Privacy Policy

Agreement: means the agreement or other legal relationship, governed by and including these terms, conditions and policies, including the exhibits, between Provider and any third party regarding the access to and use of the Services, the Wallet Services or the Platform. Confidential Information: means information regarding Provider's products or services, including but not limited to the Services, Wallet Services, Platform, documentation, software, trade secrets embodied therein and any other written or electronic information that is either (i) marked as confidential and/or proprietary, or which is accompanied by written notice that such information is confidential and/or proprietary, or (ii) not marked or accompanied by notice that.

it is confidential and/or proprietary but which, if disclosed to any third party, could reasonably and foreseeably cause competitive harm to the owner of such information. Is not considered to constitute confidential information: (a) the existence of the contract; (b) the information that is part of the public domain, without intervention or fault of the party that received it; (c) the information legally obtained from a third party that is not bound to any obligation of confidentiality or legal reserve; (d) the information legitimately known by one of the parties before its transmission in the context of the contract.

Credits: means the credits, a virtual voucher or token, to be used exclusively on the Platform as consideration for transactions regarding the exchange of digital items between Users of the Platform.

Cryptocurrency: a digital representation of value that is not issued or guaranteed by any state central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by (legal) persons as a means of exchange and which can be transferred, stored and traded electronically, such as Bitcoin.

Fault: has the meaning set forth in Article 10.

Force Majeure: means any event or situation that is not reasonably foreseeable, beyond the reasonable control of a party, that cannot be reasonably avoided or overcome, and that makes it impossible for such party to fulfil, temporarily or permanently, its obligations hereunder in accordance with the terms of the Agreement. Force Majeure may include (but shall not be limited to) the following events: a pandemic, war or an act of terrorism, sabotage or act of vandalism, telecommunication malfunctions, ISP downtimes, malware that reasonably could not be contained through the use if safety measures in line with industry standards (firewalls, virus scanners, etc.).

Intellectual Property Rights: means any intellectual property right or other (property) rights throughout the world, in all media, now existing or created in the future, for all versions and elements, in all languages, and for the entire duration of such rights, arising under applicable law, contract, or otherwise, and whether or not registered, registrable or perfected, including rights in and to all inventions, discoveries, utility models, patents, reissues of and re-examined patents, or patent applications (wherever filed and wherever issued, including continuations, continuations-in-part, substitutes, and divisions of such applications and all priority rights resulting from such applications) now existing or hereafter filed, issued or acquired; rights associated with works of authorship, including database rights, copyrights, moral rights, copyright applications, copyright registrations, synchronization rights, mask work rights, applications and registrations; rights in computer software and programs, source codes, or business methods; rights in materials; rights associated with trademarks, service marks, trade names, internet domain names, business names, logos, trade dress and the applications for registration and the registrations thereof; rights relating to the protection of trade secrets, know-how and/or other Confidential Information; design rights, whether registered or unregistered; and rights analogous to those in this definition and any and all other proprietary rights relating to intangible property.

Personal Data: means any information relating to an identified or identifiable natural person.

Platform: means the 1/1digital marketplace, created and administered by Provider for the purpose of facilitating transaction between Users with regard to digital items.

Provider: means1 of 1 DMP, or any of its successors under applicable law, a company incorporated and existing under the laws of US, with offices at 11676 Behlke Rd SE Fife Lake, MI 49633 and registered in the US with EIN: 86-2766151

Services: means all services, including any related products or deliverables, provided by Provider to a third party, including in particular Wallet Services and Services related to the Platform.

Term: means the duration of the Agreement.

Transaction: means a transfer of Credits or of any Cryptocurrencies facilitated through Wallet Services.

Wallet: means Provider's client software, a digital Cryptocurrency 'wallet' including but not limited to the iOS, Android and web-based versions thereof, and all materials related to such applications owned and developed by Provider and accessible by a User, in connection with the Services.

Wallet Services: means any service provided by the Provider in relation to the Wallet.

Website: means the website and https://1of1.nft and any other websites, including sub-domains, owned or operated by Provider from time to time.

User: means any third party that uses or is the beneficiary of any of the Services provided by Provider, including in particular the use of Wallet Services and of the Platform.

Privacy and Data Protection.

