Managem
DocsMarketplace
DocsMarketplace
  1. Legals
  • Selling
    • Onboarding
    • Create a Listing
    • Grading your Cards
    • Packing your order
  • Buying
  • API
    • Search & Data
      • Items
        • Full-text search
      • Lookup
        • Retrieve an item
        • Retrieve multiple items
        • Retrieve usernames
      • Hierarchy
        • Game
          • Set
            • Type
              • Game set item type search
            • Game set search
          • Game search
        • Get full hierarchy
      • Listings
        • Search seller's listings
        • Search all listings
        • Search listings for an item
        • Retrieve historical prices for an item
    • Basket
      • List basket contents
      • Add an item
      • Update an item
      • Remove an item
      • Get basket summary
      • Get information, fees & delivery costs
      • Create checkout session
    • Sellers
      • Account
        • Create account
        • Get account details
        • Get current status
        • Get dashboard URL
        • Update vacation mode
      • Listings
        • Suggest prices
        • Create listing
        • Bulk create listings
        • Search listings
        • List listings by item
        • Get listing
        • Update listing
        • Delete listing
        • Create attachment
        • Finalize attachment
        • Delete attachment
      • Orders
        • List orders
        • Get order history
        • Get order
        • Update order
        • List carriers
        • Generate packing slip
        • Create shipment attachment
        • Finalize shipment attachment
      • Cases
        • List cases
        • Get case
        • Update case
        • Create case attachment
        • Finalize case attachment
      • Delivery Costs
        • Get delivery configuration
        • Upsert delivery configuration
      • Balance
        • Get current balance
        • Withdraw funds
        • List payouts
        • List transfers
      • Stats
    • Users
      • Conversations
        • List conversations
        • Create conversation
        • Get unread count
        • List messages
        • Lock conversation
        • Send a message
        • Create message attachment
        • Finalize message attachment
      • Address Management
        • Find/Lookup addresses
        • Retrieve full address details
        • Store a new Address
        • List all Addresses
        • Delete an Address
      • Reviews
        • List reviews
        • Get review
        • Create review
        • Update review
        • Delete review
      • Cases
        • List cases
        • Get case
        • Create case attachment
        • Finalize case attachment
        • Update case
      • Purchases
        • List purchases
        • Get purchase
        • Update purchase
        • List purchase history
      • Payments
        • Get customer portal link
        • Get invoice download URL
        • List invoices
      • Account
        • Get account information
        • Update password
        • Update user profile
        • Update email address
        • Update email address (verification)
        • Create avatar upload url
        • Finalize avatar upload
        • Create cover upload url
        • Finalize cover upload
      • Stats
    • Profiles
      • Get user profile
      • List reviews
  • Legals
    • Seller Policy
    • Buyer Protection
    • Buyer Policy
    • Grading & Condition Policy
    • Terms & Conditions
    • Privacy Policy
  1. Legals

Privacy Policy

1. Who we are (Controller) and how to contact us#

Controller: MANAGEM MARKETPLACE LIMITED
Email (privacy & rights requests): support@managem.co.uk
You can contact us at the email above for any privacy questions or to exercise your data rights. If you are not satisfied with how we handle a concern, you can complain to the UK Information Commissioner’s Office (ICO).

2. Who this policy covers and age limits#

This policy applies to visitors, buyers and sellers in the UK who use the Managem website and services. Our service is intended for adults aged 18+. We do not knowingly collect personal data from anyone under 18; if you believe a minor has provided data, contact us and we will delete it.

3. What personal data we collect#

We collect the following categories of data, depending on how you use the service:
Account & profile: name, email address, password hash, account preferences/status.
Contact & addresses: shipping and (if provided) billing addresses; optional phone number used for delivery.
Marketplace activity: listings, purchases, order details (items, price, taxes, shipping method), order messages and dispute messages.
Payments (via our payment service provider): we receive payment tokens/IDs and status (e.g., success/failed, refund/chargeback status) and basic transaction metadata. We do not store full card details.
Seller onboarding & compliance: for payouts and compliance, our payment partner conducts KYC directly; we receive verification status and payout eligibility, not copies of identity documents.
Delivery & logistics: tracking numbers, scan events and delivery status we receive from shipping carriers and logistics integrators, so orders can be tracked and disputes resolved.
Device, logs and security: IP address (may be truncated/anonymised), device/browser information, security logs (e.g., rate‑limiting, firewall events), and standard HTTP request logs.
Analytics (subject to consent): pseudonymous identifiers, event timestamps and usage events to understand feature usage and improve the service.
Error reporting (no PII): pseudonymous, minimised technical events from our server/API to detect and fix errors; we configure this to avoid sending personal data.
We do not intentionally collect special category data (e.g., health, biometrics) or criminal offence data.

