SECTION 1 Purpose Of This policy

  • Last Updated: 1/22/2026

This Privacy Policy explains how we collect, use, store, and protect your information when you use our marketplace, dashboard, bots, and Discord server (collectively, the “Platform”). By accessing or using the Platform, you agree to the practices described in this Privacy Policy.

1.1. Information We Collect

1.1.1. Discord Information

We automatically collect:

  • Discord ID
  • Username and discriminator
  • Server roles (buyer, seller, premium, verified, etc.)
  • Bot commands and messages sent to our bots
  • Join/leave logs
  • Discord email Address
  • Moderation actions
  • Verification attempts

1.1.1.1 Why We Access Your Discord Email

When you sign in with Discord, Discord provides us with a verified email flag and basic account information. This allows us to:

• Confirm that your Discord account is legitimate
• Prevent impersonation and duplicate accounts
• Maintain a safe and trusted environment for creators and buyers
• Ensure that banned or compromised accounts cannot rejoin using alternate identities

We do not use your email for communication or marketing.
We do not store or share your email outside of what Discord provides during OAuth.
Your identity remains protected under Discord’s authentication system.

1.1.1.2 Optional Email Communication

for community.zophos.org and BuyAndSell.market If you choose to enable email communication in your account settings, we may use your email for:

• Platform updates
• Important notifications
• Marketing and promotional content
• Newsletters and announcements

This feature is completely optional.
You can enable or disable email communication at any time in your account settings.

1.1.2. Payment Information (Stripe)

Stripe collects:

  • Email address
  • Payment method
  • Billing details
  • Transaction amount
  • Country and currency
  • We never store full card numbers.

1.1.3. Listing & Transaction Data

We store:

  • Listings you create
  • Items/services you buy or sell
  • Dispute evidence
  • Refund decisions
  • Communication logs
  • Fraud‑prevention flags
  • Seller performance metrics

1.1.4. Device & Technical Data (Dashboard Only)

We may collect:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Session analytics
  • Login timestamps
  • Security logs

1.1.5. Behavioral Data

We may track:

  • Dashboard usage
  • Bot usage
  • Feature usage
  • Scam‑detection patterns

1.1.6. Voluntary Information

Examples:

  • Support messages
  • Appeals
  • Seller descriptions
  • Extra verification
  • Feedback

1.1.7. Information We Do NOT Collect

We do not collect:

  • Government IDs
  • SSN
  • Biometrics
  • Phone numbers
  • Private messages
  • Sensitive personal info

1.2. How We Use Your Information

We use your data to:

  • Verify sellers
  • Process payments
  • Manage subscriptions
  • Post and manage listings
  • Handle disputes and appeals
  • Detect scams and fraud
  • Enforce platform rules
  • Improve features and performance
  • Maintain safety systems
  • Comply with Stripe and legal requirements
  • We never sell your data.

1.3. Automated Decisions

Our systems may automatically:

  • Flag suspicious activity
  • Restrict accounts for fraud
  • Detect duplicate accounts
  • Trigger dispute reviews
  • Apply temporary safety holds
  • You may request a manual review.

1.4. Data Storage & Protection

We use:

  • Encrypted databases
  • Secure servers
  • Limited staff access
  • Audit logs
  • Rate‑limit protections
  • Bot‑detection systems
  • Stripe’s secure payment infrastructure Data is stored only as long as needed for:
  • Safety
  • Dispute resolution
  • Fraud prevention
  • Legal compliance
  • Platform functionality
  • When no longer needed, data is deleted or anonymized.

1.5. Data Retention

Retention periods:

  • Dispute logs: 12–24 months
  • Fraud flags: indefinitely
  • Payment records: per Stripe + financial regulations
  • Bot logs: 30–180 days
  • Support messages: until resolved
  • Listings: until removed or expired

1.6. Sharing Your Information

We only share data with:

1.6.1. Payment Processors

Stripe receives payment details.

1.6.2. Discord

Discord processes your data under their own policies.

1.6.3. Moderation & Safety

Authorized staff may review logs during disputes.

1.6.4. Service Providers

Used for:

  • Hosting
  • Analytics
  • Security
  • Logging
  • They receive only the minimum required data.

1.6.5. Legal Requirements

We may share data if required by:

  • Law enforcement
  • Fraud investigations
  • Court orders
  • Payment processor rules
  • We do not share data with advertisers.

1.7. International Users

If you access the Platform outside the U.S., your data may be processed in the U.S.

  • We apply the same protections regardless of location.

1.8. User Responsibilities

Users must:

  • Keep their Discord account secure
  • Not share private information publicly
  • Follow Discord’s Terms
  • Provide accurate information
  • Not bypass safety systems
  • Violations may result in restrictions.

1.9. Data Breach Procedures

If a breach occurs, we will:

  • Investigate
  • Secure affected systems
  • Notify impacted users when required
  • Cooperate with authorities
  • Prevent future breaches

1.10. Children’s Privacy

The Platform is not intended for users under 13.

  • We do not knowingly collect data from minors.
  • Accounts belonging to minors may be removed for safety.
On this page