Trokeo — Privacy Policy

Compliant with RGPD (EU 2016/679) and Spain's LOPDGDD (Law 3/2018). Last updated: June 2026.

Data controller

Trokeo SL, Sotogrande (Cádiz). Contact via the Help page. Trokeo has not appointed a Data Protection Officer because the activity does not currently trigger Article 37 RGPD; this will be reviewed annually.

What we process and why

• Identifiers — email, display name, profile photo, username, language preference, approximate home location (postcode-level). Lawful basis: performance of the contract (Article 6(1)(b) RGPD).
• Identity verification — when you opt in to the Verified badge, your ID document is sent directly to Stripe Identity and never stored on Trokeo's servers. Trokeo receives only a pass/fail token and a name match. Lawful basis: consent (Article 6(1)(a)) for verification; legitimate interest (Article 6(1)(f)) for fraud prevention.
• Activity — listings, messages, reports, search queries. Lawful basis: performance of the contract and legitimate interest in operating the platform safely.
• Chat content — messages between users are translated into each user's preferred language by DeepL. We use DeepL's enterprise tier (no training on your data, no retention beyond the request). Lawful basis: performance of the contract.
• Cookies and analytics — Trokeo uses a privacy-friendly, cookieless analytics provider (Plausible). No cross-site tracking. A consent banner gates any non-essential cookies.

Sub-processors

Trokeo relies on the following sub-processors, all with standard contractual clauses or EU data-residency where appropriate:

• Supabase — authentication, database, file storage (EU region). DPA.
• Stripe Identity — identity verification. DPA.
• DeepL Pro — chat translation; enterprise tier, no model training, no retention. Security.
• Vercel — application hosting and edge. DPA.
• Resend — transactional email (magic links, notifications, support). DPA.
• Cloudflare — DDoS protection, captcha (Turnstile) and edge cache (planned). DPA.
• Plausible Analytics — cookieless web analytics, EU-hosted. DPA.
• Sentry — error monitoring; PII scrubbed at write time (planned). DPA.

Retention

• Account profile data — while your account is active. After deletion, anonymised within 30 days.
• Messages — deleted within 30 days of account closure.
• Reports / moderation logs — retained for two years, anonymised where possible.
• Activity audit logs (security) — 12 months, scrubbed of personal data after 90 days.
• Identity-verification tokens — retained as long as your account holds a Verified badge plus two years for fraud-prevention legitimate interest.

Your rights under RGPD and LOPDGDD

You can access, rectify, erase, restrict, port and object to processing of your data from Settings. You may also lodge a complaint with the Spanish Data Protection Authority (AEPD, aepd.es) at any time. Where the legal basis is consent, you may withdraw consent without affecting prior processing.

International transfers

Where sub-processors transfer personal data outside the EEA (e.g. for global support tooling), they do so under the European Commission's Standard Contractual Clauses (SCCs), with the corresponding Transfer Impact Assessments performed by the sub-processor.

Children

Trokeo is not directed to anyone under 18. Listings must not contain personal data about minors (e.g. children's photos, school addresses) without the explicit consent of a parent or guardian.

Security

Encrypted in transit (TLS 1.3) and at rest (AES-256, provider-managed). HTTPS-only cookies, SameSite=Lax. Admin access protected by MFA. See also the platform disclaimer.

Contact

For data-protection queries, write to us via the Help page. We respond within 30 days, per Article 12(3) RGPD.

This policy is written in plain language for transparency and is not legal advice.