PRIVACY POLICY

Last update: March 23, 2022

INTRODUCTION

According to French law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms, and according to Regulation (EU)2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, you agree that ARTORUS may process all sort of personal data for identity verification purposes, but also to allow the smooth running of the sale of NFTs,  the smooth running of the exchange of NFTs with their corresponding physical assets, and more generally the smooth running of the global activity of ARTORUS.


This Privacy Policy describes how ARTORUS (“ARTORUS”, “we”, “our”or “us”) collects, use and share information in connection with your use of our website, social media platforms employed, services and applications and/or other (online and offline) interactions (e.g.customer service inquiries, whitelists, email contacts, etc.) you may have with ARTORUS (collectively, the “Services”). This PrivacyPolicy does not apply to information our customers may process when using our Services.


We recommend that you read this Privacy Policy in full to ensure you are fully informed. If you have any questions about this Privacy Policy or our data collection, use and disclosure practices, please contact us at contact@artorus.io


ACCEPTANCE

By using and/or purchasing the products and/or services provided by ARTORUS you consent to your personal data being processed under the terms set out in this privacy policy.



FAIR AND TRANSPARENT COLLECTION OF YOUR DATA

ARTORUS takes care to inform the persons concerned of the processing of their data. No collection is carried out without people's knowledge.


LEGITIMATE AND PROPORTIONATE USE OF YOUR DATA

ARTORUS only collects and uses personal data that are relevant and necessary for their purposes. ARTORUS ensures that personal data are updated and allows the deletion or rectification of obsolete or erroneous data.


PERSONALDATA COLLECTED

Information You Provide

  • Email address in contents such as Whitelists.
  • User Content. In certain parts of our Services, you may publicly post content on our Services. By registering and interacting with those Services, you agree that your profile information and the content you post may be viewed and used by other users and third parties we do not control.
  • Communications. If you contact us directly (such as make an inquiry about our Services, apply for a job or attend our events), we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide. We may also receive a confirmation when you read a message from us.

The personal data that you are asked to provide, and the reasons why you are asked to provide it, will (where necessary) be made clear to you at the point we ask you to provide your personal data.



Information We Collect When You Use Our Services

  • Cookies and Other Tracking Technologies. We gather certain information automatically and store it on our log files. In addition, when you use our Services, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Services. Cookies contain a small amount of information that allows our Services to offer you appropriate content. We store information that we collect through cookies, log files, and/or clear gifs to record your preferences. We may also automatically collect information about your interactions with the Services. We may track your use across different websites and services. Such information may be considered personal data under applicable data protection laws.
  • Usage of our Services. When you use our Services, we may collect information about your engagement with and utilization of our Services, such as processor and memory usage, storage capacity, navigation of our Services and system-level metrics. We use this data to operate the Services, maintain and improve the performance and utilization of the Services, develop new features, protect the security and safety of our Services and our customers, and provide customer support. We also use this data to produce analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

Information We Receive from Third Parties

  • Third-Party Accounts.  If you choose to link our Services to a third-party account, we will receive information about that account, such as your authentication token from the third-party account, to authorize linking. If you wish to limit the information available to us, you should visit the privacy settings of your third-party accounts to learn about your options.
  • Third-Party Partners or others.  We may receive publicly available information about you from our third-party partners and combine it with data that we have about you. We may receive data about organisations, industries, website visitors, marketing campaigns and other matters related to our business from our partners or others. This data may be combined with other information we collect including both aggregate level and user-specific data.

How We Use Information

We use the information we collect in various ways, including to:

  • Provide, operate and maintain our Services;
  • Improve, personalize, and expand our Services;
  • Understand and analyze how you use our Services;
  • Develop new products, services, features, and functionality;
  • Send emails advertising ARTORUS products, service, announcements, or promoting its partners
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Service, for marketing and promotional purposes, and to request personal data in proceedings where you are allegedly involved in fraud or for any judicial proceedings.
  • Request personal data for KYC proceedings if required.
  • Find and prevent fraud;
  • For compliance purposes, including enforcing our Terms & Conditions and (other) service and customer agreements, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.

How We Share Information

We may share the information we collect in various ways, including the following:

  • Vendors and Service Providers. We may share information with third-party vendors and service providers, such as those helping to provide our Services, for promotional and/or marketing purposes, and to provide you with relevant information such as product announcements, software updates, special offers, or other information
  • Aggregate Information. Where legally permissible, we may use and share information about users with our partners in aggregated or de-identified forms that can’t be reasonably be used to identify you.
  • Advertising. We may work with third-party advertising partners, to show you ads that we think might interest you. These advertising partners may set and access their own cookies, pixel tags, and similar technologies on our Services and they may otherwise have access to information about you which they may collect over time and across different online services.
  • Third-Party Partners. We also share information about users with third-party partners in order to receive additional publicly available information about you.
  • Information We Share When You Sign Up Through a Referral. If you sign up for our Services through a referral from a third party, we may share information with your referrer to let them know that you used their referral to sign up for our Services.
  • Analytics. We use the analytics provider Google Analytics. Google Analytics uses cookies to collect information about users. Google provides some additional privacy options regarding its Analytics cookies at https://policies.google.com/technologies/partner-sites 
  • Business Transfers. Information may be disclosed and otherwise transferred to any potential acquirer, successor, or assignee as part of any proposed merger, acquisition debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
  • As Required By Law and Similar Disclosures. We may also share information to (i) satisfy any applicable law, regulation, legal process, or governmental request; (ii) enforce this Privacy Policy, our Terms & Conditions and (other) service and customer agreements, including investigation or potential violations hereof; (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to your requests; or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
  • With Your Consent. We may share information with your consent.


