Privacy Policy

Updated on January 28, 2025 Ginini SAS (hereafter referred to as “the Company” or “we”) is headquartered at 10 Place Vendôme, 75001 Paris, and registered under the number 453 853 723 R.C.S. Paris. is responsible for processing the data of its clients and, more broadly, of users (hereafter referred to as “you”) navigating the website it operates as part of its activities, and accessible at ginesis-finance.com (hereafter referred to as the “Site”). We are committed to ensuring that the collection and processing of personal data are carried out lawfully, fairly, and transparently, in accordance with the General Data Protection Regulation (“GDPR”). Failure to provide mandatory information may result in the inability to process or a delay in processing the related request (e.g., registration or information request).  

DEFINITIONS – PREAMBLE

To ensure a clear understanding of this Privacy Policy, the following terms are defined:

• “Personal data” refers to any information relating to an identified or identifiable natural person (the “data subject”), directly or indirectly, such as a name, an identification number, location data, an online identifier, or factors specific to the person’s identity.
• “Processing” refers to any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
• A “data controller” is the entity that, alone or jointly with others, determines the purposes and means of personal data processing. A “data processor” is the entity that processes personal data on behalf of the data controller.
• A “recipient” is a natural or legal person, public authority, agency, or another body whatsoever to which the personal data are disclosed, whether a third party or not.

Warnings: We advise you to be cautious about what you choose to make public online. Regarding personal data, including information about your private life or sensitive data (such as political and philosophical opinions, trade union membership, health information, sexual orientation, religious beliefs, etc.) that you make public or that can be inferred from your postings, comments, and positions on social networks (like Facebook, YouTube, etc.), please note that processing personal data made public by the individual is not subject to the general prohibition on processing sensitive data. If a word is capitalized, the Client can refer to the general T&Cs applicable on the Site.  

MANAGING CLIENT AND PROSPECT DATA

Through the Site, you provide us with the following categories of information by filling out the information form(s) and communicating with us:

• Identity data (title, name, first name), contact details (email address, postal address address, postcode, city, country, telephone number)

In case of an order, we will also process information related to the contractual and commercial relationship you may establish, ensuring the accuracy of order-related information. If the order is paid, we will also process payment and transactional information (transaction date, amount, payment method, order number). We collect information when you complete a satisfaction form or subscribe to a free product or service (name, email). Subscribing to a free service implies acceptance to receive commercial information, with the User having the option to unsubscribe at any time. Finally, we collect connection data to the account and usage data of the tools made available to individuals in their dedicated virtual space (IP address, connection time, connection duration, account settings, tool management). Accuracy of Information Provided: You must not provide false personal information or create an account for another person without their authorization. The contact details you provide must always be accurate and up-to-date. Personal Logins: Any account holder with access to a virtual space has strictly personal, confidential, and non-transferable access rights. Every account holder must take necessary security measures to preserve the integrity of their access rights (username, password) to prevent unauthorized third-party access. The access rights holder will be responsible for any fraudulent or abusive use of their access codes resulting from their own negligence. In any case, the access rights holder must inform us immediately of the loss or theft of their identifiers.  

SOCIAL MEDIA AND THIRD-PARTY SITES

Groups, Accounts, and Pages: Any communication can be delivered via a private group or a public page/ad created on Facebook, where content is shared, and customers can interact. We may also contact you or respond to your queries via social media if you initially reached out to us through these platforms. Additionally, we maintain various public pages and accounts that you can follow. Regarding any information you provide to social networks like Facebook (liking a video, viewing a video, sending messages), Instagram (commenting, liking, sharing), and any other social media platform, please note that we are not responsible for the processing of personal data carried out by these third-party sites. We encourage you to review their data protection policies for more information. Public Information: The information you provide to us may be enriched for commercial, prospecting, communication, solicitation, or marketing purposes using other information sources such as social media (information deemed “public” or accessible to us as page administrators). Links to Third-Party Sites: The Site may provide links to other sites, applications, and services operated by third-party companies. Clicking on these links may allow third parties to collect or share data about you. In such cases, we are not responsible for the processing of personal data by these third-party sites. Users are advised to review the data protection policies of these third-party sites for more information.

Links to Our Site: Conversely, if a third-party site links to our Site (URL link), it does not imply that the third-party site’s privacy policy applies to our activities, nor does it guarantee that the third party complies with its data protection obligations.  

