Advertisement

Privacy Policy

Last updated:

Table of Contents

  1. Who We Are
  2. Data We Collect
  3. How We Collect It
  4. How We Use Your Data
  5. Data Sharing & Third Parties
  6. Cookies & Tracking
  7. Data Retention
  8. Security
  9. Your Rights
  10. Children's Privacy
  11. International Transfers
  12. Changes to This Policy
  13. Contact

1. Who We Are

GSMSharing ("we", "us", "our") operates GSMSharing.com, a platform for GSM technicians and enthusiasts to share firmware files, discuss devices, post repair jobs, and buy or sell services. This Privacy Policy explains how we handle the personal data of visitors and registered users of the Service.

2. Data We Collect

Account & Profile Data

  • Username, email address, and hashed password.
  • Optional profile picture, bio, country, and contact links you choose to add.
  • Technician profile details (specialties, location, experience) if you apply as a technician.

Content You Post

  • Forum posts, blog comments, file links, device listings, repair job descriptions, and any images or attachments you upload.
  • Messages sent through the platform's chat and messaging features.

Transaction Data

  • Credit purchase history, amounts, payment method type (not full card details), and transaction reference numbers.
  • Escrow transaction records for marketplace jobs.

Usage & Technical Data

  • IP address, browser type, operating system, and device type.
  • Pages visited, time spent, links clicked, and search queries made on the Site.
  • Error logs and performance diagnostics.

3. How We Collect It

  • Directly from you when you register, update your profile, post content, or contact us.
  • Automatically via server logs, cookies, and analytics tools when you interact with the Site.
  • From third parties such as Google OAuth if you use social sign-in, and NOWPayments for payment processing.

4. How We Use Your Data

We use personal data to:

  • Create and manage your account and authenticate your identity.
  • Operate the Service, process Credit transactions, and facilitate marketplace jobs.
  • Personalise content feeds and recommendations.
  • Send service-related communications (account confirmations, password resets, escrow notifications).
  • Detect and prevent fraud, abuse, spam, and illegal activity.
  • Improve the Site's performance, security, and features through analytics.
  • Comply with legal obligations.

We do not sell your personal data to third parties.

5. Data Sharing & Third Parties

We may share your data with:

  • Payment processors (e.g., NOWPayments, Stripe — when integrated) to process Credit purchases securely.
  • Cloud infrastructure providers who host and operate the Site under strict data processing agreements.
  • Analytics services (e.g., Google Analytics, privacy-configured) for aggregated usage analysis.
  • Law enforcement or regulatory authorities when required by law or in response to a valid legal request.
  • Other users — your username, profile picture, bio, and any public posts are visible to other users. Your email address is never publicly displayed.

Third-party service providers are contractually obligated to use your data only for the purposes we specify and to maintain appropriate security measures.

6. Cookies & Tracking

Essential Cookies

These are strictly necessary for the Service to function (e.g., login session, anti-forgery tokens). You cannot opt out of these while using the Service.

Analytics Cookies

We use analytics cookies to understand how visitors interact with the Site. This data is aggregated and anonymised where possible.

Advertising Cookies

We display ads via Google AdSense. Google may set cookies to show you relevant ads based on your browsing history. You can opt out via Google Ad Settings or by using a browser extension such as the Google Analytics Opt-out Browser Add-on.

Managing Cookies

Most browsers let you refuse or delete cookies through their settings. Disabling cookies may affect some functionality of the Site.

7. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data is retained until you delete your account, plus a 30-day recovery window.
  • Transaction and escrow records are retained for up to 7 years for financial compliance.
  • Server logs and IP data are typically purged after 90 days.
  • Content you delete is removed from public view immediately; residual copies in backups are purged within 60 days.

8. Security

We implement industry-standard technical and organisational measures to protect your data, including:

  • TLS encryption for all data in transit.
  • Hashed and salted password storage (ASP.NET Core Identity).
  • Role-based access controls limiting who can access production data.
  • Regular security reviews and dependency updates.

No system is perfectly secure. If you become aware of a security vulnerability, please disclose it responsibly via our Contact form.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data ("right to be forgotten").
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Portability: Request a machine-readable copy of your data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, withdraw that consent at any time.

To exercise these rights, please contact us. We will respond within 30 days. We may need to verify your identity before processing your request.

10. Children's Privacy

The Service is not directed at children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

11. International Data Transfers

Your data may be stored and processed in countries other than your own. Where we transfer data internationally, we take steps to ensure it receives an equivalent level of protection, including using standard contractual clauses approved by relevant data protection authorities where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the revised policy. We encourage you to review this page periodically.

13. Contact

For privacy questions, data requests, or to report a concern, please use our Contact form. We aim to respond to all privacy enquiries within 30 days.