Introduction

Matis hereby presents its personal data processing policy (hereinafter the "Policy") in order to inform the public of the means implemented to protect the personal data (hereinafter the "Personal Data") of persons who visit the Matis platform (hereinafter the "Visitors"), accessible at www.matis.club (hereinafter referred to as the "Platform") or register (hereinafter referred to individually as a "Member" and collectively as the "Members") by creating an online account to use the services offered therein (hereinafter referred to as the "Services"), or any other natural person who provides Matis with information or Personal Data.

‍
Matis implements strict rules, particularly in terms of security measures, and does so in accordance with applicable personal data protection regulations and in particular with the European Data Protection Regulation (hereinafter the "GDPR") applicable as of May 25, 2018, and Law No. 78-17 relating to data processing, files and freedoms as amended (hereinafter the "Loi Informatiques et Libertés ").
The purpose of this Policy is to give you an overview of Matis' practice's regarding collection, processing and protection of Personal Data. We suggest that you read this Policy carefully and invite you to contact the Data Protection Officer (DPO) for any questions you may have after reading these elements at the following e-mail address: dpo@matis.club or by writing to Matis 41 rue des jeuneurs 75002 Paris.

Scope of the policy

This Policy applies to all Visitors with whom Mats may collect or process Personal Data, and in particular to Platform Members for whom specific functionalities have been set up following the opening of an online account. These functionalities are accessible after logging onto the Platform from the "My Profile" area of the online account created by the Member.

Definitions - personal data

Any personal data relating to an individual and likely to contribute to the identification of the latter, whether directly or indirectly, is considered as Personal Data.

Personal data collected and processed by Matis

Matis collects and processes various Personal Data in order to provide its Services as described in the General Terms of Use.

Mandatory Personal Data collected when registering on the Platform or subsequently when subscribing to the Services in order to create an online account and thus be able to access the Services are marked with an asterisk. Data :

• Relating to your identity (title, surname, first name, e-mail address, tax address, phone number, nationality, date, city and country of birth);
• Economic and financial information (income, assets, bank details, saving capacity, income tax, etc.);
• Connection logs (date and time of connection).

This Personal Data is collected and processed by Matis for the following purposes: 

• Registration: the data required to register the Member on the Platform and to identify him/her on subsequent visits (e-mail address, password, first name, surname, etc.).
• Identity, knowledge and ability to bear losses: necessary data:

- creation of the Member’s investment account (identity, information and provision of documents such as valid proof of identity, etc.).

- test visitors’ knowledge and simulate their ability to bear losses.

-as well as any information necessary for Matis to provide Member with co-investment services.

• Payment: data to be provided by the Member for the purpose of paying a subscription or refund (identity of bank account holder, security account holder, IBAN, BIC) ;
• Visitors and Members reminders: Visitors and Members can contact one of our advisors;‍
• Communication: data required to send informative or notification emails to the Member.

‍

Reasons for collecting and processing of Personal Data 

The collection and processing of Personal Data is carried out on the following legal bases:

• Execution of the General Terms and Conditions of Use concluded between
Matis and the Member as of the creation of the online account
• Legitimate interests: the Personal Data collected and processed are necessary to pursue the legitimate interests of Matis in order to:

- respond to request made by Visitors and/or Members;

- respond to their request for an appointment with an advisor;

- to send all forms of communication or notification to Members in connection with the Services offered on the Platform in order to develop the contractual relationship with Members and to offer new Services.

- legal obligations: Matis operates as a European Crowdfunding Service Provider. In this context, various legal and regulatory obligations as well as rules of good conduct are applicable before, during and after the provision of Services. Certain Personal Data are thus collected, processed and stored in order to meet these legal and regulatory obligations, in particular those relating to a knowledge test, a simulation of the ability to bear losses and the fight against money laundering and the financing of terrorism.

Recipients of Personal Data

The Personal Data collected is intended for use by Matis internal departments in charge of investor relations, investment and disinvestment operations, communication, marketing, compliance and regulatory controls.

This Personal Data is also communicated to the following service providers:

• our partner in charge of our payment solution;
• our partner for the electronic signature of your document;
• our partner in charge of hosting and secure data storage;
• as part of the activity of European Crowdfunding Service Provider: to the special purpose entity in its capacity as issuer of the securities offered for subscription by Members as part of the co-investment offers presented on the Platform;
• our partner in charge of advertising to our Members;
• our partner in charge of our customer relationship management tools, as well as the mailings we send out during our sales prospecting campaigns;

Retention period of Personal Data

The Member's personal data will be kept until the later of: (i) ten (10) years after the date of conclusion of the last contract signed with the Member, or (i) five (5) years after the end of the contractual relationship. By way of exception, such data may be kept for longer periods to manage ongoing claims and litigation, as well as to meet Matis's legal and/or regulatory obligations, and/or to respond to requests from the authorities.

