Definitions

Publisher: The natural or legal person who publishes online public communication services. Website: All websites, Internet pages and online services offered by the Publisher. User: The person using the Website and services.

1. Type of data collected

As part of using the Websites, the Publisher may collect the following categories of data concerning its Users: Connection data (IP addresses, event logs, etc.)

2. Disclosure of personal data to third parties

No communication to third parties Your data will not be communicated to third parties. You are informed, however, that it may be disclosed in application of a law, regulation or decision of a competent regulatory or legal authority.

3. Prior notification of the transfer of personal data to third parties in the event of a Merger/acquisition

In the event that we take part in a merger, acquisition or any other form of transfer of assets, we shall obtain your prior consent for transfer of your personal data and we shall maintain the level of confidentiality of your personal data to which you have consented.

4. Data aggregation

Aggregation with non-personal data. We may publish, disclose and use aggregated information (information about all of our Users or specific groups or categories of Users that we combine in such a way that an individual User can no longer be identified or referred to) and non-personal information for industry and market analysis, demographic profiling, promotional and advertising purposes and other business purposes. Aggregation with personal data available on the User’s social accounts If you connect your account to an account of another service in order to link information, said service may share your profile and login information with us, as well as any other information you have authorized to be shared. We may aggregate information about all our other Users, groups, accounts, with the personal data available about the User.

5. Identity data collection

Free consultation Consultation of the Website does not require prior registration or identification. This can be done without you having to provide any personal data (surname, first name, address, etc.). We do not record any personal data for the simple purpose of consulting the Website.

6. Identity data collection

Use of user ID only for access to services We use your electronic ID only for and during the performance of the contract.

7. Terminal data collection

Collection of profiling and technical data for service provision purposes Some of your device’s technical data is collected automatically by the Website. This information includes your IP address, Internet access provider, hardware configuration, software configuration, browser type and language, etc. The collection of this data is necessary for the provision of services. Technical data collection for advertising, commercial and statistical purposes Technical data from your device is automatically collected and recorded by the Website for advertising, commercial and statistical purposes. This information helps us to personalize and continually improve your experience on our Website. We do not collect or store any personal data (surname, first name, address, etc.) that may be linked to technical data. The data collected will not be sold to third parties.

8. Cookies

Cookie retention period In accordance with CNIL recommendations, the maximum retention period for cookies is 13 months following their initial deposit on the User’s terminal, as is the period of validity of the User’s consent to the use of these cookies. The lifetime of cookies is not extended with each visit. The User’s consent must therefore be renewed at the end of this period. Purpose of cookies Cookies may be used for statistical purposes, in particular to optimize services rendered to the User, by processing information concerning access frequency, page personalization, operations carried out and information consulted. You are informed that the Publisher may place cookies on your terminal. The cookie records information relating to navigation on the service (the pages you have consulted, the date and time of consultation, etc.) which we can read during your subsequent visits. User’s right to refuse cookies You acknowledge that you have been informed that the Publisher may use cookies. If you don’t want cookies to be used on your terminal, most browsers allow you to disable cookies via the settings options.

9. Technical data storage

Technical data retention period Technical data is retained for the time strictly necessary to achieve the above- mentioned purposes.

10. Personal data retention and anonymization periods

No data retention We do not retain any personal data beyond the duration of your connection to the service for the purposes described in this Privacy Policy. Deletion of data after deletion of the account Data purging means are set up to provide for the effective deletion of data as soon as the retention or archiving period necessary for the fulfillment of the determined or imposed purposes has been reached. In accordance with French law no. 78-17 of January 6, 1978 on data processing, data files and individual liberties, you also have the right to delete your data, which you may exercise at any time by contacting the Publisher. Deletion of data after 3 years of inactivity For security reasons, if you have not logged in to the Website for a period of three years, you will receive an e-mail inviting you to log in as soon as possible, failing which your data will be deleted from our databases.

11. Account deletion

Account deletion on request The User may delete their Account at any time by simple request to the Publisher OR via the Account deletion menu in the Account settings, if applicable. Account Termination for Violation of Privacy Policy In the event of any violation of any provision(s) of the Privacy Policy or any other document incorporated herein by reference, the Publisher reserves the right to terminate or restrict, without prior notice and at its sole discretion, your use of and access to the services, your account and all Websites.

12. Protocol in the event of a security breach detected by the publisher

Informing the User in the event of a security breach We commit to implementing all appropriate technical and organizational measures to guarantee a level of security appropriate to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or destruction of your personal data. In the event that we become aware of unlawful access to your personal data stored on our servers or those of our service providers, or of unauthorized access resulting in the risks identified above, we commit to: Notifying you of the incident as soon as possible; Examining the causes of the incident and informing you of them; Taking the necessary measures within reason to mitigate the negative effects and damages that may result from said incident. Limited liability Under no circumstances may the undertakings set out above concerning notification in the event of a security breach be assimilated to any recognition of fault or liability for the occurrence of the incident in question.

13. Transfer of personal data abroad

No transfer outside the European Union The Publisher agrees not to transfer the personal data of its Users outside the European Union.

14. Changes to the privacy policy

In the event of changes to this Privacy Policy, commitment not to lower the level of confidentiality substantially without prior information of the persons concerned. We will inform you in the event of substantial modification of this Privacy Policy, and we commit to not lowering the level of confidentiality of your data substantially without informing you and obtaining your consent.

15. Applicable law and appeals

Arbitration clause You expressly agree that any dispute arising out of or in connection with this Privacy Policy, including its interpretation or performance, shall be submitted to arbitration in accordance with the rules of the mutually agreed-upon arbitration platform, to which you shall adhere without reservation.

16. Data portability

Data portability The Publisher will offer you the possibility of having all your personal data returned to you upon request. The User is thus guaranteed greater control over their data, and retains the possibility of reusing it. This data must be provided in an open, easily reusable format.