Privacy policy

Preamble

Any person who has deposited directly or indirectly personal data may request the communication of data concerning him/her and have it rectified if necessary, in accordance with French law No 78-17 of 6 January 1978 relating to data processing, files and freedoms and in accordance with the General Data Protection Regulation EU 2016/679 (known as the GDPR), relating to the protection of individuals with regard to the processing of personal data and the free movement of such data.

Therefore, in accordance with the regulations in force as described hereinabove, each person has the right to request access to the personal data collected about him/her, their correction, deletion, limitation of processing or the right to object to processing or withdraw their consent, and also to request the portability of the data by contacting info@aetherfs.com.

These persons also have the possibility to file a complaint with a supervisory authority (Commission Nationale de l'Informatique et des Libertés - CNIL).

1. General statement

We take your privacy very seriously and are committed to protecting it. We believe that you should be able to easily know what personal data we collect and use and understand your rights in relation to it.

This privacy policy (the "Privacy Policy") explains our policies and practices regarding how we collect, use, and disclose personal data that we collect on our digital platforms, or during our events.

We recommend that you read this Privacy Policy carefully as it contains important information about your personal data.

Feel free hesitate to contact us if you have any questions or comments about this Privacy Policy (see "How to Contact Us?" below). In this text, the use of the masculine gender is used without prejudice in its generic and neutral sense and refers to both women and men.

2. Who are we?

The terms "Aether FS", "we", "us", "ours" and "our" refer to Aether Financial Services as the controller of your personal data, unless otherwise specified in this Privacy Policy.

Aether Financial Services is a simplified joint stock company (société par actions simplifiée) with capital of 300,000.00 euros, whose registered office is located at 2 Square la Bruyère, 75009 Paris, France, registered in the Paris Trade and Companies Register under number 811 475 383.

You will find our contact details under the heading "How to contact us? " below.

3. What personal data do we collect and how are they collected?

Personal data is information relating to an identified or identifiable natural person. They include, for example, a person's name, address, and gender.

We may collect personal data directly from you (for example when you participate in an event we organize) or indirectly (for example from our websites or Internet platforms).

3.1. Data you provide us directly

Vous pouvez nous fournir des données :

• When you fill out a contact form,
• When you subscribe to our newsletter,
• When you use our Digital Platforms,
• When you participate in one of our events.

Depending on what you provide us, this information may include:

• Your identity (including your first name, last name, gender, picture),
• Your contact details (including your postal address, e-mail, phone numbers),
• Your personal status (including your title),
• Other information you can provide by filling out forms or by contacting us.

We will inform you when your information is necessary to process your request, to respond to your requests or to provide you with our products and services. Failure to provide this information may delay or make it impossible to process your request, answer your questions and provide the products or services.

We strive to ensure that the personal data we hold is accurate at all times. We therefore encourage you to update your data in case changes occur. We may also ask you to update your data from time to time.

We recommend that you provide only the data requested or necessary for your request.

We remind you that we do not provide our services or products directly to persons under 18 years of age and that we do not collect personal data from them. We therefore ask you not to provide us with personal data of persons under 18 years of age.

3.2. Indirectly Collected Data

We may collect data when you use our Digital Platforms, including your IP address or other browser data (including browser, operating system, device model), through cookies or similar technologies placed on your device. Some cookies are necessary for the proper functioning of our Digital Platforms and others are used for analysis purposes that help us provide you with more personalized services and a better digital experience.

We may also collect data about you from third parties, who contact us on your behalf or who provide us with your contact details to invite you to events that may be of interest to you.

If you provide us with personal data about someone else, you must ensure that you have the right to disclose such data to us and that, without us taking any other measures required by data protection legislation, we may collect, use and disclose such data for the purposes described in this Privacy Policy. For example, you must ensure that the person concerned is aware of the various topics outlined in this Privacy Policy. The person must also provide the consents set out in this Privacy Policy with respect to the way we handle their personal data.

4. Why do we collect your personal data and how do we use it?

We collect and use your personal data on the basis of one or more of the following legal bases:

• We have obtained your prior consent (for example when you subscribe to our newsletter). Please note that with this particular legal basis, you have the right to revoke your consent at any time (see below "What are your rights to your personal data?”),
• We have a legitimate interest in carrying out the processing and this legitimate interest is not overshadowed by your interests, fundamental rights, or freedoms (e.g. the prevention of fraud in means of payment),
• We must process your personal data in order to comply with the laws and regulations in force.

Depending on the context, we may use your personal data to:

• Provide you with the products or services you have requested,
• Perform verifications to identify and verify your identity,
• Send you marketing communications, with your prior consent,
• Manage the events you have registered for and/or attended,
• Detect any fraudulent or illegal activity,
• Protect yourself, employees and others in our stores and property,
• Monitor and improve our Digital Platforms,
• Perform statistical analyses,
• Improve our products and services,
• Provide information to regulatory authorities when required by law.

5. Marketing communications (newsletter, invitations, etc.)

With your express prior consent (usually obtained by ticking a specific box in a form), you may receive information about offers, services, products or events sent by Aether FS.

We rely on your consent to process the personal data you provide to us for this purpose. Therefore, if you no longer wish to receive such information, you may withdraw your consent at any time (see below "What are your rights to your personal data?”).

We may ask you to confirm or update your marketing preferences if you ask us to provide other products and/or services in the future, or if there are changes in the law, regulations or structure of our business.

6. How long do we keep your personal data?

Your personal data are processed for the period necessary for the purposes for which they were collected, to comply with legal and regulatory obligations and for the duration of any period necessary for the establishment, exercise or defence of legal rights.