Storage and transfer of Personal Data

Personal data is transmitted to service providers for the performance of work and services subcontracted by Matis. Where applicable, Member data may also be communicated to official bodies and the authorized administrative and judicial authorities of the country concerned, in particular as part of the fight against money laundering and the financing of terrorism, the fight against fraud and the determination of tax status.

The processing operations referred to above may involve the transfer of personal data to countries outside the European Economic Area, whose legislation on the protection of personal data differs from that of the European Union. In such cases, Matis will implement the necessary measures in accordance with the applicable regulations to ensure the protection of the personal data transferred.

Personal data security

Matis undertakes to implement and enforce the physical and logical security measures it deems necessary to ensure the protection and confidentiality of data collected on the Platform for the duration of their processing.

Exchanges with the Platform are encrypted using a certificate generated by Amazon Web Services (AWS). This security is designed to protect the confidentiality and integrity of end-to-end communications (between a client and a server).

The infrastructure relies on firewalls and encryption of storage spaces to increase the security of your Personal Data.

These measures are intended to ensure a level of protection against loss, leakage, alteration, corruption, unauthorized access or transfer, or any other improper use of the Personal Data under Matis's control.

Exercising visitor and member rights

The Member have the right to request access to his/her personal data and the rectification of inaccurate data. The Member may request the deletion of his/her data and the limitation of processing, within the limits provided for by applicable legislation, it being specified that the exercise of these rights may, where applicable, result in the loss of Member status or the impossibility of entering into or performing certain contracts. The Member has the right to the portability of the personal data they have provided to Matis, in accordance with applicable legislation. Finally, in accordance with applicable legislation, the Member may also define instructions for the processing of his/her personal data in the event of death..

The Member may exercise his/her rights by writing to the Matis Data Protection Officer at the following address: dpo@matis.club, provided he or she can prove his or her identity by enclosing a copy of an official identity document with their request.

Policy developments

Matis has the right to modify this Policy at any time. This modification will take into account current data protection measures.

Complaints

Members are informed of the possibility of initiating a complaint concerning the processing of their personal data with the Commission Nationale Informatique et Libertés ("CNIL") - www.cnil.fr - 3 place de Fontenoy 75007 Paris, the supervisory authority in France responsible for compliance with obligations relating to personal data.

Cookie Policy

1. What is a Cookie ?

A cookie is a text file that may be stored in a dedicated space on the hard disk of a terminal* when a browser is used to consult an online service. A cookie file enables its issuer to identify the terminal in which it is stored, for the duration of the cookie's validity or storage.These cookies may be stored for the duration of your visit to the site, in which case they are referred to as session cookies. They may also be stored for a longer period (depending on the lifetime of the cookie), in which case they are known as persistent cookies

*terminal refers to the hardware equipment (computer, tablet, smartphone, etc.) used to consult or view a site, application, advertising content, etc.

2. Which cookies do we use?

• Functional cookies or those strictly necessary for the Platform: They enable you to use the Platform's essential functions. These cookies do not collect any information that could be used for marketing purposes. They are used, for example, to memorize information entered in a form during a browsing session or to identify an Individual as being connected to the Platform.

• Analytical cookies: These cookies enable us to track the use and performance of our Platform, to compile statistics and volumes of visits to and use of the various elements of our Platform (content visited, path taken), and to improve the interest and ergonomics of our Services (pages or sections most frequently consulted, articles most frequently read, etc.).
  

Overall, we use various cookies, the purpose of which are described below:

3. How to refuse/remove Cookies

In accordance with current regulations, the registration of a cookie in a terminal is essentially subiect to the latter's consent. This consent is obtained by a clear validation on a banner dedicated to this use. The terminal user can change his or her mind at any time, free of charge.

If the user's browser software allows cookies to be stored on his or her terminal, the cookies embedded in the pages and content consulted, particularly those on the Platform, may be stored temporarily in a dedicated space on the terminal.

In addition to the opt-out options described above, browser settings can be used to accept/refuse or delete cookies present on the Platform.

Most browsers accept cookies by default. However, it is possible to block these cookies or to ask your browser to create a warning when a site tries to implement a cookie on your terminal.

To do this, each browser's configuration is different. It is described in the help menu of each browser:

• Microsoft Internet Explorer (IE)
• Google Chrome
• Safari
• Firefox
• Opera

4. More information about Cookies

On the CNIL website : http://www.cnil.fr/vos-droits/vos-traces/les-cookies/