1. Scope

This Exhibit 2 “Privacy and data protection” includes Provider's terms and conditions in respect of the processing of data (hereafter "Privacy Terms"). These Privacy Terms apply to Users and to any visitor of the Website or Platfom. They govern any processing of personal data in relation to the Services, Website or Platform. The processing of personal data under this Agreement is also subject to the provisions of the General Data Protection Regulation.

2. Entity responsible for processing User’s personal data.

Provider is, when it collects and processes User’s personal data, the controller for the processing of this data.

3. Data being processed.

The following information may be collected, processed and stored by Provider:

Directly identifying information may be processed by Provider, if User has provided Provider with this information (for example by communicating with Provider). User is not obliged to provide Provider this information or to agree with the processing thereof. However, in certain cases such communication will need to take place to ensure proper service provision or to comply with applicable laws.

In this context Provider:

a1) will process information required for the performance of the contract, such as: User’s surname and first name, address, nationality. User’s email address, User’s phone number, User’s VAT number, User’s financial information.

a2) may process personal information required by law in the context of its “know your customer” obligations. In case User is a natural person: its surname, first name; date and place of birth, address; nationality; a copy of user’s identity card or passport. In case User is a legal person the following personal information may be processed: for each member of the board of directors, the above listed personal data for natural persons and for each ultimate beneficiary person(s), the above listed personal data for natural persons.

a3) may process information voluntarily provided by User and used by Provider to increase security and verify user’s identity; including for example a copy of user’s utility bills.

Provider may process certain information in the course of visits to the Website, Platform or other internet-based Services, in particular:

b1) information concerning the pages that were consulted and the activities User’s have undertaken via the Website, Platform or Wallet.

b2) identification information Users have provided voluntarily (for example by registering on the Website, Platform or subscribing to newsletters);

b3) certain non-directly identifying data, such as the type of browser or operating system that is used, the IP address or the technologies use for accessing the Website or Platform.

4. Purposes of the processing.

Provider can process personal data for (one of) the following purposes, based on one or more legal grounds:

To ensure the provision of the Services, User’s information will be used to create his account and his Wallet, to verify his identity and his status as contract party in the course of his use of the Wallet and Platform (in particular in case of recovery of his private key or to reset his login or pin code) or for performing our Services in the context of Transactions (and amongst others when you contact our service desk). Provider processes this data based on the legitimate interest it has in providing the Services in compliance with the agreement.

To comply with “know your customer” obligations imposed by law, the information under (A) above may be processed with a view to performing know your customer obligations imposed by law and any related reporting obligations. Provider processes this data based on the legitimate interest it has in complying with the law.

To ensure the technical and functional management of the Website and Platform and the provision of the ordered Services, the information under B) may be processed to ensure the good functioning of the Website, Platform and the Services and to enhance their use. Provider processes this data based on the legitimate interest it has in providing a good functioning Website and Services.

To inform Users about our events, about developments related to subjects that might be of interest to Users and about our services, or for direct marketing purposes, Provider processes the data under (A) and (B) based on his explicit consent and Provider's legitimate interest to keep its clients informed of its activities and services.

To answer User’s questions and job inquiries, Provider processes the data under (A) or (B) based on User’s explicit consent, User’s contractual relationship with us or his request to take steps prior to entering into a contract.

5. Third-party access to User’s personal data.

Provider may rely on the services provided by third parties to perform certain (processing) activities. Provider uses in the context of its Services servers that are rented from a third party and that are located at the premises of this third party. This third party has no access to the data hosted on these services. Provider may provide User’s data as mentioned under A.2 to a subcontractor who will provide to Provider the services of performing the know-your-customer verifications based on Provider's instructions. User hereby agree to the provisions of his data mentioned under A.2 to such a subcontractor for the purpose mentioned.

Provider may, upon User’s request and with his consent, transfer User’s personal data under 4.A) to third parties in the context of the integration of User’s Wallet with other IT-applications. In this case, User will be requested via appropriate technical means to provide his consent with such transfer and User will conclude directly with such third party the required data processing agreements. Provider will enter into the necessary processing agreements with these third parties (if required) and will use its best efforts to ensure that they contain similar provisions on data protection as contained in this Privacy Policy and that they guarantee the same level of security and confidentiality of his personal data. Provider does not provide any personal data to other third parties, except if required by law or by an order of a competent court or regulatory authority to do so.

