We are fully committed to protecting the privacy and personal data of all users who engage with our escrow services. This GDPR and Privacy Compliance Statement explains how we collect, store, process, and protect personal information in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).
The data controller responsible for handling your personal information is:
EXMON
(“we”, “us”, “our”)
We determine the purposes and means of processing personal data required for operating the escrow service.
For escrow functionality, we may process the following categories of data:
Account information (email address, username)
Transaction data related to escrow operations
Communication records between buyer and seller (for dispute resolution)
Verification data voluntarily provided for increasing trust
Technical information (IP address, device metadata, security logs)
We do not collect more information than necessary for providing secure escrow operations.
We process personal data strictly under the legal grounds defined in GDPR:
Article 6(1)(b) — processing necessary for the performance of a contract (escrow transactions).
Article 6(1)(c) — compliance with legal obligations (anti-fraud measures, record keeping).
Article 6(1)(f) — legitimate interests (security, dispute resolution, abuse prevention).
Article 6(1)(a) — explicit consent where applicable (voluntary verification, optional features).
Your data is processed solely to:
Provide escrow protection for buyers and sellers
Complete and manage transactions
Resolve disputes securely and fairly
Prevent fraud, abuse, and unauthorized activity
Comply with applicable regulations
Maintain account integrity and user security
We never use escrow-related data for advertising or unrelated profiling.
Personal data is stored only as long as necessary:
For active accounts — for the duration of service usage
For dispute logs and mandatory records — according to legal retention requirements
For voluntary verification — until the user withdraws consent
Data is deleted or anonymized once retention periods expire.
We implement strict technical and organizational measures to protect user information, including:
Encryption of sensitive data in transit and at rest
Access control and authentication systems
Abuse detection and fraud-prevention tools
Secure storage infrastructure
Regular audits and security monitoring
Only authorized staff members involved in escrow operations may access escrow-related data.
You have the following rights:
Right to access your data
Right to correct inaccurate information
Right to request deletion (“right to be forgotten”)
Right to restrict processing
Right to object to certain processing activities
Right to data portability
Right to withdraw consent where applicable
To exercise these rights, contact our support team.
We do not sell or share personal data with third parties except:
When required by law (regulators, lawful authorities)
When necessary to protect users against fraud
When essential for providing escrow operations (in minimal required scope)
We never share escrow details with advertisers or external marketing services.
If data is transferred outside the EU/EEA, we ensure protection through:
Standard Contractual Clauses (SCCs)
Adequacy decisions
Equivalent data protection safeguards
Your privacy remains fully protected regardless of the data storage location.
This GDPR and Privacy Compliance Statement may be updated to reflect changes in legal requirements or service functionality. All updates are published on our website with the latest revision date.
