Privacy POLICY

‍Last updated on June, 2023

At ARIANEE, we are committed to respecting your privacy and protecting your personal data.

In this Privacy Policy, we explain the types of personal data we collect, how we collect it, what we use it for and who we share it with.

If you have further questions, please get in touch with us by writing to privacy@arianee.org.

ARTICLE 1 – WHO WE ARE

ARIANEE, a simplified joint-stock company with registered capital of € 886 540, headquartered at 12 rue Philippe de Girard, 75010 Paris, France, registered with the Paris Trade & Companies Register under number 842 305 161, represented by Frédéric Montagnon in his capacity as President (“we”, “our”, or “us” or “Arianee”).

This Privacy Policy describes the policies and procedures of Arianee pertaining to the collection, use, and disclosure of your information in the following (collectively referred to in this Privacy Policy as our “Services”) :

the NFT Wallet application to read and/or claim NFTs (the “App” or “NFT Wallet App”) ;

any products, forums and services which we offer through the App.

Our Privacy Policy was established in accordance with applicable legal and regulatory provisions, in particular with the provisions of the French Data Protection Act of January 1978 and the EU General Data Protection Regulation (“GDPR”) of May 23, 2018, and with the recommendations of the French National Commission on Data Processing and Liberties (“CNIL”).

This Privacy Policy may be updated at any time to comply with our legal obligations in force and to ensure transparency of all processing operations relating to your personal data in real-time.

The changes will be effective upon Arianee’s publication of the updated Privacy Policy.

Therefore, we recommend that you read this Policy regularly.

By browsing and using our Services, the User (“you”, “or yours”) acknowledges having read, understood, and accepted this Privacy Policy.

ARTICLE 2 – DEFINITIONS

On the App, the following terms have the definition attributed to them within the meaning of the GDPR :

Consent : of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her ;

Personal data : means any information that makes it possible to identify you: (i) directly, such as your name or e-mail address; or (ii) indirectly, such as your customer number or IP address ;

Controller : means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law ;

Processor : means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller ;

Processing : means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction ;

Personal data breach : means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Other terms used in this Privacy Policy

App : refers to the NFT Wallet application operated by Arianee and made available to the User on behalf of the Brands ;

Brand : refers to the brand that displays NFTs in the NFT Wallet application;

NFT : materializes in the form of digital passport (of physical products), native and purely digital (like digital collectibles) and digital proof of engagement (badges, tickets, accreditations, passes and others) ;

User : refers to any individual using the Services.

ARTICLE 3 - DATA COLLECTION

Arianee collects and processes data that is strictly necessary for the purposes for which it is processed. We can assure the Users that we do not process data for purposes other than those mentioned below and that we do our best to minimize the amount of Personal Data that we collect from Users. If we should offer a new service on the App, requiring the collection and processing of your data, we will collect the agreement of the Users once again before offering the new service in question.

Whenever the Services process personal data, we take all reasonable steps to ensure the accuracy and relevance of the personal data to the purposes for which we process them.

We usually collect and store the following data about you when you access and use the Services:

Public wallet address generated through the NFT Wallet App or imported;
NFT token ID ;
User Data related to your use of the Services (such as timestamping, navigation information) ;
Technical data (such as login via public wallet address and IP address) ;
Information that you provide to us when you contact us via the App or through email, raise a complaint, ask for technical support or report a problem with any of the Services (including your name, email address and phone number).

Please note that limited information is also readable on-chain by any viewer : NFT token ID, history of events related to the NFT, social graph, wallet content (the “Blockchain Information”).

ARTICLE 4 - PURPOSES FOR PROCESSING AND LEGAL BASIS

Arianee collects, stores and uses data from its Users only for the purposes of processing as follows :

ARTICLE 5 - PERSONAL DATA RETENTION

We do not exceed the legal data retention periods and your data is kept only for the time necessary to process the purposes for which it was collected. It is specified that deletion of a NFT wallet is impossible as based on the blockchain.

We only retain your personal data for the following periods :

until the end of our contractual relationship stated in the Contract and, in any case, 5 years from the date of your last contact with us.
navigation data is stored for a maximum 25-month period.

At the end of the periods mentioned above, some of your personal data will be archived, in a dedicated archive with restricted access, in compliance with our legal obligations and to defend our rights and interests in court, for the following periods :

10 years from the end of the accounting period for data kept for accounting purposes, as well as for commercial documents (invoices, purchase orders, commercial correspondence, etc.).
In the event of pre-litigation, until the dispute is settled out of court or, failing that, as soon as the corresponding legal action becomes time-barred, it being specified that, under French law, the common law limitation period in civil and commercial matters is 5 years.
In case of litigation, until the ordinary and extraordinary remedies are no longer available against the decision rendered.

At the end of this additional period, your remaining personal data will be permanently deleted from our systems or anonymized to the extent possible.

If you wish to delete your wallet from our Services, uninstall the NFT Wallet App from your device, or request that your information be deleted, we still may retain some information that you have provided to us to comply with the laws and regulations to which we are subject, or to ensure the security of the App and Services.

