Page

Privacy Policy

Privacy Policy – Boosting24 Marketplace

Last Updated: January 2026

1. Introduction

This Privacy Policy explains how GGREADY Sp. z o.o. (“Boosting24”, “we”, “us”) collects, uses, stores, and protects personal data when you use the Boosting24 marketplace available at www.boosting24.com (“Platform”).

Boosting24 is a marketplace connecting Clients with independent Boosters/Coaches (“Freelancers”). We are committed to transparency and privacy-by-design and process personal data in accordance with the GDPR and other applicable laws.

2. Data Controller

GGREADY Sp. z o.o.
KRS: 0001214856 | NIP: 7011292984 | REGON: 54361155900000
Address: Aleje Jerozolimskie 148, 02-326 Warsaw, Poland
Email: [email protected]

3. Scope & Consent

This Policy applies to the Platform and related services where this Policy is referenced.

Using the Platform means you acknowledge this Policy. Where the law requires consent (e.g., for certain cookies/marketing), we collect it separately (e.g., via cookie banner or opt-in checkboxes). You can withdraw consent at any time (this does not affect processing done before withdrawal).

4. Personal Data We Collect

4.1 Account & Profile Data

  • Username / nickname
  • Email address
  • Avatar, bio, languages
  • Account settings and preferences

4.2 Communication Data (Chat, Order Messages, Support)

We collect content and metadata of communications made through the Platform, including:

  • Client ↔ Booster chat
  • Order thread / messages under an order (where admins may also post)
  • Dispute-related correspondence
  • Support tickets and emails

Admin access: Our admins may access chat/order history when necessary for security, fraud prevention, dispute resolution, and support.

4.3 Transaction & Technical Data

  • Order identifiers, service status, timestamps
  • Payment-related records (without card details), including commission-related records and service fee records
  • Device information, browser data, IP address
  • Security and server logs
  • Basic analytics events (where permitted)

4.4 Public Booster Profile Data

To ensure marketplace transparency, Booster profiles may be visible publicly and can include:

  • Nickname, avatar, bio
  • Rank, languages
  • Order statistics (e.g., success rate), review history and ratings
  • Review text/comments from clients
  • Recent activity indicators

4.5 Game Access Data (Credentials)

Some services (e.g., “solo/account access” services) may require the Client to provide game account access data (such as login, password, tokens, or similar credentials).

  • How it works: Clients may enter credentials inside the Platform after ordering a service that requires access. These credentials are stored in our database and displayed to the selected Booster within that order.
  • Purpose limitation: We process and store these credentials only to enable the ordered service to be delivered.
  • Access controls: Credentials are restricted to the Client, the selected Booster for that order, and—where necessary—admins handling security/support/disputes.
  • Security recommendation: We strongly recommend using a temporary password during the service and changing it immediately after completion.

Important: If you choose a Booster outside the EEA, you acknowledge that access data necessary to perform the service will be shared with that Booster as part of contract performance (see Section 12).

5. Payments & Financial Data (Stripe)

All payments on Boosting24 are processed through Stripe (including Stripe Connect for Boosters).

  • We do not store full card numbers or sensitive payment authentication data.
  • Boosters complete KYC/identity verification directly with Stripe.
  • We may store payment status, transaction identifiers, commission records, and service fee records for operational, legal, and accounting purposes.

By placing an order that requires game account access, the Client acknowledges and agrees that providing game account credentials is necessary to perform the selected service. The Client explicitly consents to the processing and storage of such credentials solely for the purpose of fulfilling the service and understands that access will be granted only to the selected Booster and, where necessary, authorized Boosting24 administrators.