Sources of data#

Provided by you: account details, addresses, listings, messages.
Generated by your use: orders, delivery status, device/log data.
From our providers: payment status and risk signals from our payment service provider; tracking status from carriers/logistics integrators; security events from hosting/network providers.

4. How and why we use personal data (lawful bases)#

We only use personal data when we have a lawful basis under UK GDPR:
PurposeExamples of data usedLawful basis
Create and manage your accountname, email, password hash, preferencesContract (to provide your account)
Process orders & deliver itemsitems, prices/taxes, addresses, order messages, tracking statusContract (to fulfil your order)
Payments & payoutspayment tokens/IDs, status, refund/chargeback dataContract; Legal obligation (accounting); Legitimate interests (fraud prevention)
Buyer↔Seller communications & dispute resolutionorder messages, dispute messagesLegitimate interests (provide support and ensure a safe marketplace)
Security & abuse preventiondevice data, IP (may be truncated), security logs, firewall/WAF eventsLegitimate interests (secure our service)
Error monitoring (server/API)pseudonymous error events without PIILegitimate interests (service reliability)
Analytics (site/app usage)pseudonymous analytics identifiers and eventsConsent (set via our cookie/consent tools)
Legal & complianceinvoices, tax records, chargeback recordsLegal obligation
Service communicationsorder confirmations, delivery updates, policy noticesContract (transactional messages)
Marketing (if you opt in)email address, preferences
Analytics and cookies: we only set non‑essential cookies/SDKs (e.g., analytics) after you give consent via our on‑site consent controls. If you do not consent, we will not set non‑essential cookies/SDKs. We also generate aggregated, server‑side revenue metrics that do not include personal data.

5. Cookies and similar technologies#

We use strictly necessary cookies to run the site (e.g., security, load balancing, session management).
We use analytics cookies/SDKs only with your consent to understand usage and improve the product.
You can set or change your cookie choices at any time via the Cookie settings link in the site footer.
For details (names, purposes, lifetimes), see our Cookie Policy, which reflects the current tools in use and your choices.

6. Sharing your data (recipients)#

We share personal data only with the following categories of recipients, and only as needed:
Payment services (payments, refunds, chargebacks, KYC status).
Cloud hosting & network security (website hosting, content delivery network, DDoS/WAF/bot mitigation).
Analytics provider (EU data region) for consented usage analytics.
Error monitoring (EU region) for server/API reliability, configured without PII.
Logistics & shipping partners (carriers and shipping integrators) to generate labels, track parcels and resolve delivery issues.
Customer support and email delivery tools for transactional and support communications.
Professional advisers (legal/accountancy) and law enforcement or regulators if required by law.
We do not sell your personal data.

7. International data transfers#

Our service is UK‑focused. Some providers may process or route data outside the UK/EEA (for example, global network delivery/security). Where transfers occur, we rely on appropriate transfer safeguards (such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses), plus contractual data protection terms and technical measures (e.g., encryption).
Our analytics and error‑monitoring projects are configured to use EU data regions. Security/network providers may operate a global edge network; we apply contractual and technical safeguards consistent with UK GDPR.

8. Retention (how long we keep data)#

We keep personal data only as long as necessary for the purpose collected, and then delete or anonymise it.
Account data: life of the account + 2 years.
Orders & transactions (including invoices): 6 years (tax/accounting requirements).
Order messages & disputes: 3 years after resolution.
Analytics events: up to 24 months (or less, depending on your consent and our configuration).
Error logs (server/API): up to 90 days.
Backups/security logs: typically 30–180 days.
If you delete your account, we will delete or anonymise your data unless we must keep certain records to comply with law or to resolve disputes.

9. Security#

We use a combination of organisational and technical measures to protect personal data, including TLS encryption in transit, encryption at rest provided by our infrastructure providers, least‑privilege access controls, MFA on administrative accounts, audit logging, regular patching, and network‑level protections (e.g., WAF, DDoS mitigation and bot management). We also minimise data sent to monitoring tools and avoid sending PII to error‑reporting systems.

