Your privacy is important to us

It is Ledgity's policy to respect your privacy regarding information we may collect from you on our app. When you use the LEDGITY app and website ("LEDGITY"), we may collect personal information about you.

In the interest of transparency and in accordance with the regulations in force, we inform you of the way in which we process and protect this data.

We may ask you for personal information, such as your name, e-mail address, address, contact details… We only collect personal information that is relevant to providing you with the best possible service and only use your information to ensure the performance of that service. You are free to decline our request for personal information. You must accept that we may not be able to provide you with some of the services you require without this information.

This Data Privacy Policy applies to all personal data processing activities that we perform on the LEDGITY app and website and to any agreements that may occur between LEDGITY and users.

Data controller :

Ledgity SAS Registration No. 834477747, 61 Avenue Simone Veil, 06200 Nice, France (hereafter "LEDGITY").

1. What personal data can we collect and process ?

1.1 Personal data collected directly by LEDGITY

As part of our obligation to minimize the data collected and processed, we only collect and use the personal data that we need for our activity to offer you personalized and quality services.

• Identification data (e.g. name, first name, e-mail address, telephone number)*.
• Data related to your financial assets as well as other assets such as crypto-currencies, real estate investments, etc.
• Connection data (e.g. IP address, logs)
• Various legal documents
• Economic and financial data
• Data to verify your identity
• Data related to your professional life
• Data relating to your investor profile
• Data relating to your habits and preferences

Mandatory information is indicated by an "*" when you provide us with your data. This information is necessary to provide you with our services.

1.2 Personal data collected indirectly by LEDGITY

LEDGITY may collect information about you even if you are not a LEDGITY customer. In this case, we collect data relating, in particular, to prospects, guarantors, agents, legal representatives, corporate officers and authorized persons of a LEDGITY legal entity customer, beneficial owners and shareholders of a LEDGITY legal entity customer, principals or beneficiaries during transactions carried out in relation with a LEDGITY customer.

2. Special cases of children and vulnerable persons

We remind you that the LEDGITY platform and services are accessible to :

Any natural person with full legal capacity to commit to these General Conditions, i.e. a natural person of full age within the meaning of Article 414 of the Civil Code and not under any incapacity listed in Article 1146 of the Civil Code. A natural person who does not have full legal capacity may only access the Application and Services with the agreement of his/her legal representative.

Therefore, LEDGITY does not knowingly collect personal data from children under 18 years of age.

3. What are the legal bases for our processing of personal data ?

• The execution of the contract you have concluded with us starts when you accept the general terms of use;
• Our legitimate interest to develop and promote our business but also to defend our interests in court;
• To comply with legal and regulatory obligations to which we may be subject, including the GDPR and AML/CFT measures. We then collect data from national, regional and international sanction/freeze lists;
• Your consent where we seek your consent to process your personal data for a specific purpose that we communicate to you. When you consent to LEDGITY processing your personal data for a specific purpose, you may withdraw your consent at any time and we will stop processing your personal data for that purpose. It is clarified that the withdrawal of consent does not affect the lawfulness of the processing based on the consent before its withdrawal.

4. For what purposes do we process your personal data ?

• To monitor and manage your assets
• To make personalized investment recommendations to you
• To provide you with our services
• To improve our services
• To follow the relationship with our clients
• Build a file of clients, prospects and financial advisors
• Respond to your requests for information
• Send newsletters, solicitations and promotional messages
• Compile statistics
• Manage unpaid invoices and any disputes regarding our services
• Comply with our legal and regulatory obligations
• To verify your identity / personal financial information as part of our legal and regulatory obligations to fight fraud.

5. Who are the recipients or categories of recipients of your personal data ?

We may disclose your personal data to, among others, financial authorities, judicial or state agencies, public bodies upon request and to the extent permitted by regulation, certain regulated professions such as lawyers, notaries, auditors.

