Home Publish Ad Contact Login Register Publish Ad

Privacy Policy

 

Privacy Policy nohodl.org

Last Updated: December 27, 2025

 

1. DATA CONTROLLER
The controller of your personal data is the owner of the nohodl.org website, with a seat in Poland, reachable via email at: info@nohodl.org

 

2. DATA PROTECTION OFFICER
For all matters related to personal data protection, you can contact us at: info@nohodl.org

 

3. SCOPE AND PURPOSES OF DATA PROCESSING

3.1. Data processed during account registration:

  • Data: Email address, password (hashed), username, country, region, registration date.

  • Purpose: To create and manage your user account, authorize access, and communicate.

  • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

  • Retention Period: Up to 5 years from the last activity.

3.2. Data in listings (with registration):

  • Data: Name/nickname, contact details (phone, email), location, listing content, images, prices in cryptocurrencies/fiat.

  • Purpose: To publish the listing and enable contact between users.

  • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

  • Retention Period: Until deleted by the user or for 2 years from the last edit.

3.3. Data in listings (without registration):

  • Data: Email address, listing content, images, location.

  • Purpose: For a one-time publication of the listing.

  • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

  • Retention Period: 30 days from publication (or until deleted via the provided link).

3.4. Messages between users:

  • Data: Sender's email address, message content, listing identifier.

  • Purpose: To enable communication between interested parties.

  • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

  • Retention Period: 90 days from sending.

3.5. Transactional data (P2P):


IMPORTANT: nohodl.org does NOT process payment data, credit card details, or specifics of cryptocurrency transactions. Transactions occur directly between users.

 

3.6. Analytical data:

  • Data: IP address, browser type, operating system, pages visited, visit duration, traffic source.

  • Purpose: Traffic analysis, functionality improvement, fraud detection.

  • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR).

  • Retention Period: 30 days.

3.7. Data for newsletter (optional):

  • Data: Email address, topic preferences.

  • Purpose: Sending information about news and promotions (only with consent).

  • Legal Basis: Consent (Article 6(1)(a) GDPR).

  • Retention Period: Until consent is withdrawn.

 

4. COOKIES AND TRACKING TECHNOLOGIES

4.1. Essential cookies:

  • Purpose: Session maintenance, security, basic functionality.

  • Storage: Session or up to 24 hours.

  • Opt-out possibility: No (the website cannot function without them).

4.2. Analytics cookies:

  • Purpose: Anonymous statistics (Google Analytics, Matomo).

  • Storage: 24-26 months.

  • Opt-out possibility: Yes (in the configuration panel).

4.3. Marketing cookies:

  • Purpose: Ad personalization (if displayed).

  • Storage: 1-24 months.

  • Opt-out possibility: Yes (disabled by default).

Detailed information: A full list of cookies is available in the Cookie Policy.

 

5. RECIPIENTS OF DATA

5.1. Other users of the service:
Contact details from listings (name, phone, email, location) for the purpose of enabling contact regarding the listing.

5.2. Technical service providers:

  • Hosting: Servers in Germany (or another EU provider).

  • Email: Google Workspace (data may be processed in the USA with the protection of Standard Contractual Clauses).

  • Analytics: Google Analytics (with IP address anonymization).

5.3. State authorities:
Only upon lawful request (police, courts, tax authorities).

 

6. TRANSFER OF DATA OUTSIDE THE EU/EEA
Data may be transferred outside the European Economic Area only:

  • To countries with an adequacy decision from the European Commission (e.g., Canada, Japan).

  • With the application of the European Commission's Standard Contractual Clauses.

  • In the case of Google Workspace – with appropriate safeguards in place.

 

7. YOUR RIGHTS
Under the GDPR, you have the right to:

  • 7.1. Access your data (Art. 15 GDPR): You can request information about what data we process.

  • 7.2. Rectification of data (Art. 16 GDPR): You can correct inaccurate data in your account.

  • 7.3. Erasure of data (Art. 17 GDPR): You can request the deletion of your account and data (subject to legal exceptions).

  • 7.4. Restriction of processing (Art. 18 GDPR): You can request the restriction of processing in specific situations.

  • 7.5. Data portability (Art. 20 GDPR): You can receive your data in a structured, commonly used format.

  • 7.6. Objection (Art. 21 GDPR): You can object to processing for marketing purposes.

  • 7.7. Withdrawal of consent (Art. 7(3) GDPR): Consent for the newsletter can be withdrawn at any time.

Exercising your rights: All rights can be exercised by contacting us at info@nohodl.org. We will respond within 30 days.

 

8. DATA SECURITY

8.1. Technical measures:

  • SSL/HTTPS encryption across the entire website.

  • Passwords stored in hashed form.

  • Regular security updates.

  • Firewalls and intrusion detection systems.

8.2. Organizational measures:

  • Limited access to data for personnel.

  • Data protection training.

  • Incident response procedures.

8.3. Sensitive data:


We do NOT collect: PESEL numbers, national ID card details, payment card data, private cryptocurrency keys.
WARNING: Do not post sensitive data in your listings.

 

9. SPECIAL RULES FOR CRYPTOCURRENCIES

9.1. Information on cryptocurrencies in listings:

  • Exchange rates are for informational purposes only.

  • nohodl.org does not guarantee the accuracy of rates.

  • The user is solely responsible for verifying current market rates.

9.2. Warnings:

  • Cryptocurrency transactions are irreversible.

  • nohodl.org does not act as an intermediary in transactions.

  • We recommend in-person transactions (local P2P).

9.3. User obligations:

  • Independently verify the legality of cryptocurrencies in your country.

  • Fulfill tax obligations according to your local law.

  • Exercise caution during transactions.

 

10. CHILDREN'S DATA

  • The service is not directed at persons under the age of 13.

  • Persons aged 13-18 may use it with parental/guardian consent.

  • If we detect data of a child, we will delete the account.

 

11. AUTOMATED DECISION-MAKING
We DO NOT use profiling or automated decision-making that produces legal effects.

 

12. CHANGES TO THE PRIVACY POLICY

  • Changes will be published on this page with an updated date.

  • We will notify registered users via email about significant changes.

  • Continued use of the service signifies acceptance of the changes.

 

13. CONTACT AND COMPLAINTS
Contact for data protection matters:

  • Email: info@nohodl.org

  • We respond in Polish or English.

Right to lodge a complaint:
You have the right to lodge a complaint with the Polish supervisory authority, the President of the Personal Data Protection Office (Urząd Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warsaw), if you believe the processing violates the GDPR.

 

14. FINAL PROVISIONS

14.1. User responsibility:

  • The user is responsible for the content of their listings.

  • By publishing a listing, you consent to the disclosure of your contact data to other users.

14.2. Limitation of nohodl.org's liability:

  • We are not a party to transactions between users.

  • We do not verify the truthfulness of listings.

  • We are not liable for cryptocurrency transactions.

14.3. Governing law:

  • This Policy is governed by Polish law.

  • Any disputes shall be resolved by the court in Wrocław, Poland.