COOKIES

Data Collection for Advertising, Commercial, and Statistical Purposes: Technical data from your device is automatically collected and stored by the Site for advertising, commercial, and statistical purposes. This information helps us personalize and continuously improve your experience on our Site. We do not collect or store any personal data (such as name, first name, address) that may be attached to technical data. The collected data may be resold to third parties by the cookie providers that collect it. Cookies/pixels provided by third parties like Facebook and Google enable retargeting. For more information, visit:

• Facebook (Meta) : Meta’s Cookie Policy
• Google : Types of cookies used by Google

Cookie Retention Period: In accordance with European recommendations, the maximum retention period for cookies is 13 months from their initial placement on the user’s device, as is the validity period of the user’s consent to the use of these cookies. The cookie’s lifespan is not extended with each visit. Therefore, the user’s consent must be renewed after this period. Purpose of Cookies: Cookies can be used for statistical purposes, particularly to optimize the services provided to the user, based on processing information about access frequency, page personalization, operations performed, and information consulted. You are informed that the cookie provider may place cookies on your device. The cookie records information related to your navigation on the service (pages viewed, date and time of viewing) which we can read during your subsequent visits. Certain site features, such as video players or interactive content, may use services provided by third parties and place cookies that allow them to identify your content viewing. User’s Right to Object to Cookies: If you prefer not to have cookies used on your device, most browsers allow you to disable cookies through their settings options:

• Google Chrome : Manage and delete cookies in Chrome
• Safari (Mac) : Manage cookies and website data in Safari
• Mozilla Firefox : Clear cookies and site data in Firefox
• Internet Explorer : Delete and manage cookies in Internet Explorer

EXERCISING YOUR RIGHTS

You have the right to access, rectify, or erase your data, as well as the right to query, limit the processing of your data, and ensure its portability and erasure (more info here), within the limits set by regulations, particularly the GDPR. You also have the right to object at any time, for reasons related to your particular situation, to the processing of personal data based on our legitimate interest. Additionally, you have the right to object to commercial prospecting by clicking the unsubscribe link in the newsletter. Requests to exercise your rights should be sent electronically using the site’s contact form. If you are not satisfied with our response, you can file a complaint with the relevant data protection authority (for example, in France, the CNIL). Please note that exercising the right to erasing, objecting to processing, or withdrawing consent may disrupt or even interrupt the proper functioning of the site and/or training services (including the e-learning platform). For example, if these rights are exercised at the time of ordering services or products, the order may not be completed.  

DATA RETENTION PERIOD

Data used for managing commercial prospecting is retained for a maximum of three years from the last contact initiated by the prospect or from the end of the contract with the client. If you have not logged into the Site or shown any active behavior (such as clicking a link) within a three-year period, you may receive an email prompting you to log in promptly. Failure to do so will result in your data being deleted from our databases. Effective data deletion measures are implemented once the retention or archiving period necessary for fulfilling the determined or imposed purposes is reached, particularly after the deletion of your account with our company. In accordance with our legal obligations, certain documents related to our internal operations and containing personal information (such as purchase orders, contracts, invoices) will be archived. Similarly, we may archive data until the expiration of the applicable statutes of limitations for legal actions, to protect our interests in case of future disputes. In any case, personal data subject to processing will not be retained beyond the time necessary to fulfill the obligations defined at the conclusion of the contract or as required by current legislation. Beyond this period, data may be anonymized and retained for statistical purposes only.  

RECIPIENTS

We do not sell any personal data files. The information you provide to us is for internal use by authorized personnel only; it is strictly confidential and will not be disclosed to third parties unless you give explicit consent or choose to make it public. Our external service providers may receive personal data to perform processing tasks as described above. This applies to tools provided under the names Website Host Name (website host), Marketing Automation and Email Service Name, Payment Gateway Names (payment gateways), etc. To ensure compliance, we verify that: (i) Every subcontractor provides sufficient and appropriate contractual guarantees to respect your rights and comply with GDPR requirements. (ii) GDPR provisions applicable to data transfers are respected. Based on our legal obligations, your personal data may be disclosed in accordance with the law, regulations, or a decision by a competent regulatory or judicial authority. Transfers Outside the EU: We are committed to complying with applicable regulations regarding data transfers to countries outside the European Union, particularly as follows:

• We will transfer data of visitors, prospects, and customers to countries recognized as providing an adequate level of protection. In case of transfers to the United States, to organizations that have adhered to the Privacy Shield.
• When the destination country does not provide an adequate level of protection, we frame the data flows using transfer tools compliant with regulations (such as the European Commission’s standard contractual clauses).

IT SECURITY

We are committed to implementing all appropriate technical and organizational measures, using physical and logistical security means, to ensure a level of security suitable for the risks of accidental, unauthorized, or illegal access, disclosure, alteration, loss, or destruction of your personal data. Data Breach: In the event of unauthorized access to your personal data stored on our servers or those of our service providers, or any unauthorized access leading to the realization of the identified risks, we commit to:

• Notify you of the incident promptly if legally required;
• Investigate the causes of the incident;
• Take reasonable measures to mitigate any negative effects and damages resulting from the incident.

The commitments defined above do not imply any admission of fault or liability for the occurrence of the incident. If you notice any security vulnerability or incident that could compromise the integrity of your or others’ personal data, please inform us immediately through the site.  

APPLICABLE LAW AND LANGUAGE

This Privacy Policy is written in French. In the event of any translation into one or more languages, only the French text will be considered authoritative in case of dispute. The temporary or permanent non-application of one or more clauses of this policy does not constitute a waiver of the other clauses, which remain in effect. We reserve the right to modify this Privacy Policy. Individuals will be notified when required by the GDPR or any other regulation. The update date is indicated in the header, and we encourage you to review it regularly. For any questions regarding this Privacy Policy, please contact us at: communication@ginesis-finance.com