Privacy Policy

1. Information We Collect

OpenMarsh collects and processes information necessary to operate a marketplace for virtual goods and digital access rights, including email addresses, login status, shop profiles, product information, order records, payment status, dispute records, messages, notification settings, Telegram bindings, payout addresses, refund addresses, audit logs, and system security records.

OpenMarsh does not require identity materials unrelated to transactions. Information that users voluntarily enter in product descriptions, disputes, notes, announcements, or other input areas may be used for order processing, dispute review, compliance governance, and security auditing.

2. Transaction and Delivery Data

To process orders, OpenMarsh records product titles, categories, quantities, order amounts, order status, payment channels, payment events, delivery status, delivery link status, acceptance deadlines, refund results, and settlement results.

Virtual inventory content, seller payout addresses, and buyer refund addresses are stored using encryption or hashing where applicable. Delivery content is not displayed on public pages. Buyers, sellers, and administrators may access relevant information only to the extent required for transaction completion, dispute handling, security auditing, or platform administration.

3. How Information Is Used

OpenMarsh uses information for account login, email verification, order creation, inventory locking, payment confirmation, automatic delivery, dispute communication, refund handling, seller settlement, Telegram or email notifications, announcements, risk control, violation handling, system maintenance, statistics, and security auditing.

OpenMarsh may review order records, payment records, delivery access logs, dispute messages, abnormal behavior, and system logs manually or automatically to maintain transaction integrity, prevent fraud, resolve disputes, and protect the legitimate interests of buyers and sellers.

4. Third-Party Services

OpenMarsh uses third-party email providers to send verification codes, order notices, delivery emails, and other necessary notifications. It also uses third-party cryptocurrency payment or payout providers to process payments, callbacks, synchronization, and settlement-related information. If a user binds Telegram, OpenMarsh may send enabled notifications through a Telegram Bot.

Third-party services may process delivery, payment, risk-control, network, and device information under their own policies. OpenMarsh seeks to provide only the information needed for the relevant service, but it cannot fully control independent data practices of third-party providers.

5. Sharing and Disclosure

OpenMarsh does not sell personal information. Except where necessary to complete transactions, provide services, resolve disputes, conduct security audits, comply with legal requirements, or protect the rights and interests of the platform and its users, OpenMarsh does not disclose user information to unrelated third parties.

In transaction scenarios, buyers and sellers may see information necessary for order fulfillment, such as order numbers, product information, order status, dispute messages, and delivery or replacement status. Sellers do not see a buyer's full payment channel credentials, and buyers do not see a seller's encrypted payout address in plaintext unless a specific page function clearly displays it.

6. Data Security

OpenMarsh uses access controls, encrypted storage, hash records, operation auditing, session management, two-factor verification, and necessary administrative isolation measures to protect data. Sensitive administrator actions are recorded in audit logs for traceability and incident review.

No internet service can guarantee absolute security. Users are responsible for safeguarding their email accounts, login credentials, Telegram accounts, two-factor authentication methods, payout addresses, and delivery information, and should avoid sharing accounts or delivered content with untrusted third parties.

7. Retention and User Choices

OpenMarsh retains records for as long as necessary to support transactions, disputes, settlement, auditing, compliance, and security. Some order, payment, dispute, settlement, and audit records may continue to be retained after an account stops being used where required for transaction evidence, dispute handling, security auditing, or legal compliance.

Users may maintain certain profile data and notification preferences in account, shop, or notification settings. Historical orders, audit logs, payment events, dispute records, and platform risk-control records may not be unilaterally deleted or modified by users.

8. Policy Updates

OpenMarsh may update this Privacy Policy as product functions, third-party services, laws, regulations, and operational needs change. Updated policies will be published on the platform and become effective from the publication date or the date stated on the page. Continued use of the platform means the user understands and accepts the updated policy.