6. Why We Process Data (Purposes)

We use your data to:

  • Provide and operate the marketplace (accounts, orders, offers, communication)
  • Enable secure messaging and order delivery
  • Process payments and manage commission/service-fee records
  • Prevent fraud, enforce rules (including “no off-platform payments”), and secure the Platform
  • Handle disputes, complaints, and support
  • Maintain public Booster profiles and review integrity
  • Run analytics and marketing (only where lawful and/or consented)
  • Comply with legal obligations (tax/accounting/DAC7 where applicable)

7. Legal Bases (GDPR)

We process personal data under the following legal bases:

  • Contract performance (Art. 6(1)(b)) – to run the Platform and fulfill orders
  • Legal obligation (Art. 6(1)(c)) – tax, accounting, and reporting obligations (including DAC7 if applicable)
  • Legitimate interests (Art. 6(1)(f)) – security, fraud prevention, dispute evidence, platform integrity, enforcing rules (including preventing off-platform payments), and improving services
  • Consent (Art. 6(1)(a)) – marketing, optional cookies, and certain analytics where required

8. Chat Monitoring, Fraud Prevention & Disputes

To protect users and the marketplace model, we may review chat/order messages when needed to:

  • Prevent scams, account abuse, and off-platform payment attempts
  • Investigate suspicious activity
  • Resolve disputes and provide evidence-based mediation
  • Enforce our Terms and Community Rules

We do not use this to “read everyone’s messages for fun” — access is purpose-driven and restricted.

9. Marketplace Roles: Boosters as Independent Controllers

Boosters/Freelancers are independent service providers. In many cases, they process data they receive to perform the service (including game access data) and may act as independent data controllers for that processing. They are responsible for handling that data lawfully and securely.

10. Cookies & Tracking Technologies

We use:

  • Necessary cookies (security, login, core functionality)
  • Analytics cookies (e.g., Google Analytics)
  • Marketing/ads cookies (e.g., Google Ads; Meta/TikTok planned)

Where required, we show a cookie banner and allow you to manage or withdraw consent. Some features may not work properly without necessary cookies.

11. Automated Decision-Making

Boosting24 does not use automated decision-making or profiling within the meaning of Art. 22 GDPR that produces legal effects or similarly significantly affects you.

12. International Data Transfers (Including Boosters Outside the EEA)

Boosting24 is available globally. Data may be transferred outside the EEA in two main scenarios:

  1. You choose a Booster located outside the EEA, and data required to perform the service (including game access data if applicable) is shared with that Booster.
  2. We use service providers that process data outside the EEA.

Where required, transfers are protected using appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs), and/or
  • Derogations for contract performance at your request (Art. 49(1)(b) GDPR), where applicable.

13. Data Retention

We retain data only as long as necessary for the purposes described above, including:

  • Account data: up to 1 year after account closure (unless legal obligations require longer)
  • Transaction, commission/service-fee & tax/accounting records: 5 years (or longer if required by law)
  • Chat/order communications: retained according to EU-standard safety practices and longer where needed for disputes, fraud prevention, or legal claims
  • Technical logs: rotated and retained for limited periods based on security standards

14. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Rectify inaccurate data
  • Delete data (where applicable)
  • Restrict processing
  • Object to processing (where applicable)
  • Data portability (where applicable)
  • Withdraw consent (for consent-based processing)

To exercise rights, contact [email protected]. We respond within one month (GDPR standard). You may also lodge a complaint with your local data protection authority; in Poland, this is the President of the UODO.

15. Minors

The Platform is intended primarily for users 18+, unless local law and Stripe verification allow otherwise. Boosting24 relies on Stripe’s verification processes and applicable local rules (including parental consent where required) for eligibility.

16. DAC7 Reporting

Boosting24 may be required to report certain information about Boosters (Freelancers) to tax authorities under EU DAC7 rules. Seller verification and relevant information are primarily collected through Stripe, and we may use available Stripe-provided data to meet reporting obligations.

17. Security

We use industry-standard technical and organizational measures to protect data, including access controls, encryption where appropriate, monitoring, and least-privilege permissions.

Best practice for Clients: use a temporary password during services requiring account access and change it immediately after completion.

18. Changes to This Policy

We may update this Policy from time to time. Updates become effective upon publication on the Platform. If changes are material, we may also notify users via email or in-app notice.