In order to determine the most appropriate retention periods for your personal data, we have specifically considered the amount, nature and sensitivity of your personal data, the purposes for which we collected your personal data, the service you deserve and expect from us, and applicable legal requirements.

Regarding our customers: your data is stored for the duration of our business relationship and up to ten years, and then deleted or archived to comply with legal retention obligations.

7. How do we disclose and transfer your personal data?

We may only disclose your personal data to the parties named below and for the following reasons:

• We disclose your personal data to Aether FS employees who need access to your personal data and who are authorized to process them for the purposes mentioned above and who undertake to respect their confidentiality. You may revoke your consent at any time (see the section "What are your rights to your personal data?" below).
• We may also disclose personal data to third parties acting on behalf of Aether FS and approved by Aether FS. All these processing operations are based on our prior instructions set out in a binding contract that complies with the requirements of applicable law. Such disclosures are made for different reasons, including:
• We must process your personal data in order to comply with the laws and regulations in force.
• Provide you with the products or services you have requested,

These service providers undertake to respect confidentiality and are not authorized to use your personal data for any other purpose. We also require them to apply appropriate security measures to protect your personal data.

For a description of the appropriate protection measures, you can send us your request using the data in the “How to contact us?” section below.

• We may be required by mandatory provisions of applicable law or in connection with legal proceedings or other legal requests, to disclose your personal data to authorities or third parties.
• We may also disclose or process your personal data in accordance with applicable law to defend our legitimate interests (for example in civil or criminal proceedings). For example, we may disclose such personal data if necessary to identify, contact or take legal action against a natural or juridical person who does not comply with our General Terms and Conditions of Use.

8. How do we protect your personal data?

All your personal data is strictly confidential and will only be accessible if necessary, only by duly authorized Aether FS staff and independent contractors acting on our behalf as part of appropriate technical and organizational security measures.

Aether FS has security measures in place to protect your personal data from unauthorized access and use. We follow appropriate security procedures in the storage and disclosure of your personal data to prevent unauthorized access by third parties and to prevent the accidental loss of your data. We limit access to your personal data to those who really need access for professional reasons. Persons accessing your data will be subject to a duty of confidentiality towards Aether FS.

We also have procedures in place to deal with any suspected data security breaches. We will notify you and any competent supervisory authority in the event of an alleged data breach when required by law.

We also require the persons to whom we transmit your personal data to comply with the above. Unfortunately, the transmission of information via the Internet is not completely secure. We cannot therefore guarantee the security of your personal data that you have transmitted to us via the Internet. Such transmission is at your own risk and you acknowledge and agree that we will not be liable for any unauthorized use, distribution, damage or destruction of your data, except to the extent that we are required by law to assume such liability. Once we have received your personal data, we will apply the above-mentioned security measures.

9. What are your rights to your personal data?

In accordance with applicable data protection law, you may at any time request access, rectification, deletion and portability of your personal data or restrict or object to their processing.

A summary of these rights is set out below:

• Your right of access: the right to receive a copy of your personal data.
• Your right of rectification: the right to ask us to correct any errors in your data or to complete them.
• Your right to be forgotten: the right to ask us to delete your personal data in certain situations.
• Your right to limit processing: the right to ask us to limit the processing of your personal data, in certain circumstances, for example if you dispute the accuracy of the data.
• Your right to data portability: the right to receive the personal data you have provided us with, in a structured, commonly used and machine-readable format and/or to transmit such data to a third party, in certain situations.

Your right to object to the processing:

• At any time during the processing of your personal data for direct marketing purposes,
• In some other situations, to the further processing of your personal data, for example the processing carried out on the basis of our legitimate interests.

You may at any time decide to withdraw your consent to the processing of your personal data. If your consent is withdrawn, this does not prevent us from processing your personal data on other legal grounds, if any, such as the execution of your orders and the storage of your order data in accordance with applicable law.

If you no longer wish to receive our advertising or promotional information, we remind you that you can revoke your consent to direct marketing at any time directly from the unsubscribe link included in each advertising e-mail message we send you. If you do, we will promptly update our databases and take all reasonable steps to respond to your request as soon as possible, but we may continue to contact you to the extent necessary in connection with any product or service you have requested.

You also have the right to file a complaint with your local data protection authority in the event of a suspected violation of the data protection rules applicable to you.

To exercise any of these rights, please contact us using the contact details below (see the section "How to contact us?").

Please note that if you exercise any of the rights mentioned above, you will be asked to let us know which right you wish to exercise and to provide us with certain information (copy of an identity card, passport or other legally recognized identity document) for identification purposes to process your request and protect you against fraudulent requests from third parties.

10. How to contact us?

For any questions regarding your personal data, to revoke your consent, to ask general questions or to make a complaint, please contact us:

• By email: info@aetherfs.com
• By post: Aether Financial Services - 36 rue de Monceau - 75008 PARIS

For questions specifically related to advertising emails, we remind you that you can unsubscribe directly at any time via the "unsubscribe" link in all advertising emails we have sent you.

If you have any questions or concerns about our Privacy Policy or data processing, you can contact the Group's Data Protection Officer at the following address: info@aetherfs.com.

11. Changes to this Privacy Policy

This Privacy Policy reflects our current practices and may be modified and updated from time to time. When we publish changes to this Privacy Policy, we amend the "Effective Date" at the top of this Privacy Policy to indicate when such changes come into effect.

If we make any material changes to this Privacy Policy, we will notify you by way of a notice of change at the beginning of this Privacy Policy and on the home page of the« https://aetherfs.com/ website.