Legal Basis for Processing Personal Data

The processing of your personal data will be done in accordance withFrench law n° 78-17 of January 6, 1978 relating to data processing, files and freedoms, and with Regulation (EU) 2016/679 of the EuropeanParliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

We will as collect personal data only (i) where we need the personal data to perform a contract with you; (ii) where the processing is in our legitimate interests and not overridden by your rights; (iii) in a KYC proceeding; or (iv) where we have your consent to do so. We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform and applications, undertaking marketing, or for the purposes of detecting or preventing illegal activities.

In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person.

If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as the possible consequences if you do not provide your personal data).

THIRD PARTY SERVICES

You may access other third-party services through the Services, for example by clicking on links to those third-party services from within the Services. We are not responsible for the privacy policies and/or practices of these third-party services, and we encourage you to carefully review their privacy policies.

DATA RETENTION

We retain personal data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from further processing until deletion is possible.

YOUR DATA PROTECTION RIGHTS

You have the following data protection rights:

  • You can request the right to request a copy of your data and information regarding:

  1. The purposes of the processing; the categories of personal data concerned;
  2. the recipients or categories of recipients as well as, if necessary if such communications were to be made, the international organizations having received the personal data have been or will be communicated, in particular the recipients who are established in third countries;
  3. where possible, the retention period of the personal data collected or, where this is not possible, the criteria used to determine this period;
  4. the existence of the right to request from the controller the rectification or erasure of your personal data, the right to request a limitation of the processing of your personal data, the right to object to this processing;
  5. the right to lodge a complaint with a supervisory authority;
  6. information relating to the source of the data when it is not transmitted directly to the data subjects;
  7. the existence of automated decision-making, including profiling, and in the latter case, useful information concerning the underlying logic, as well as the importance and consequences mentioned of this processing for the persons concerned.

  • If you wish to access, correct, update, or request deletion of your personal data, you can do so at any time by emailing contact@artorus.io
  • In addition, you can object to processing of your personal data, ask us to restrict the processing of your personal data, or request portability of your personal data. Again, you can exercise these rights by emailing at contact@artorus.io.
  • You have the right to opt-out of marketing communications we send you at any time. You can exercise this by clicking on the “unsubscribe” link in the marketing emails we send you.
  • Similarly, if we collect and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing if your personal data conducted in reliance on lawful processing grounds other than consent.
  • When the data processing that we implement is based on your consent, you can withdraw it at any time. However, previous operations are not called into question.
  • You have the right to lodge a complaint with the CNIL (3 place de Fontenoy, 75007 Paris).
  • You can define guidelines for the storage, erasure and communication of your personal data after your death.


We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

YOUR CHOICES

You can use some of the features of the Services without registering, thereby limiting the type of information we collect.

You may unsubscribe from receiving certain promotional emails from us. If you wish to do so, simply follow the instructions found at the end of the email. Even if you unsubscribe, we may still contact you for informational, transactional, account-related or similar purposes.

Many browsers have an option for disabling cookies, which may prevent your browser from accepting new cookies or enable selective use of cookies. Please note that, if you choose not to accept cookies, some features and the personalization of our Services may no longer work for you. You will continue to receive advertising material but it will not be tailored to your interests.

CHILDREN'S PRIVACY

ARTORUS does not target and is not intended to attract children under the age of 18 years old.Although visitors of all ages may navigate through our website, we do not knowingly collect or request personal data from those under the age of 16 without parental consent. If, following a notification from a parent or guardian, or discovery by other means, a child under 16has been improperly registered on our website by using false information, we will delete the child’s personal data from our records. Countries, states and E.U members may provide by law for a lower age for those purposes provided that such lower age is not below 13 years.

INTERNATIONAL DATA TRANSFERS

ARTORUSis a global business. We may transfer personal data to recipient territories or institutions outside of the territory in which the data was originally collected. These outside recipients may not be subject to the same data protection laws as the territory from which you initially provided the information. When we transfer your personal data to outside recipients, we will protect that information as described in this Privacy Policy.

Personal data collected by ARTORUS may be stored and processed in your region or in any other country where ARTORUS or its affiliates, subsidiaries or service providers are located or maintain facilities. ARTORUS has put in place adequate mechanisms to protect personal data when it is transferred internationally, including, but not limited to, ensuring adequate levels of protection in recipient countries (under Article45 of the European General Data Protection Regulation), using the Standard Contractual Clauses as approved by the European Commission, or mechanisms derived from special agreements like the EU-U.S.Privacy Shield Frameworks.

CHANGES TO THIS PRIVACY POLICY

This Privacy Policy may be modified from time to time, so please review it frequently. Changes to this Privacy Policy will be posted on our websites. If we materially change the ways in which we use or share personal data previously collected from you through our Services, we will notify you through our Services, by email, or other communication.

CONTACT US

If you have any questions or concerns about this Privacy Policy, please feel free to email us at contact@artorus.io, or at our mailing address below:

255 route de Goult 84220 Roussillon, France


Effective date: February 22, 2022