In addition, we may employ third party companies and individuals - for example, analytics providers and content partners. These third parties only have access to your personal information to perform specific tasks on our behalf and are required not to disclose or use it for any other purpose. In addition, they must process your personal data in accordance with our contractual agreements and only to the extent permitted by applicable data protection laws.

Our bank account aggregation partners: They will process data in accordance with their privacy policy.

As part of the development of our business and a business transfer, we may sell or buy other businesses or services. In such transactions, user data is generally one of the transferred business assets but remains subject to the promises made in any pre-existing Data Protection Policy (unless, of course, the user agrees otherwise). Similarly, in the unlikely event that LEDGITY or substantially all of its assets are acquired by a third party, user information will be one of the transferred assets.

6. Transfer of data to a country outside the European Union

We may transfer your personal data to our third party partners and service providers based around the world. In cases where we intend to transfer personal data to third countries or international organizations outside the European Economic Area (EEA), LEDGITY puts in place appropriate technical, organizational and contractual safeguards (including standard contractual clauses), to ensure that such transfer is carried out in accordance with applicable data protection rules, unless the country to which the personal data is transferred has already been determined by the European Commission to offer an adequate level of protection.

We also rely on decisions of the European Commission when it recognizes that certain countries and territories outside the European Economic Area provide an adequate level of protection for personal data. These decisions are called "adequacy decisions".

7. How long your personal data is kept ?

LEDGITY specifies that your personal information and data will be kept for no longer than is necessary for the purposes for which they are processed, in particular to provide you with LEDGITY services. Consequently, we keep your data for the entire duration of the business relationship.

Some of your data may be kept for longer periods, in particular for archival or statistical purposes, within the limits permitted by the regulations in force.

8. Security of your personal data

LEDGITY will do its best to protect your personal data collected. As such, we implement electronic security measures as well as physical security measures, such as protecting access to our premises, to protect your data.

In addition, we restrict access to your personal data to employees, agents, contractors and other third parties who have a business need to know.

9. What rights do you have regarding the processing of your data ? How can you exercise them ?

According to the General Data Protection Regulation (GDPR), officially called EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, you have :

• A right of access, article 15 GDPR : You have the right to know the purposes for which your data is being processed as well as to obtain a copy of such data.
• A right of rectification, article 16 GDPR : You have the right to ask to rectify inaccurate or incomplete information about you.
• A right to erasure, article 17 GDPR : You have the right to request the deletion of your data within the limits set by the regulation.
• A right to restriction of processing, article 18 GDPR : You have the right, in certain cases, to temporarily restrict the processing of your personal data, provided there are valid grounds for doing so. Nevertheless, we may continue to process your personal data if necessary for any exception permitted by applicable law.
• A right to object, article 21 GDPR : You may object at any time to the processing of some of your data, including data collected for marketing purposes, on grounds relating to your particular situation.
• A right to the portability of your data, article 20 GDPR : In certain cases, you have the right to request that personal data we have collected on you, be communicated to you on a suitable medium or be directly transmitted by LEDGITY to a third party.
• A right to withdraw your consent : Where your consent is required for a processing of your personal data, you have the right to withdraw the consent you have provided at any time. The exercise of this right does not affect the lawfulness of the processing based on the consent given prior to the withdrawal of consent
• A right to lodge a complaint with the competent data protection authority : If, despite our best efforts, you wish to make a complaint, we inform you that you can contact the LEDGITY customer service department at the following email address: support@ledgity.com, allowing you to declare any difficulties encountered when using the services.

However, if you have any unresolved concerns, you also have the right to lodge a complaint with the French Commission Nationale de l'Informatique et des Libertés.

10. Changes to this Privacy Policy

Because our business changes regularly, our Privacy Policy may change as well. Therefore, we recommend that you frequently check our website for recent changes. Your continued use of the LEDGITY website or application after any changes to this policy will be considered acceptance of our privacy and personal information practices.

Unless otherwise stated, our current Data Privacy Policy applies to all data we have about you and your account.

11. Contacting Us

If you have any questions about the use of your personal data covered by this document, you can contact our customer service department at : support@ledgity.com.