HomeListingsSellersPartnersEscrow
Log inSign up
Privacy, by design

Your privacy isn't a setting. It's the foundation.

NexusMarket was built for people who'd rather not be watched. We collect the bare minimum to run an escrow marketplace — and nothing we don't need. No IP logs. No location. No advertising trackers. No selling you to anyone. This page explains exactly what that means, in plain language.

Last updated · 16 June 2026

We don't log your IP

Your IP address is never written to a database, a log file, or an analytics tool. We use it transiently to deliver the response in front of you, then it's gone.

We don't track location

No geolocation, no GPS, no country profiling, no "people near you." Where you are is your business, not ours.

No third-party trackers

Zero Google Analytics, zero Facebook pixels, zero ad networks. The only JavaScript we ship is the little that powers the app — never surveillance.

Minimal by default

An email, a username, a password hash. That's the account. We don't ask for your real name, phone number, or government ID to browse, buy, or sell.

Messages stay between you

Conversations are sanitized and stored only so both parties can read the thread. We don't mine them, profile them, or hand them to advertisers.

You can leave clean

Ask us to delete your account and we erase your record. No shadow profile, no "deleted but kept for marketing." Gone means gone.

1. What we actually collect

We're allergic to data hoarding. To operate an account and protect escrow deals, we keep:

  • Your email — used for sign-in, verification, and account recovery. Nothing else. We never email you marketing.
  • Your username — the public handle other members see.
  • A password hash — your password is run through Argon2id and salted. We store the hash, never the password. We cannot see it, and neither can anyone who steals the database.
  • Your balance and order history — the on-site balance and the escrow deals you're a party to, so the marketplace can function.

That's the whole list. No birth dates, no addresses, no phone numbers, no "how did you hear about us."

2. What we deliberately don't collect

Just as important is what never touches our storage:

  • IP addresses — not logged, not retained, not associated with your account.
  • Geographic location — no IP-to-country lookups, no GPS, no region targeting.
  • Device fingerprints, advertising IDs, or cross-site identifiers.
  • Browsing history from elsewhere on the web.
  • Your real-world identity — pseudonymous accounts are the default and always will be.

3. Cookies — only the ones that do work

We set exactly two kinds of cookie, and both are strictly functional:

  • A session cookie so you stay signed in. It's HttpOnly, SameSite=Strict, and (in production) Secure.
  • A short-lived admin-unlock cookie — relevant only to staff accounts.

No tracking cookies. No consent-banner theatre, because there's nothing to consent to.

4. Payments stay in crypto

Top-ups and payouts are processed by OxaPay, our crypto payment gateway. We never see or store card numbers, bank details, or wallet seeds. We hand OxaPay an amount and receive back a payment address — your funds move on-chain, and only the resulting balance is reflected on your account.

5. Messaging

Buyer–seller–admin threads exist so a deal can be discussed and, if needed, mediated. Message content is sanitized to strip malicious code and stored so the conversation persists. We don't read it for analytics or advertising. When a transaction is disputed, an admin can view that specific thread to resolve it fairly — and that access is logged.

6. How long we keep things

Account data lives as long as your account does. Escrow and dispute records are retained while a deal is active and for a short period afterward, because both sides may need them if something goes wrong. Sessions expire on their own. When you delete your account, your personal record is removed.

7. Your rights

Whatever jurisdiction you're in, we treat these as universal:

  • Access — ask what we hold about you (it's a short list).
  • Correction — fix your email or username any time.
  • Deletion — close your account and have your record erased.
  • Portability — request an export of your data.

No hoops, no "retention for legitimate interest" loopholes.

8. Law enforcement

We can only ever disclose what we actually hold — and we've designed the system so that's almost nothing. We don't have your IP, your location, or your identity to give. We respond to valid legal process within the bounds of the law, but a subpoena for data we never collected comes back empty.

9. Changes to this policy

If we change anything material, we'll update the date at the top and, for significant changes, surface a notice in the app. We'll never quietly broaden what we collect.

10. Talk to us

Privacy questions, deletion requests, or a concern? Reach the team through Support. We answer real people, not ticket bots.