Privacy Policy

The controller responsible for processing personal data on this platform is the operator listed in our Imprint. Contact: privacy@promptgalaxi.com.

Account data: Email address, hashed password, and optional profile information (name, bio). Seller data: Payment payout information (processed by our payment provider), prompt listings, and sales history. Buyer data: Purchase history, saved prompts, and payment method details (processed by our payment provider). Usage data: Prompts browsed, purchased, search queries, and session data for service improvement. Technical data: IP addresses, browser type, OS, and access logs for security and operations. Communication data: Messages via email or the contact form.

Contract performance (Art. 6(1)(b) GDPR): Account management, marketplace transactions, and seller payouts. Legitimate interests (Art. 6(1)(f) GDPR): Security, fraud prevention, and platform improvement. Consent (Art. 6(1)(a) GDPR): Marketing emails and optional analytics. Withdraw consent anytime. Legal obligation (Art. 6(1)(c) GDPR): Financial records retained per applicable law.

Payment Processing: Buyer purchases and seller payouts processed by a PCI-DSS-certified provider (e.g. Stripe). Full card details are not stored by us. Email Delivery: Transactional emails via a third-party service. Hosting & Infrastructure: Cloud infrastructure within or outside the EU. All processors are bound by GDPR-compliant data processing agreements.

AI prompts listed by sellers are user-generated content. Sellers are responsible for ensuring their listings comply with applicable law and do not infringe third-party rights. PromptGalaxi does not review all listings before publication but will remove infringing or illegal content upon notification.

Where data is transferred outside the EEA, we ensure adequate protection through Standard Contractual Clauses (SCCs) or other Art. 46 GDPR safeguards.

Essential cookies: Authentication, cart/purchase session, and CSRF protection. Analytics cookies (optional): With consent, we analyze platform usage to improve the service. Preference cookies: To remember your display language and browsing preferences.

Accounts: Retained while active; deleted within 30 days of account deletion request. Purchase history: Retained for 7 years for financial/tax compliance. Seller payout records: Retained for 7 years. Technical logs: 90 days. Support communications: Up to 3 years.

EEA residents have rights to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and withdrawal of consent (Art. 7(3)). Contact privacy@promptgalaxi.com. We respond within 30 days. You may also lodge a complaint with your national supervisory authority.

We implement TLS/SSL encryption, password hashing, access controls, and regular security reviews to protect your data.

The Platform is not directed to individuals under 16. We do not knowingly collect data from minors.

Material changes will be communicated by email or website notice. Continued use after changes constitutes acceptance.

Privacy inquiries: privacy@promptgalaxi.com. Full contact details in our Imprint.