Privacy Policy
1. Controller
The controller responsible for the processing of personal data on this platform within the meaning of the General Data Protection Regulation (GDPR) is:
VerdantGrounds Solutions gUG (haftungsbeschränkt)
Nullbrede 22A
32760 Detmold
Deutschland
Telefon: +49 152 24903250
E-Mail: legal@marketplace.verdantgrounds.org
Contact for Data Protection Matters
For all matters relating to data protection and to exercise your data subject rights, you can reach us at: legal@marketplace.verdantgrounds.org
2. General Information, Terms and Legal Bases
We take the protection of your personal data very seriously and treat it confidentially and in accordance with the statutory data protection regulations and this privacy policy. Personal data is any data with which you can be personally identified.
Legal Bases for Processing
We process personal data on the basis of the following legal bases under Article 6 GDPR:
- Article 6 (1) (a) GDPR (consent), insofar as you have given us your consent
- Article 6 (1) (b) GDPR (performance of a contract), to provide the user account and platform services
- Article 6 (1) (c) GDPR (legal obligation), to fulfil statutory obligations
- Article 6 (1) (f) GDPR (legitimate interest), in particular for the security and stable operation of the platform
3. Hosting and Server Log Files
We host the content of our platform with netcup GmbH, Daimlerstrasse 25, 76185 Karlsruhe, Germany. The servers are located in Germany or within the European Union. We have concluded a data processing agreement pursuant to Article 28 GDPR with the provider.
Server Log Files
Each time the platform is accessed, information is automatically collected in so-called server log files that your browser transmits. These are generally: browser type and version, operating system used, referrer URL, host name of the accessing computer, time of the server request and the IP address. This data is not merged with other data sources. The collection is based on Article 6 (1) (f) GDPR; we have a legitimate interest in the technically error-free presentation and the security of the platform. The log files are generally deleted after approximately 30 days.
4. SSL / TLS Encryption
For security reasons and to protect the transmission of confidential content, this platform uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line. When encryption is activated, the data you transmit to us cannot be read by third parties.
5. User Account, Registration and Login
To use certain functions, you can create a user account. Login is possible via magic link (a login link sent to your email address) and via wallet login using an XRPL wallet address.
Data Processed
Depending on the login method chosen, we process in particular:
- your email address (for magic link login)
- your XRPL wallet address (for wallet login)
- optional information provided by you such as name or organization name
- the time of registration and of logins
The purpose of processing is the provision and administration of the user account and your authentication. The legal basis is Article 6 (1) (b) GDPR (performance of a contract) and, with regard to login security, Article 6 (1) (f) GDPR. We store the data for as long as your user account exists. After deletion of the account, the data is deleted unless statutory retention obligations apply.
6. Project and Contact Inquiries
When you contact us or project sponsors via a contact form or a project inquiry, we process the information you provide (e.g. name, email address, content of the inquiry) in order to handle your request. If your inquiry is directed at a project sponsor presented on the platform, the inquiry may be forwarded to the respective project sponsor so that they can respond to your concern. The legal basis is Article 6 (1) (b) GDPR or Article 6 (1) (f) GDPR. The data is deleted once your inquiry has been dealt with and no statutory retention obligations exist.
7. Live Chat
On the platform we offer a chat widget through which you can send us messages. The content you enter in the chat (message text and any contact details you provide) is transmitted to the messenger service Telegram in order to process your concern. This may involve a transfer to third countries outside the EU or EEA; a level of protection corresponding to the European level of data protection cannot be guaranteed in every case (notice pursuant to Articles 44 et seq. GDPR). To prevent abuse, a captcha check (hCaptcha) may be carried out before sending. The legal basis is Article 6 (1) (f) GDPR (legitimate interest in efficient communication) or Article 6 (1) (a) GDPR insofar as you consent to its use. Please do not transmit any particularly sensitive data via the chat.
8. hCaptcha
To protect our forms against automated access and abuse, we use the hCaptcha service. In doing so, technical information (in particular your IP address as well as interaction and device information) is transmitted to the provider and evaluated in order to distinguish between human users and automated requests. This may involve a transfer to third countries. The legal basis is Article 6 (1) (f) GDPR; our legitimate interest lies in the security and functionality of the platform.
9. Investment / Support Function and Blockchain
When using the investment or support function, we process the transaction and wallet data required for processing (in particular wallet addresses, amounts and timestamps). The legal basis is Article 6 (1) (b) GDPR (performance of a contract).
Important note on the blockchain: The XRP Ledger (XRPL) is a public, decentralized blockchain. On-chain data such as wallet addresses, transaction amounts and timestamps are permanent and publicly visible to anyone. Data once stored on the blockchain is immutable by design and cannot technically be deleted or reversed. This is inherent to blockchain technology and lies outside our sphere of influence; a deletion of this on-chain data by us is therefore not possible. Please take this into account before carrying out transactions.
We make no investment or return promises and make no statements regarding supervision by a financial supervisory authority.
10. Cookies and Local Storage
We use exclusively technically necessary cookies or comparable storage techniques (e.g. local storage in the browser) that are required for the operation of the platform and for login (e.g. session and login information). This data is not used to analyze your usage behavior and is not used for marketing or tracking purposes. The legal basis for the use of technically necessary storage techniques is Section 25 (2) TDDDG and Article 6 (1) (f) GDPR.
11. Embedded External Resources
To display and securely operate the platform, we integrate the following external services:
- fonts (web fonts) for a uniform display of the platform; in this context your IP address may be transmitted to the respective provider
- hCaptcha to prevent automated access (see above)
The legal basis for the integration is Article 6 (1) (f) GDPR (legitimate interest in an appealing and secure presentation).
12. External Links and Own Offerings
The platform may contain references to other offerings of our company (e.g. under the subdomains of verdantgrounds.org) as well as to external third-party websites. The operators of external websites are solely responsible for their content; we have no influence on their data processing. The respective data protection notices of the linked offerings apply.
13. Your Rights as a Data Subject
You have the following rights vis-a-vis the controller with regard to the personal data concerning you:
- right of access (Article 15 GDPR)
- right to rectification (Article 16 GDPR)
- right to erasure (Article 17 GDPR)
- right to restriction of processing (Article 18 GDPR)
- right to data portability (Article 20 GDPR)
- right to object to processing (Article 21 GDPR)
Insofar as the processing is based on your consent, you have the right to withdraw it at any time with effect for the future. The lawfulness of the processing carried out up to the withdrawal remains unaffected.
To exercise your rights, please contact: legal@marketplace.verdantgrounds.org
14. Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. The supervisory authority responsible for us is:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW)
Kavalleriestraße 2-4
40213 Düsseldorf
Germany
15. Validity and Changes to this Privacy Policy
This privacy policy is currently valid. Due to the further development of the platform or because of changed legal or regulatory requirements, it may become necessary to amend this privacy policy. The current version can be accessed at any time on this page.
As of: June 2026
