Nextmine

Privacy Policy

Last updated / effective date: 15 July 2026

At a glance

  • OMJ (Denmark) is the data controller for the Nextmine marketplace.
  • We collect account, identity, transaction, payment and usage data — to run the marketplace and meet legal duties.
  • We never sell your data. We share it only with processors (Sharetribe, Stripe, Google) and where the law requires.
  • Payments and identity checks are handled securely by Stripe — we don’t store full card numbers.
  • You have GDPR rights (access, correction, deletion and more). Email hi@nextmine.io.
  • This is a plain-language summary only — the full policy below applies.

This Privacy Policy explains how OMJ (“We”, “Us”, “Our”) collects, uses, shares and protects personal data when you use the Nextmine marketplace (the “Service”). It also explains your rights and how to exercise them. Please read it together with our Terms of Service.

1 · Who we are (data controller)

The data controller responsible for your personal data is:

OMJ, Poul Anker Bechs Vej 302, 9200 Aalborg SV, Denmark · CVR 30860403 · Email: hi@nextmine.io

If you have any question about this Policy or your personal data, contact us at the email above.

2 · The personal data we collect

Depending on how you use the Service, we may collect:

  • Account and profile data: name, email, phone number, postal address, username, password (stored hashed), and profile details you provide.
  • Identity verification data: where required (including by law and our Payment Processor), identity documents and verification information, possibly including government-issued ID. Verification is generally carried out by our Payment Processor; we may receive only the result and limited related data.
  • Seller financial and tax data: for sellers, bank account details and — for high-volume sellers — tax identification number and verified contact information, as required by the U.S. INFORM Consumers Act and our Payment Processor.
  • Transaction and order data: goods listed, purchased or sold; order numbers; amounts; shipping and tracking; and order-related correspondence.
  • Payment data: card and bank details are collected and processed directly by our Payment Processor (Stripe, via Sharetribe). We do not store full card numbers on our own systems.
  • Communications: messages you send through the Service, and emails or support requests you send us.
  • Technical and usage data: IP address, device and browser information, log data, and how you interact with the Service.

3 · How we collect your data

  • Directly from you — when you create an account, list or buy goods, complete verification, communicate, or contact support.
  • Automatically — through cookies and similar technologies (see Section 9).
  • From third parties — from our Payment Processor (e.g. verification results and payment confirmations) and service providers that help operate the Service.

4 · Why we use your data and our legal basis

We process personal data only where we have a legal basis under the EU GDPR. The main bases:

PurposeLegal basis (GDPR Art. 6)
Creating and managing your account; providing the Service; facilitating orders between buyers and sellersPerformance of a contract (Art. 6(1)(b))
Processing payments and payouts via our Payment ProcessorPerformance of a contract (Art. 6(1)(b))
Verifying identity; complying with anti-fraud, tax, sanctions and INFORM Consumers Act obligationsLegal obligation (Art. 6(1)(c)) and/or legitimate interests (Art. 6(1)(f))
Preventing fraud and abuse; securing the Service; resolving disputesLegitimate interests (Art. 6(1)(f))
Responding to your complaints and support requestsPerformance of a contract / legitimate interests
Sending service and transactional messagesPerformance of a contract / legitimate interests
Sending marketing communications (where applicable)Consent (Art. 6(1)(a)), which you may withdraw at any time
Using analytics and other non-essential cookiesConsent (Art. 6(1)(a))

Where we rely on legitimate interests, we balance those interests against your rights and freedoms. You may object to such processing (see Section 8).

5 · Who we share your data with

We do not sell your personal data. We share it only as necessary, with:

  • Other users: to complete a transaction, a buyer and seller receive the information needed to fulfil and ship an order (e.g. shipping name, address and contact details), to be used only for that order. For high-volume sellers, certain information may be disclosed to buyers as required by the INFORM Consumers Act.
  • Service providers (processors) acting on our instructions, including:
    • Sharetribe — marketplace platform, hosting and transaction infrastructure.
    • Stripe — payment processing, payouts, and identity/financial verification.
    • Google (Gmail / Workspace) — email and support correspondence.
    • Google Analytics 4 — usage analytics to improve the Service.
  • Authorities and advisers: where required by law or legal process, or to establish, exercise or defend legal claims.
  • In a business transfer: if OMJ is involved in a merger, acquisition or sale of assets, data may be transferred as part of that transaction, subject to this Policy.

6 · International transfers

Because our users are located outside the EU (primarily in the United States and Asia) and some service providers operate outside the EU/EEA, your personal data will be transferred internationally.

Where we transfer personal data outside the EU/EEA, we rely on an appropriate transfer mechanism under GDPR — such as the European Commission’s Standard Contractual Clauses or an adequacy decision — together with appropriate safeguards. Contact us for more information about the safeguards in place.

7 · How long we keep your data

We keep personal data only as long as necessary for the purposes above, including:

  • Account data — while your account is active, and for a reasonable period afterwards.
  • Transaction, tax and accounting records — for the period required by bookkeeping and tax law (under Danish law, generally 5 years from the end of the relevant financial year).
  • Verification and anti-fraud records — for as long as required to meet our legal obligations and defend legal claims.

When data is no longer needed, we delete or anonymise it.

8 · Your rights

Subject to applicable law, you have the right to:

  • Access — a copy of the personal data we hold about you.
  • Rectification — correction of inaccurate or incomplete data.
  • Erasure — deletion of your data, where no overriding legal reason requires us to keep it.
  • Restriction — to limit how we use your data in certain cases.
  • Portability — to receive certain data in a structured, machine-readable format.
  • Objection — to processing based on legitimate interests, and to direct marketing at any time.
  • Withdraw consent — at any time, without affecting prior processing.

To exercise any of these rights, contact us at hi@nextmine.io. We will respond within the time limits required by law and may need to verify your identity first.

Complaints: if you believe we have not handled your data lawfully, you may lodge a complaint with the Danish Data Protection Agency (Datatilsynet, Carl Jacobsens Vej 35, 2500 Valby, Denmark, dt@datatilsynet.dk), without prejudice to any other remedy.

9 · Cookies and similar technologies

The Service uses cookies and similar technologies to operate, secure, improve and measure use of the Service. We use two types:

  • Strictly necessary cookies — required for the Service to function (e.g. to keep you logged in and secure transactions). These do not require consent.
  • Analytics cookies — used to understand how visitors use the Service so we can improve it. We set these only with your consent, which you can give or withdraw at any time via our cookie banner or settings. Declining them does not affect your ability to use the Service.

We obtain consent for non-essential cookies through a banner shown on your first visit, and you can change your choice at any time via the cookie settings link on the Service.

10 · Security

We take reasonable technical and organisational measures to protect personal data against loss, misuse and unauthorised access, including relying on the security measures of our Payment Processor and platform provider. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11 · Children

The Service is not directed to, and may not be used by, anyone under the age of majority applicable under our Terms of Service. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will take appropriate steps to delete it.

12 · Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you — for example by posting a notice on the Service or contacting you. The “Last updated” date at the top shows when the Policy was last revised. Your continued use of the Service after changes take effect means you accept the updated Policy.

13 · Contact us

For any question about this Privacy Policy or how we handle your personal data, contact us at:
OMJ — hi@nextmine.io · Poul Anker Bechs Vej 302, 9200 Aalborg SV, Denmark