1. What data we process
We process the minimum necessary data: email address, account data (including the password hash), order and balance history, technical session data and, when the API is used, the issued keys.
We do not request excessive personal data and we do not store card payment details.
2. Purposes of processing
Data is processed for registration and authentication, placing and delivering orders, maintaining the balance, providing the warranty, ensuring security and preventing fraud.
3. Storage and protection
Passwords are stored as a hash (argon2id) and cannot be recovered. Goods data is stored encrypted (AES-256-GCM); plain text exists only at the moment of delivery.
Data transmission is protected by TLS. Access to data is restricted and recorded in the audit log.
4. Cookies
We use necessary cookies for authentication and to store preferences (language, theme). Session cookies are marked with security flags and are not accessible to client-side scripts.
5. Sharing with third parties
We do not sell personal data. Data may be shared with payment providers strictly to the extent needed to process a payment, and upon a lawful request from authorized bodies.
6. Your rights
You may request access to, correction or deletion of your data, to the extent permitted by law and by the need to perform the contract. To do so, contact support: Telegram @nexusmarket_one_support.
7. Retention and deletion
Data is kept for as long as necessary for the purposes of processing and to meet legal requirements, after which it is deleted or anonymized.
By placing and paying for an order, you confirm that you have read this document and fully accept its terms.