Privacy Policy

1. Data Controller

Sellr is the data controller for the processing of personal data we receive about you. Contact information:

Sellr.dk
CVR: 46085108
Email: philip@sellr.dk

2. What Information Do We Collect?

For sellers:

• Name and email address (for account creation)
• Store name and username
• MobilePay number (if you choose to add it)
• Profile picture and store description
• Product images and descriptions you upload

For buyers:

• Name, email, and phone number (when placing an order)
• Delivery address
• Order history

For all users:

• Chat messages between buyers and sellers
• Activity timestamp (for notifications)

3. Purpose of Processing

We process your personal data for the following purposes:

• To operate the Sellr platform and deliver our services
• To create and manage your account
• To process and handle orders
• To send notifications about orders and important updates
• To facilitate communication between buyers and sellers via chat
• To send email notifications about unread messages
• To improve our platform and user experience
• To comply with legal requirements

4. Legal Basis

We process your personal data on the following legal bases:

• Contract fulfillment: To deliver our services to you
• Legitimate interest: To improve our platform and prevent misuse
• Legal obligation: Where we are required to retain information

5. Sharing of Information

We share your information with:

• Sellers/buyers: Order information is shared between buyer and seller to complete transactions
• Data processors: We use the following services:
  • Supabase (database and authentication)
  • Vercel (hosting)
  • Resend (email notifications)
  • Stripe (payment processing for Sellr+ subscriptions and optional card payments for all sellers). See Stripe's Privacy Policy

We never sell your personal data to third parties.

6. Retention

We retain your personal data for as long as necessary to fulfill the purposes described above, or as long as required by law.

• Account information: As long as your account is active, plus 30 days after deletion
• Order information: 5 years (Danish bookkeeping law)

7. Data Security

We take data security seriously and employ the following measures:

• Encrypted connection (HTTPS/SSL) on all pages
• Secure storage of passwords (hashed)
• Access control to databases
• Optional two-factor authentication (TOTP)

8. Your Rights

You have the following rights under GDPR:

• Access: You can request information about what personal data we have about you
• Rectification: You can have incorrect information corrected
• Erasure: You can request deletion of your information
• Restriction: You can request restriction of processing
• Data portability: You can receive your data in a machine-readable format
• Objection: You can object to processing based on legitimate interest

Contact us at philip@sellr.dk to exercise your rights.

9. Cookies

We only use necessary cookies to operate the platform:

• Session cookies: To keep you logged in as a seller
• Shopping cart cookie: Set when you add items to your cart. Expires after 30 days.

We do not use tracking cookies, analytics cookies, or marketing cookies.

10. Changes

We may update this privacy policy from time to time. Significant changes will be communicated via email or on the platform.

11. Complaints

If you believe we are processing your personal data in violation of the law, you can file a complaint with the Danish Data Protection Agency:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
www.datatilsynet.dk

12. Contact

Questions about our processing of personal data can be directed to:

Sellr.dk
CVR: 46085108
Email: philip@sellr.dk