Data Security

How we protect your account, payment, and order data.

Account credentials

Authentication is handled by Supabase. Passwords are hashed with bcrypt before being stored — GermanMarkt never stores or sees your raw password. Sessions live in HTTP-only cookies and refresh automatically.

Payment data

GermanMarkt is cash on delivery: you pay the delivery partner in EGP when the box arrives. We do not collect, store, or transmit card numbers, CVVs, bank-account details, or any other payment credentials. There is no payment processor in the loop — the order record simply tracks the COD amount due and whether the cash has been handed over.

Order data & receipts

Shipping addresses, phone numbers, and order receipts are stored in our Supabase database with row-level security: only you, the courier currently handling your order, and our admins can read them. Internal cost data is never exposed to the buyer.

Audit logging

Every status change, dispute, refund, and admin action is recorded in an append-only audit log so disputes can be reviewed with complete chain-of-custody.

Questions? Email support@gm-egy.com.