Sending transactional notifications related to your listings and account;
• Compliance with legal obligations;
• Service improvement, security and abuse prevention;
• Currency localisation (country-level IP lookup, no data stored).

Processing of personal data is based on the following legal grounds under GDPR:

• Performance of a contract (Art. 6(1)(b)) — for providing our services;
• Consent (Art. 6(1)(a)) — for marketing communications and non-essential cookies;
• Legitimate interests (Art. 6(1)(f)) — for security, fraud prevention and service improvement;
• Legal obligation (Art. 6(1)(c)) — for tax, accounting and regulatory compliance.

Under GDPR, you have the right to:

• Access — request a copy of your personal data;
• Rectification — correct inaccurate data;
• Erasure — request deletion of your data ("right to be forgotten");
• Portability — receive your data in a structured, machine-readable format;
• Objection — object to processing based on legitimate interests or for direct marketing;
• Restriction — request restriction of processing in certain circumstances;
• Complaint — lodge a complaint with the Portuguese data protection authority (CNPD — www.cnpd.pt) or the authority in your country of residence.

To exercise these rights, contact: [email protected]

We use cookies as described in our Cookie Policy. You may manage cookie preferences in your browser settings at any time.

Data is retained for as long as your account is active. Following account deletion, personal data is erased within 30 days, except where retention is required by legal or accounting obligations (typically up to 7 years for financial records).

Data is processed on secure infrastructure within the European Economic Area (Cloudflare) and in the United States for payment processing (Stripe, PCI DSS certified). International transfers outside the EEA are covered by appropriate safeguards including Standard Contractual Clauses.

We use the following third-party processors:

• Stripe — payment processing (Privacy Policy: stripe.com/privacy);
• Cloudflare — infrastructure, CDN and security (Privacy Policy: cloudflare.com/privacypolicy).

We may update this Privacy Policy from time to time. Material changes will be communicated to registered users by email. Continued use of the platform after such changes constitutes acceptance of the updated policy.