10. Buyer↔Seller information sharing#

To fulfil an order, we share with the Seller only what is necessary (e.g., recipient name and delivery address). Contact details (email/phone) are not disclosed by default; Buyer↔Seller messaging takes place on our platform. You should not share personal contact details in messages. If you choose to share personal data directly with another user, that is at your discretion.

11. Your rights#

You have the following rights under UK data protection law:
Access to your personal data.
Rectification of inaccurate or incomplete data.
Erasure (in certain cases).
Restriction of processing (in certain cases).
Portability of data you provided to us, in a structured, commonly used format.
Object to processing based on our legitimate interests (including to profiling on that basis).
Withdraw consent at any time where we rely on consent (e.g., analytics or marketing) — this does not affect the lawfulness of processing before withdrawal.
To exercise any right, email support@managem.co.uk. We will respond within one month (extendable by up to two further months for complex requests). We may need to verify your identity before actioning a request.
You also have the right to complain to the ICO if you are unhappy with our response.

12. Automated decision‑making#

We do not make decisions based solely on automated processing that produce legal effects or similarly significant effects on you. Risk and fraud checks may generate scores/signals, but final actions involve human review.

13. Third‑party sites and services#

Our site may link to third‑party websites or services. Their privacy practices are not covered by this policy. Please review their privacy notices.

14. Changes to this policy#

We may update this Privacy Policy to reflect changes to our processing or to the law. We will post the updated version with a new “Last updated” date and, if changes are material, provide a prominent notice (and/or email notice where appropriate).### 1. Who we are (Controller) and how to contact us
Controller: MANAGEM MARKETPLACE LIMITED
Email (privacy & rights requests): support@managem.co.uk
You can contact us at the email above for any privacy questions or to exercise your data rights. If you are not satisfied with how we handle a concern, you can complain to the UK Information Commissioner’s Office (ICO).

2. Who this policy covers and age limits#

This policy applies to visitors, buyers and sellers in the UK who use the Managem website and services. Our service is intended for adults aged 18+. We do not knowingly collect personal data from anyone under 18; if you believe a minor has provided data, contact us and we will delete it.

3. What personal data we collect#

We collect the following categories of data, depending on how you use the service:
Account & profile: name, email address, password hash, account preferences/status.
Contact & addresses: shipping and (if provided) billing addresses; optional phone number used for delivery.
Marketplace activity: listings, purchases, order details (items, price, taxes, shipping method), order messages and dispute messages.
Payments (via our payment service provider): we receive payment tokens/IDs and status (e.g., success/failed, refund/chargeback status) and basic transaction metadata. We do not store full card details.
Seller onboarding & compliance: for payouts and compliance, our payment partner conducts KYC directly; we receive verification status and payout eligibility, not copies of identity documents.
Delivery & logistics: tracking numbers, scan events and delivery status we receive from shipping carriers and logistics integrators, so orders can be tracked and disputes resolved.
Device, logs and security: IP address (may be truncated/anonymised), device/browser information, security logs (e.g., rate‑limiting, firewall events), and standard HTTP request logs.
Analytics (subject to consent): pseudonymous identifiers, event timestamps and usage events to understand feature usage and improve the service.
Error reporting (no PII): pseudonymous, minimised technical events from our server/API to detect and fix errors; we configure this to avoid sending personal data.
We do not intentionally collect special category data (e.g., health, biometrics) or criminal offence data.

Sources of data#

Provided by you: account details, addresses, listings, messages.
Generated by your use: orders, delivery status, device/log data.
From our providers: payment status and risk signals from our payment service provider; tracking status from carriers/logistics integrators; security events from hosting/network providers.

4. How and why we use personal data (lawful bases)#

We only use personal data when we have a lawful basis under UK GDPR:
PurposeExamples of data usedLawful basis
Create and manage your accountname, email, password hash, preferencesContract (to provide your account)
Process orders & deliver itemsitems, prices/taxes, addresses, order messages, tracking statusContract (to fulfil your order)
Payments & payoutspayment tokens/IDs, status, refund/chargeback dataContract; Legal obligation (accounting); Legitimate interests (fraud prevention)
Buyer↔Seller communications & dispute resolutionorder messages, dispute messagesLegitimate interests (provide support and ensure a safe marketplace)
Security & abuse preventiondevice data, IP (may be truncated), security logs, firewall/WAF eventsLegitimate interests (secure our service)
Error monitoring (server/API)pseudonymous error events without PIILegitimate interests (service reliability)
Analytics (site/app usage)pseudonymous analytics identifiers and eventsConsent (set via our cookie/consent tools)
Legal & complianceinvoices, tax records, chargeback recordsLegal obligation
Service communicationsorder confirmations, delivery updates, policy noticesContract (transactional messages)
Marketing (if you opt in)email address, preferences
Analytics and cookies: we only set non‑essential cookies/SDKs (e.g., analytics) after you give consent via our on‑site consent controls. If you do not consent, we will not set non‑essential cookies/SDKs. We also generate aggregated, server‑side revenue metrics that do not include personal data.

