Total compliance. Maximum security.
Develop your marketplace without regulatory risk.
Establish an absolute framework of trust for your users. From identity verification (KYC) to intelligent moderation of exchanges, Origami Marketplace equips you with essential control tools to protect your business, your sellers, and your buyers.
Onboard your sellers in full compliance, without friction.
Trust starts with knowing who is selling on your platform. Automate the collection of legal documents to meet PSP (Payment Service Provider) requirements and European directives (PSD2).
- Secure transmission to PSPs: documents are transmitted via API to your payment partner (Lemonway, Stripe, Mangopay…) for validation, without unnecessary sensitive storage on your servers.
- Seller autonomy: each seller has secure access to manage their profile, documents, and track their validation status (Verified / Pending / Rejected).
- Digital document collection (KYC):
→ For pro sellers (B2B/B2C): dedicated back-office interface for uploading registration certificates (Kbis), bylaws, bank details (RIB), and ID documents of ultimate beneficial owners (UBO).
→ For private sellers (C2C): simplified front-office journey for ID submission.
This approach adheres to the principle of data minimization, collecting and retaining only information strictly necessary for regulatory compliance.
Protect every account against fraud and unauthorized access.
Shield your community against identity theft and unauthorized access using current security standards.
- Two-factor authentication (2FA): raise the security level at registration and login. Whether for your buyers or sellers, enable code validation (email or SMS) to guarantee the user is indeed the account owner.
- Granular access management: the operator stays in control. Define who accesses what. Create seller accounts with limited permissions (e.g., a logistician sees only orders, not banking data).
- Action history: who validated this seller? Who modified this product? Trace all interventions by operators and sellers.
This access management also contributes to personal data protection by limiting sensitive information exposure to authorized users only.
Detect suspicious behaviors before they become a problem.
Fraudsters and spammers have no place on your marketplace. Our event engine monitors activity in real-time to block suspicious behaviors before they cause harm.
- Anti-spam & velocity: the system automatically limits the number of new interactions (conversations created) per day for the same user. Any excessive activity triggers automatic actions, instantly stopping massive spam or phishing attempts.
- Repetition detection: a user sends the same message 10 times (“Contact me on Gmail…”)? The behavior is identified, sending is blocked, and the profile is flagged for moderation via an automatic workflow.
- Prevention messages: display customizable contextual alerts in the messaging system (e.g., “Never make a payment outside the platform”). You educate your users at the critical moment of exchange, reducing risks before an incident occurs.
Keep control over content and user exchanges.
As an operator, you guarantee the quality of the offer and the courtesy of exchanges. Thanks to our event engine, your platform detects deviant behaviors and allows you to automatically apply the moderation rules you define.
- Configurable product moderation: let nothing pass without your approval. Define your own publication rules:
→ New sellers: a priori moderation (the product is published only after your validation).
→ Trusted sellers: automatic publication with a posteriori control. - Messaging moderation:
→ User reporting: give power to your community. A buyer can report abusive or fraudulent behavior in one click.
→ Operator intervention: access conversation history in case of a report to take necessary measures (warning, temporary or permanent ban).
Automate to manage better.
Don’t waste time manually validating every modification. Use our event engine: define that any price change under 10% is automatically validated, but any description or image change triggers a moderation alert.
Automate your invoicing, without regulatory error risk.
Offer your marketplace a unified invoicing system: issuance, deposit, numbering, automation, and compliance, all within a structured and controlled framework.
- Simplified invoice addition for sellers: sellers with their own system can easily add their invoices directly to orders to make them available to customers via the platform.
- Self-billing mandate: the marketplace can generate invoices on behalf of the seller for the end customer. Ideal for sellers without an invoicing tool, ensuring a uniform legal framework on the platform.
- Custom invoice numbering: define a prefix, suffix, and number of digits for each seller to produce a unique and structured sequence (e.g., MKP-0001-SELLER).
- Automatic invoicing trigger: invoice generation can be linked to your business rules: order paid, shipped, or validated. No manual action is required.
- Configurable invoice templates: the invoice template is customizable (legal mentions, logo, operator information) to adapt to your legal framework and brand image.
- Multi-channel availability: invoices are accessible in the seller back-office on each order, as well as in their dedicated invoicing space, sent by email, and downloadable on the customer side from the front-office.
- New in 2026: invoices issued by sellers must be established via an accredited platform (PDP).
Automatically apply the right VAT and commissions.
The marketplace integrates tax logic specific to platform models, where product sales and operator service provision coexist.
- Distinct product VAT / commission VAT management:
→ The seller collects VAT on the product sale.
→ The operator applies VAT on their commission (service provision).
→ Flows are clearly separated, reducing declaratory error risks. - Automatically generated commission invoices: for professional sellers, the platform automatically issues invoices corresponding to commissions taken by the operator. Amounts excluding tax, VAT, and inclusive of tax are detailed, facilitating seller accounting and VAT declaration on the marketplace service provision.
- DAC-7 standard compliance: Origami Marketplace makes available the DAC-7 declarations required by European countries to ensure tax compliance.
Protect your user data and respect GDPR.
Frame the use of personal data with technical and organizational mechanisms aligned with GDPR requirements.
- Data minimization: only information strictly necessary for operation (KYC, transactions, messaging) is requested, limiting your regulatory exposure.
- Non-storage of unnecessary sensitive documents: KYC documents can be transmitted directly to PSPs via API, without superfluous retention on your servers.
- Data access partitioning: each role (operator, seller, support, logistician) accesses only information necessary for their mission.
- Access and action logging: all sensitive consultations and modifications are historically recorded, allowing usage audits in case of control or incident.
- Account and exchange security: strong authentication, connection control, and behavioral monitoring strengthen personal data protection.
- Controlled legal data retention: data necessary for accounting, tax, or anti-fraud obligations can be retained according to your rules, while remaining identified and justifiable.
Manage user rights and data governance.
Origami Marketplace provides the operator with tools necessary to respect data subject rights provided by GDPR and frame the data lifecycle.
- Right of access and rectification: the operator can view and modify user data (customers, sellers, operators) from the back-office.
- Right to erasure (right to be forgotten): possibility to delete a user account and associated data upon request, via administration tools.
- Account lifecycle management: creation, deactivation, and deletion of users controllable by the operator.
- Data access limitation: fine-grained role and permission management ensuring only authorized persons access information necessary for their mission.
- Data portability and reversibility: configurable data export (customers, sellers, orders, products, offers) via CSV files, allowing response to portability requests and ensuring platform reversibility.
- Controlled retention periods:
→ User personal data: limited retention (e.g., 3 years maximum, adjustable according to operator policy).
→ Accounting data and invoices: retention according to legal obligations in force (minimum 10 years in France/EU).
Compliance must not be an option.
PSD2, GDPR, VAT Fraud… Don’t let regulatory risks endanger your activity. Discover how Origami Marketplace automates this to help you.