6. Protection and storing of User’s personal data.

Provider undertakes to implement the security measures, which can reasonably be expected in order to protect User’s personal data from destruction, loss, modification or any other unauthorized processing.

In particular, Provider will amongst others implement the following security measures:

A) Technical security measures

User data is stored on a server with no public IP address. Only specific servers are able to contact this server in a separate private network.

SSH connection to public servers can only be done from the (virtual) private network of Venly. User passwords are always hashed (not stored in plain text). User data is stored in a database with access control and all user data (which is inside the database) is encrypted at rest.

B) Operational security measures.

Access to user data is restricted to certain team members and can be revoked at any time. Provider will not store any of User’s personal data any longer than is necessary for the specific purposes for which it is stored, taking into account Provider's contractual and legal obligations with regard to this data and Provider's mission to correctly answer customer questions and to provide the Services in compliance with the Agreement.

7. Exercise of personal rights related to User’s personal data.

User have the following rights in respect of User’s personal data being processed by Provider:

- the right to request free access to the personal data processed;

- the right to request the correction or removal of User’s data;

- the right to request a restriction of the processing;

- the right to request the portability of User’s data; and

- the right to object to the processing of User’s personal data (in the case of direct marketing without any substantiation).

In case the processing of your personal data is based on your consent, User has the right to revoke this consent at any time. However, such a revocation does not affect the lawfulness of any processing prior to this revocation.

If User intends to use any of its above mentioned rights, please do so by directing User’s request to or by a letter to Provider (see address below). Provider cannot handle User’s request without proof of User’s identity and the applicable legislation may impose conditions on exercising the above rights.

Provider will request a copy of User’s identification document as proof that User are indeed concerned by the personal data and thus entitled to rights mentioned above.

Provider will use its best efforts to respond to User’s request without undue delay after receipt of User’s request.

User should bear in mind that Provider will not always be obliged to comply with a request for access, correction, removal or transfer, taking into consideration the requirements related to the establishment, exercise or substantiation of a legal claim or the legitimate exercise of the right of freedom of expression and / or information.

User also has the right to file a complaint with the Data Protection Authority. Such a complaint can be filed either by post directed at 11676 Behlke Rd SE Fife Lake, MI 49633

8. Cookies

1 of 1 may use "cookies" when You visit the Website. A cookie is information sent from a webserver to your web-browser, and which is placed on your hard-drive. Cookies permit our website to recognize future visits using your computer. Cookies enhance the convenience and use of our website. You may choose to decline cookies if your browser permits, but doing so may affect your use of the Website and your ability to access or use certain web features. We will use the following cookies:

A) Functional cookies

Provider uses functional cookies, Keycloak, which save the session-ID as well as the information consulted during the session. They are necessary to ensure the adequate functioning of our website. These cookies make sure You will be timely and correctly provided with the information desired each time You will visit the Website. We do not request Your consent for using these functional cookies. The information gathered through these functional cookies shall not be passed on to any third party.

B) Analytical cookies

Analytical cookies, the _ga and _gid cookies of Google Analytics enable Provider to analyze the use that is being made of the Website. They allow us, for example, to register how frequently the Website is being visited by different visitors, through which pages users access the Website and which pages of the website are visited most. The device You use to visit the Website, is accorded a randomly generated identification number, which is used by Google's servers to compute the statistics. Google will not use the generated identification number for its own purposes and will not link it to other data in its possession. Provider shall not install tracking cookies without requesting Your prior consent.

C) Tracking cookies

Tracking cookies allow Provider to monitor your online activities on the Website. They enable Providers and advertisers to provide You with personalized online advertisements and tailormade content based on your online activities on the Website. Provider shall not install tracking cookies without requesting Your prior consent.

D) Social media plug-in cookies

Social media plug-in cookies are used to enable Provider to display content of social media on the Website. Provider shall not install social media cookies without requesting Your prior consent. Please consult the applicable cookie and privacy policies and settings of the respective social media providers you give consent to.

9. Contact details

For any questions regarding this policy or your rights hereunder, please contact:

11676 Behlke Rd SE Fife Lake, MI 49633


10. Template cancellation form.

Any cancellation or withdrawal must be sent to the registered address of provider. The template cancellation for is included below.

I hereby give notice that I withdraw from my contract for the following:


- Ordered on [INSERT DATE] / received on [INSERT DATE]

- Name of user;

- Address of user;

- Email address of the user (optional);

- Date;