By clicking "Accept all cookies", you agree that cookies will be stored on your device to enhance site navigation, analyze site usage, and contribute to our marketing efforts.
Please refer to our cookie management policy for more information.
PRIVACY POLICY
This Policy aims to provide you with all the information about the conditions under which Smart-Chain collects and processes your Personal Data

The company SMARTCHAIN, concerned about individuals' rights and with a goal of transparency with its customers, has made strong commitments to protect user data of its software solutions in accordance with French and European regulations (GDPR 2016, LIL 2004, and CNIL 1978).

This policy is an integral part of the legal notices, and each term will have the same definition in both texts as defined in the legal notices, which have the same meaning in this Privacy Policy.By accessing the website or subscribing to the products mentioned in Article 1.4, you agree to be aware of this Privacy Policy, which may be modified or updated at any time without notice. Any changes will be posted on the Site, and we recommend checking it regularly.
1 - Definition 
1 - Definition 
Personal Data is defined by Article 4 paragraph 1 of the General Data Protection Regulation (GDPR) as: "any information relating to an identified or identifiable natural person".
1.2 - Who are the users?
The term User refers to all individuals who may be affected by the collection of their data by the company Smart-Chain.
In the context of accessing our Site and using the products mentioned in Article 1.4, users are:

- Visitors: if you navigate the Site without taking any action, you are a visitor;

- Prospect: if you contact us to obtain information about the products mentioned in Article 1.4 or if you subscribe to the newsletter, you are a Prospect;

- Client: If you have subscribed to one of the products mentioned in Article 1.4, you are a Client;

- Candidate: If you have filled out a job application form on the Site, you are a Candidate;
1.3 - Who is the Data Controller?
Smart-Chain is the Data Controller within the meaning of Article 4 paragraph 7 of the GDPR for the processing of data collected when accessing the Site or subscribing to the products mentioned in Article 1.4, as the company determines the essential means and purposes of processing this data.
1.4 - What are the Products?
The products concerned are those that are marketed on the Site and whose subscription involves the collection of personal data. These products include:

Launch: Empowers creating, managing, and selling assets (crypto, NFT) easily on a dedicated web3 platform. It supports the creation of features specific to the NFT Marketplace, allowing customization and creation of NFT collections by Clients;

Exchange: An NFT marketplace allowing users to buy and sell NFTs without intermediaries. It's a web 3.0 fast pass that offers a range of NFT products to accelerate the transition to web 3.0 while ensuring a personalized NFT experience that the Client controls and owns;
Engage: This tool helps build a community, stimulating growth and engagement, understanding, and recruiting members. It tracks campaign performance and helps get insights into a community using transparent and valuable Web3 data;

● Govern: This tool enables the creation of decentralized autonomous organizations (DAOs). DAOs have a governance system materialized by a smart contract. Access and voting weights are managed by fungible or non-fungible tokens. Treasury can be associated with the DAO, access rules defined by the governance system. It decentralizes the platform's management and evolution;
Secure: This is a solution to anchor document hashes in the blockchain and verify if a hash has been anchored. This product offers timestamp evidence to certify the priority of a document with a dedicated space for viewing anchors and verifying traceability;These 5 products will be collectively referred to as "the Products".
2 - Data Collected
Smart-Chain certifies that no sensitive or special data as defined in Articles 9 and 10 of the GDPR are collected in the context of your use of the Site or subscription to its Products.
The collected personal data includes:
2.1 - Site Access and Usage:
For accessing the Site and its usage, various data is collected based on the use:
For accessing the Site and its usage, various data is collected based on the use:

