A working notice-and-action endpoint. Statement-of-Reasons filings on every moderation call. Trader verification (KYB) for every seller. Annual transparency reports Brussels actually accepts. Plus the GPSR responsible-person line on every physical-goods listing. We run the Trust & Safety backbone while you run the marketplace.
The DSA creates distinct duties for hosting services, online platforms, and marketplaces. Here's the marketplace-specific set — every one of which we operate as a service.
Every non-EU platform providing services to EU users must designate a single point of contact for authorities, in writing, with a public address. First item any DSC will ask about.
A public, working URL where anyone can notify illegal content. Every notice must be acknowledged, reviewed, and responded to — timely, in writing, with reasoning.
Every time you take down a listing, demote, suspend a seller, or restrict a user — you owe them a written Statement of Reasons. It also gets filed in the public EU SoR database.
Collect and verify identity, business, and contact information for every trader before they list. Maintain a public trader transparency page. Notify buyers if a trader is found non-compliant.
Published report covering volumes of notices, orders received, moderation actions, automated tools, average response times, trusted flagger activity. We draft, you review, it publishes.
Physical-goods marketplaces (Amazon-shape, eBay-shape) need an EU responsible person named on the listing — per regulation, with working contact details. Triggers delisting if missing.
Every Art. 16 notice follows the same lifecycle. We operate it. Your moderation team makes the calls; we handle the legal artefacts and public filings on either side.
Submitted via your hosted Art. 16 endpoint. Timestamped, categorised, acknowledgement sent to the notifier within 24 hours.
Spam / obvious-abuse filtered. Valid notices routed to your moderation queue with supporting context, precedent, and deadline attached.
Your team makes the call (leave, remove, demote, restrict, age-gate, geo-block). We draft the rationale in Art. 17 SoR format with your input.
Statement of Reasons published to the EU transparency database within 2 hours of decision. Parties informed in writing with clear internal-appeal and ODR instructions.
Every notice / decision feeds your Art. 15 transparency report, pre-aggregated and ready to publish at the half-year mark.
The endpoint is the public interface. We host it as /dsa/notice on your domain so it looks native. The form accepts the information Art. 16 requires — identifying the notifier, the content, the legal basis. Nothing more, nothing less.
You make the moderation call. We don't decide whether a listing stays up or comes down — that's your judgement, your platform, your policy. What we operate is the legal packaging: the triage queue that surfaces the right notices, the Art. 17 format for the written rationale, the 2-hour filing window to the SoR database.
The transparency report writes itself. Every notice, every decision, every response time feeds a live transparency dashboard. When the Art. 15 deadline lands, we export the report — 30+ metrics, year-on-year comparison, Commission-format ready — and you publish it on your trust centre the same day.
DSA is the core. GDPR applies to every platform. GPSR is required if you host physical-goods listings. One bundle, one invoice — no hourly law firm on Trust & Safety retainer.
Article 13 rep · hosted notice endpoint · Statement-of-Reasons filings · annual transparency report.
Article 27 rep. Traders, buyers, sellers, reviewers, sub-processors — your DSR traffic is higher than a SaaS.
Hosted trust hub · DSR inbox · sub-processor list · versioned policies. Usually co-located with your notice endpoint.
Article 16 responsible person on every physical-goods listing. Triggers marketplace-level delisting if missing.
Marketplaces at scale almost always cross the "large-scale systematic monitoring" threshold that makes a DPO mandatory.
Online marketplaces are listed in Annex II, so NIS 2 may apply depending on headcount and turnover. We'll check on the call.
Yes. The DSA applies to any hosting service providing services to EU users, from day one. VLOP / VLOSE thresholds (45M MAUs) trigger additional obligations — risk assessments, crisis protocols, external audits. But the Art. 13 representative, notice-and-action endpoint, and Statement-of-Reasons obligations apply to everyone regardless of size.
Yes — Art. 16 specifically requires a mechanism for anyone, including non-users, to notify illegal content. A logged-in support form doesn't satisfy it. We host a dedicated endpoint on your domain that accepts the Art. 16 elements in a legally-compliant structure.
Before a new trader lists, they submit identity, VAT / business registration, and contact details. We verify against the official business registers (per country) and run sanctions screening. High-risk traders get a manual review step. Every verified trader appears on your Art. 31 public trader transparency page.
Yes, it is. Every SoR is published to the EU's central DSA Transparency Database (within 2 hours of the decision for most cases). Parties also get a private, detailed SoR. The public DB version is redacted — decision, reason, legal basis — but the direct version is the one the user or trader sees.
The policies themselves — yes, in plain language, in your T&Cs. The specific enforcement thresholds, automated classifier weights, internal playbook — no. Art. 14 asks for "clear, unambiguous, intelligible" T&Cs plus information about moderation practices. Our drafts walk the line carefully.
Intermediary ($499/mo) covers classic hosting: Art. 13 rep + basic notice endpoint + annual transparency. Platform ($1,499/mo) adds trader KYB, SoR filings at scale, higher-volume notice SLA, and H1 + H2 transparency. Most marketplaces want Platform tier — Intermediary fits simpler hosting services.
30-minute discovery call. We'll map your marketplace shape, classify your DSA tier, and scope the Trust & Safety stack in writing.