5. Cookies and similar technologies#

We use strictly necessary cookies to run the site (e.g., security, load balancing, session management).
We use analytics cookies/SDKs only with your consent to understand usage and improve the product.
You can set or change your cookie choices at any time via the Cookie settings link in the site footer.
For details (names, purposes, lifetimes), see our Cookie Policy, which reflects the current tools in use and your choices.

6. Sharing your data (recipients)#

We share personal data only with the following categories of recipients, and only as needed:
Payment services (payments, refunds, chargebacks, KYC status).
Cloud hosting & network security (website hosting, content delivery network, DDoS/WAF/bot mitigation).
Analytics provider (EU data region) for consented usage analytics.
Error monitoring (EU region) for server/API reliability, configured without PII.
Logistics & shipping partners (carriers and shipping integrators) to generate labels, track parcels and resolve delivery issues.
Customer support and email delivery tools for transactional and support communications.
Professional advisers (legal/accountancy) and law enforcement or regulators if required by law.
We do not sell your personal data.

7. International data transfers#

Our service is UK‑focused. Some providers may process or route data outside the UK/EEA (for example, global network delivery/security). Where transfers occur, we rely on appropriate transfer safeguards (such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses), plus contractual data protection terms and technical measures (e.g., encryption).
Our analytics and error‑monitoring projects are configured to use EU data regions. Security/network providers may operate a global edge network; we apply contractual and technical safeguards consistent with UK GDPR.

8. Retention (how long we keep data)#

We keep personal data only as long as necessary for the purpose collected, and then delete or anonymise it.
Account data: life of the account + 2 years.
Orders & transactions (including invoices): 6 years (tax/accounting requirements).
Order messages & disputes: 3 years after resolution.
Analytics events: up to 24 months (or less, depending on your consent and our configuration).
Error logs (server/API): up to 90 days.
Backups/security logs: typically 30–180 days.
If you delete your account, we will delete or anonymise your data unless we must keep certain records to comply with law or to resolve disputes.

9. Security#

We use a combination of organisational and technical measures to protect personal data, including TLS encryption in transit, encryption at rest provided by our infrastructure providers, least‑privilege access controls, MFA on administrative accounts, audit logging, regular patching, and network‑level protections (e.g., WAF, DDoS mitigation and bot management). We also minimise data sent to monitoring tools and avoid sending PII to error‑reporting systems.

10. Buyer↔Seller information sharing#

To fulfil an order, we share with the Seller only what is necessary (e.g., recipient name and delivery address). Contact details (email/phone) are not disclosed by default; Buyer↔Seller messaging takes place on our platform. You should not share personal contact details in messages. If you choose to share personal data directly with another user, that is at your discretion.

11. Your rights#

You have the following rights under UK data protection law:
Access to your personal data.
Rectification of inaccurate or incomplete data.
Erasure (in certain cases).
Restriction of processing (in certain cases).
Portability of data you provided to us, in a structured, commonly used format.
Object to processing based on our legitimate interests (including to profiling on that basis).
Withdraw consent at any time where we rely on consent (e.g., analytics or marketing) — this does not affect the lawfulness of processing before withdrawal.
To exercise any right, email support@managem.co.uk. We will respond within one month (extendable by up to two further months for complex requests). We may need to verify your identity before actioning a request.
You also have the right to complain to the ICO if you are unhappy with our response.

12. Automated decision‑making#

We do not make decisions based solely on automated processing that produce legal effects or similarly significant effects on you. Risk and fraud checks may generate scores/signals, but final actions involve human review.

13. Third‑party sites and services#

Our site may link to third‑party websites or services. Their privacy practices are not covered by this policy. Please review their privacy notices.

14. Changes to this policy#

We may update this Privacy Policy to reflect changes to our processing or to the law. We will post the updated version with a new “Last updated” date and, if changes are material, provide a prominent notice (and/or email notice where appropriate).
Previous
Terms & Conditions
Built with