Onegrid Privacy Policy

This OneGrid Privacy Policy governs the collection, storage and use of your personal data as Users of our Platform/website (either Buyers or Sellers, see our Terms and Conditions by us, OneGrid. It provides you, as a user of the website, with details about the personal data we collect from you, how we use it and your rights to control personal data we hold about you. Any future updates will be posted on this page.

1. Who we are

OneGrid is a limited liability company organised under the laws of Belgium having its registered offices at Carnegielaan 37, 3500 Hasselt ("OneGrid", "us" or "we"). As data controller, we respect your right to privacy and will only process personal data you provide to us in accordance with applicable data protection laws and as described in this policy. Applicable data protection laws include (i) the General Data Protection Regulation (Regulation 2016/679) (“GDPR”); and (ii) all other existing or new applicable laws relating to or impacting on the processing of personal data of a living person and privacy.

If you have any questions, you can contact us by writing to the above address or by sending an e-mail to

2. The personal data we collect about you and the purposes for which we collect it

Below you will find an overview of:

Categories of personal data

Purpose(s) for processing

Legal basis for processing


Profile info (username, profile picture, personal description)
Allow users to publicly share info about themselves
Contact details (name, surname, e-mail address, location)
Payment of an NFT Allowing you to enter into a contract (Connecting Buyers to Sellers)
Article 6.1 (b) GDPR – necessary for the performance of a contract
Account details (wallet address, email address)
Allowing you to enter into a contract (Connecting Buyers to Sellers)
Article 6.1 (b) GDPR – necessary for the performance of a contract; or necessary to entering into a contract
Wallet details (bank details, Wallet details)
Payment of an NFT Invoicing and accounting purposes
Article 6.1 (b) GDPR – necessary for the performance of a contract
Details of your visits to our Platform and the information that you access
a) Correct performance of our Platform b) Improving our Platform and services c) Analysing and identifying the regularity of the use of our Platform
Article 6.1 (b) GDPR – necessary for the performance of a contract & Article 6.1 (a) GDPR – your consent (to cookies – see our Cookies Policy)
Browser and operating system data (including IP address)
Correct performance of our Platform: assessing the security and stability of our Platform, ensuring its comfortable and correct use
Article 6.1 (b) GDPR – our legitimate interests to improve our services and to give quality services
Onegrid Privacy Policy

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

3. How we share your personal data and who we share it with

3.1 Principle

We will not sell, rent or otherwise disclose your personal data to any third party, except as described in this policy.

3.2 Subsidiaries/affiliated companies and third party processors

We may provide your personal data to third party processors to process personal data on our behalf for the purposes set out above. These parties are required to process such information based on our instructions and in accordance with this policy.

The third party providers to whom we may disclose your personal data are: Stripe, Crossmint, Torus Labs, Thirdweb.

3.3 Compliance with laws and legal proceedings

We may disclose your personal data where:

3.4 Other recipients

We may also disclose your personal data to the artist or creator of whom you directly purchased a digital asset.

4. How long do we keep your personal data?

We will hold your personal data as long as it is necessary to comply with our legal obligations (including bookkeeping, social and tax obligations) or to resolve disputes and/or enforce our agreements.

5. International transfers

In connection with the above-mentioned purposes, we try to avoid as much as possible the transfer of personal data that we collect from you to third party data processors located outside the European Economic Area.

When we transfer personal data that we collect from you to third party data processors located in countries that are outside of the European Economic Area and which do not offer an adequate level of protection, we ensure the use of appropriate data transfer tools such as the entering into of the standard contractual clauses issued by the European Commission. You may always e-mail us at for further information about this.

[You acknowledge and agree – via the appropriate checkboxes on the Platform – that your wallet address, your e-mail address, and your optional provided profile info may be visible to other users that may be located in countries outside of the EEA and which do not offer an adequate level of protection.]

6. Security

We take appropriate technical and organisational measures to safeguard the personal data that you provide to us against unauthorized or unlawful processing and against accidental destruction, loss or damage.

7. Your rights

You have the following rights as a data subject:

You can exercise these rights at any given time by emailing us at You also have the right to lodge a complaint with the Data Protection Authority, by post to 35 Rue de la Presse, B-1000 Brussels, by e-mail to, or by telephone at +32 2 274 48 00.

If you have any question about this privacy policy and/or how we collect, store and use your personal data, you can email us at


Last updated on [Sept. 8, 2023]