Privacy Policy

What is the purpose of our Privacy Policy?

Opale Capital SAS places great importance on the protection and confidentiality of your personal data, which represents, for us, a commitment to seriousness and trust.

In this regard, our Personal Data Privacy Policy reflects precisely our commitment to upholding, within Opale Capital SAS, the applicable rules on personal data protection and, more particularly, those of the General Data Protection Regulation ("GDPR").

In particular, our Privacy Policy aims to inform you of the manner and reasons for which we process your personal data in the context of the services we provide to you.

‍

Who does our Privacy Policy apply to?

Our Privacy Policy applies to you, regardless of your place of residence, provided you are at least 15 years of age and are a user of our platform Opale Capital.

If you are under the legal age detailed above, you are not authorised to use our services without the prior and explicit consent of one of your parents or the holder of parental authority, which must be sent to us by email at dpo@opalecapital.com.

If you believe that we hold personal data about your children without having consented to this, we invite you to contact us at the dedicated address detailed above.

‍

Why do we process your personal data and on what basis?

We process your personal data primarily for the following reasons:

• To use and benefit from our service (e.g.: access the detailed description of our investment products, subscribe to them digitally and then access performance monitoring) and all its features on the basis of our terms and conditions of use.
• To manage user accounts (e.g.: account creation, access to the service and account deletion) on the basis of our terms and conditions of use.
• To receive our technical emails (e.g.: password changes, etc.) essential to the proper functioning of our service, on the basis of our terms and conditions of use.

• To play videos in order to provide you with a quality service, on the basis of our terms and conditions of use.
• To be able to download and upload documents on our platform on the basis of our terms and conditions of use.
• To guarantee and enhance the security and quality of our services on a daily basis (e.g.: statistics, data security, etc.) on the basis of our legal obligations, our terms and conditions of use and our legitimate interest in ensuring the proper functioning of our services.
  ‍

Your data is collected directly from you as soon as you are a user of our Opale Capital platform and we commit to processing your data only for the reasons described above.

‍

What personal data do we process and for how long?

We have summarised below the categories of personal data and their respective retention periods:

• For individual investors, personal identification data (e.g.: surname, first name) and contact details (e.g.: email address) retained for the entire duration of the provision of the service, plus applicable statutory limitation periods, which are generally 5 years.
• For professional investors, personal identification data (e.g.: surname, first name, position, company, department, etc.) and contact details (e.g.: professional email address and phone number, etc.) retained for the entire duration of the provision of the service, plus applicable statutory limitation periods, which are generally 5 years.
• Email address for receiving our technical messages retained until deletion of your account.
• Connection data (e.g.: logs, IP address, etc.) retained for a period of 1 year.
• Identity card / passport used during registration and deleted after verification of your identity.
• Financial and asset situation retained until deletion of your account and thereafter for a statutory limitation period of 5 years.

Upon expiry of the applicable retention periods, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you after that point. At most, we may only retain anonymous data for statistical purposes.

Please also note that in the event of legal proceedings, we are obliged to retain all data relating to you throughout the duration of the case processing, even after the expiry of the retention periods described above.

‍

What rights do you have to control the use of your personal data?

The applicable data protection regulations grant you specific rights that you may exercise, at any time and free of charge, in order to control the use we make of your data.

• Right of access and copy of your personal data, provided that such request does not conflict with business secrecy, confidentiality, or correspondence secrecy.
• Right of rectification of personal data that is inaccurate, outdated or incomplete.
• Right to request erasure ("right to be forgotten") of your personal data that is not essential to the proper functioning of our services.
• Right to restriction of processing of your personal data, which allows you to freeze the use of your data in the event of a dispute regarding the legitimacy of processing.
• Right to data portability, which allows you to retrieve some of your personal data in order to store or transfer it easily from one information system to another.
• Right to give instructions regarding the fate of your data in the event of death, either directly or through a trusted third party or an heir.
  ‍

For a request to be processed, it must be submitted directly by you to dpo@opalecapital.com. Any request not submitted in this manner cannot be processed.

Requests may not come from any person other than yourself. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the requester.

We will respond to your request as soon as possible, with a maximum period of three months from receipt in the event that the request is technically complex or if we receive a large number of requests at the same time.

Please note that we may always refuse to respond to any request that is excessive or unfounded, particularly in view of its repetitive nature.

‍

Who may have access to your personal data?

Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.

We specify that we vet all our technical service providers before engaging them to ensure that they scrupulously comply with the applicable rules on personal data protection.

FURTHERMORE, WE GUARANTEE THAT WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS.

‍

Can your personal data be transferred outside the European Union?

The personal data processed by our Opale Capital platform is exclusively hosted on servers located within the European Union.

Furthermore, we make every effort to use only technical tools whose servers are also located within the European Union. If this is not the case, we take great care to ensure that they implement the appropriate safeguards required to ensure the confidentiality and protection of your personal data.

‍

Who can you contact for more information on the use of your personal data?

To best ensure the protection and integrity of your data, we have officially appointed an independent Data Protection Officer ("DPO") with our supervisory authority.

You may contact our DPO at any time and free of charge at dpo@opalecapital.com to obtain more information or details on the way in which we process your data.

‍

How can you contact the CNIL?

You may contact the "Commission nationale de l'informatique et des libertés" or "CNIL" at the following address: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07, or by telephone on 01.53.73.22.22.

‍

Can the Privacy Policy be amended?

We may amend our Privacy Policy at any time to adapt it to new legal requirements and to new processing activities that we may implement in the future.

‍

_{Certified compliant by Dipeeo ®}