‍

ARTICLE 6 – DISCLOSURES TO THIRD PARTIES

We take care to allow your personal data to be accessed only by those who require access to perform their tasks and duties, and to share only with third parties who have a legitimate purpose for accessing it. We will never sell or rent your personal information to third parties without your explicit consent.

We will only share your information with service providers under contract who help with parts of our business and technical operations (for example, cloud storage, data analytics and IT maintenance).These entities are bound by contractual obligations to keep personal information confidential and can use it only for the purposes for which we disclose the information to them. We may share your information to administrative or legal authorities or any other authorized third party to comply with our legal obligations.

‍

ARTICLE 7 – PERSONAL DATA TRANSFERS

Personal data that we collect from you may be stored and processed in, and transferred to, countries outside the European Economic Area (EEA). For example, this could happen if one of our service providers is located in a country outside the EEA. These countries may not have data protection laws equivalent to those in force in the EEA.

If we transfer personal data outside the EEA this way, we will take the necessary steps to ensure that your personal data continues to be protected in compliance with the applicable laws and regulations, notably by only transferring your personal data to businesses established in countries recognized by the European Commission as providing an adequate level of protection for your personal data or to organizations with whom we have entered into contractual arrangements to ensure an appropriate protection of your personal data, including the European Commission standard contractual clauses or that commit themselves to applying a code of conduct or a certification mechanism validated by the competent European authorities.

For more information on the safeguards put in place, please make a request at: privacy@arianee.org.

‍

ARTICLE 8 - SECURITY

We have taken all useful and necessary precautions, with regard to the state of the art in this area, to protect your information in a secure environment in order to avoid any destruction, loss, alteration, distribution or unauthorized access.

We maintain administrative, technical, personnel, physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal information and secure all connections with industry standard transport layer security.

No matter how hard we try, no method of transmission over the Internet and no method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify the Users concerned so that they can take appropriate action.

In the event that the integrity and confidentiality of your data is compromised, the data Controller undertakes to comply with the procedures established under the French Data Protection Act of 6 January 1978 and the GDPR.

‍

ARTICLE 9 – MINIMUM AGE

In accordance with the provisions of article 8 of the GDPR we do not collect, directly or indirectly, personal data from persons under the age of sixteen (16). Users under the age of sixteen (16) must seek the consent of a legal representative so that their personal data can be collected.

We reserve the right to request a justification of this agreement from the legal representative. The responsibility of our company cannot be sought in the event of any user providing personal data concerning a minor under the age of sixteen (16).

‍

ARTICLE 10 – CHOICES AND RIGHTS THAT ARE AVAILABLE TO YOU REGARDING THE USE OF YOUR PERSONAL DATA

Regarding the legal provisions of the Data Protection Act of 6 January 1978 and the GDPR, Users of the Services have the following rights:

right of access (article 15 GDPR) and rectification (article 16 GDPR), updating, completion of Users’ data, right to block or erase Users’ personal data (article 17 GDPR), when they are inaccurate, incomplete, ambiguous, outdated, or whose collection, use, communication or storage is prohibited (with the exception of Blockchain Information that can not be deleted as on-chain for which Arianee operates taking into account best practice mentioned in the CNIL position of September 2018).

right to withdraw consent at any time (article 13-2c GDPR)

right to limit the processing of Users’ data (article 18 GDPR)

right to object to the processing of Users’ data (article 21 GDPR)

right to define the fate of the Users’ data after their death and to choose to whom we will have to communicate (or not) their data to a third party that they will have previously designated.

We cannot oppose the Users’ request to exercise their rights. This request may be made at any time by electronic means at the following address: privacy@arianee.org or by post mail at: 12 rue Philippe de Girard, 75010 Paris.

‍
Requests will be processed within a month unless an overriding reason is given and justified by our company justifying an extension of the deadline.

If you believe that we do not satisfy the User’s request, you are entitled to refer the matter to the CNIL (National Commission on Data Processing and Liberties, https://www.cnil.fr) to enforce your rights.

‍

ARTICLE 11 – INFORMATION AND CONTACT

Please contact us by emailing privacy@arianee.org, or writing to the address below if you have any questions, wish to exercise your rights of access, or seek other assistance as described above.

Arianee SAS

12 rue Philippe de Girard

75010 Paris

We do business in many countries and aim to comply with the privacy laws applicable to the Personal Data we collect and use.‍

‍

ARTICLE 12 – COOKIES, LOCAL STORAGE, TRACKERS

What is a cookie?

A cookie is a file that a website – when visited by a User – asks your browser to store on your device to remember information about you, such as your language preference.

The only type of cookies we use on the App :

Performance Cookies

Subject to your consent, we may serve cookies on your terminal to measure and improve the performance of our App.

If you do not allow these cookies we will not know when you have visited our App and will not be able to monitor its performance.

The cookies present on the App are the following:

What is local storage ?

Local storage objects are sets of data stored in the App used to recognise you on your return on the App and smoothen the experience, remembering informations such as:

Your public wallet address id (public key)
Last message sent received
Last transfers (from and to) dates
Partners information

If you wish to remove the local storage, you can do so by deleting the App.

Modification of this Privacy Policy