Privacy Policy

This Privacy Policy explains how Listingator.com (“we”, “us”, “our”) collects, uses, and protects personal data when you use our web application. We aim to comply with the EU General Data Protection Regulation (GDPR).

1. Who we are

Data Controller: Oleksandr Dordiuk, conducting business activity under the name “Listingator – Oleksandr Dordiuk”, operating the online service Listingator.com, entered in the Central Registration and Information on Economic Activity (CEIDG) register, Poland.
NIP: 8943245363, REGON: 529825656.
Contact for privacy matters: contact@listingator.com.
The correspondence address will be published once available.

2. Data we process

• Account data: email, name (if provided), and technical authentication tokens.
• Listing data: title, description, price, quantity, tags, product type, listing status, and one image per listing.
• Technical data: IP address, device/browser type, and logs for security and stability.

3. Purposes and legal bases

• Providing the service (creating/editing/storing listings) — performance of a contract (Art. 6(1)(b) GDPR).
• Security and abuse prevention — our legitimate interests (Art. 6(1)(f) GDPR).
• Account communications (system emails, password reset) — performance of a contract (Art. 6(1)(b) GDPR).

4. Sources of data

We obtain personal data directly from you when you register and use the application forms.

5. Recipients / processors

• Supabase — database (Postgres), object storage for files, and authentication.
• Frontend hosting — a provider delivering the application’s static assets.

We do not sell personal data and we do not share it with advertising networks.

6. International transfers

Data may be processed outside the EU/EEA depending on our providers’ infrastructure. Where applicable, appropriate safeguards are used (e.g., Standard Contractual Clauses).

7. Retention

• Account: for as long as your account is active; after deletion, we erase or anonymize data within up to 30 days (unless we must retain it by law).
• Listings and images: for as long as they remain in your account or until you delete them.
• Security logs: typically up to 90 days.

8. Your rights

You have the right to access, rectification, erasure, restriction, objection, data portability, and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with a supervisory authority.

9. Security

We implement technical and organizational measures such as TLS, access controls, and backups. No online service can guarantee absolute security.

10. Cookies and local storage

We use technically necessary cookies/tokens for session and interface functionality. No analytics or marketing cookies are used at this time.

11. Analytics

We use Vercel Analytics to collect basic usage metrics (page views, page load times, country, device/browser type). This helps us understand performance and improve the service.

Vercel Analytics does not use cookies and does not create individual user profiles. Information is processed in aggregated and anonymized form.

Provider: Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. Data may be processed on servers in the USA or the EU. Vercel relies on Standard Contractual Clauses for data transfers outside the EEA.

12. Children’s data

The service is not intended for individuals under 16 years of age. We do not knowingly collect their data.

13. Changes to this Policy

We may update this Policy. The new version becomes effective upon publication on this page. For material changes, we will notify you in the app or via email.

14. Contact

Privacy contact: contact@listingator.com.
Data Controller: Listingator – Oleksandr Dordiuk.