Prospects:
When you fill out an inquiry form or send an email to the address contact@smart-chain.fr, the collected data includes:
  • The name of your company and your position;
  • Your postal and email address;
  • Your phone number;
  • Your age, gender, and signature;
  • The content of the sent message;
  • History of sent messages;
Candidates:
When you send your job applications via email to the address contact@smart-chain.fr, the collected data includes:
  • Your first name and last name;
  • Your email and postal address;
  • Your CV;
  • The content of the sent message;
  • History of sent messages;
2.2 – Souscription et utilisation des Produits 
Clients:
In the context of subscribing to and using the Products, personal data is collected about you by Smart Chain.
The collected data includes:
  • Identification and authentication data: technical logs, computer traces, security and terminal usage information, IP address;
  • Tax data: tax number, tax status, country of residence;
  • Various legal documents: transfer deed, succession deed, resale of securities deed;
  • Banking, financial, and transactional data: banking details, card number, transaction-related data, including transfer information, investor profile, asset value;
  • Data related to payment of Products (Invoices, purchase orders, or quotes): name and first name of the legal representative of the Client company;
  • Data related to your habits and preferences;
  • Data related to the use of subscribed products and services in connection with banking, financial, and transactional data;
  • Data related to interactions with Smart Chain at our premises, on our Site, on our application, on our pages, on social media, during telephone or video conversations, in emails;
3 - Purpose and Legal Basis of Processing
Smart-Chain guarantees that each data is collected on a legal basis in accordance with Article 6 of the GDPR and that each data is processed for a specific, legitimate, and lawful purpose.

The table below reflects the purposes and legal basis for processing based on the collected data:
Tableau récapitulatif des données collectéesCollected Data Purpose of Processing Legal Basis  Prospect  Business prospecting (sending newsletters, commercial offers, white papers, etc.).  BtoC: Consent You can withdraw it at any time by clicking on the unsubscribe link.  BtoB: Legitimate Interest  Candidate Processing of applications (CV and cover letter)  Creation of a candidate database  Evaluation test and candidate screening  Pre-contractual measures (Contract Execution)  Consent You can withdraw it at any time by contacting us  Smart-Chain's legitimate interest in assessing your suitability for the relevant position  Client Allow the delivery of services from the Products.  Execution of services related to Product subscription?  Complaint management  After-sales service  Contract management (subscription, order, payments, and complaints).  Accounting  Customer relationship tracking  Satisfaction surveys  Product quality studies - Product testing  Sales statistics  Contract Execution (General Sales Conditions of the Products)  Legal Obligation  Legitimate interest in improving its Products  Common to all Users  Account creation  Managing requests to exercise various user rights: access, rectification, erasure, portability, opposition, and limitation rights.  Legitimate Interest  Legal Obligation (articles 12 to 23 GDPR)
4 - Access to Data
The subcontractors and service providers of Smart-Chain are subject to a confidentiality obligation and can only use the data in compliance with contractual provisions and applicable legislation.
4.1 - Smart-Chain
The collected data will be processed by Smart-Chain in strict accordance with this Policy. Access to collected personal data is strictly limited to individuals responsible for information processing.
Depending on the purposes defined in Article 3, the heads of customer service, support, administration, accounting, technical, marketing & sales at Smart-Chain may have access to Personal Data.

The heads of NFT Products have access to Client data, including teams responsible for the maintenance and hosting of Products.
4.2 - Subcontractors
Smart-Chain may transmit User Personal Data to third parties providing certain services on behalf of Smart-Chain.

Subcontractors as defined in Article 4 paragraph 8 of the GDPR may include providers, service providers, or partners. Smart-Chain may subcontract the following services:

- Hosting and maintenance of data;
- Sending postal or digital mail;
- Customer relationship management;
- Maintenance;
- Technical development of Products;
- Analysis;
- Customer assistance;
- Payment processing;
- Security operations;
- Advertising;

In accordance with Article 28 of the GDPR, access to your Data by our subcontractors is planned and governed by a contract. This contract that binds us with our subcontractors lists the various regulatory obligations imposed on them regarding the protection of Personal Data.

All service providers must comply with strict confidentiality obligations. Smart-Chain ensures compliance with these requirements to ensure that personal data is not processed for purposes other than those mentioned above.Smart-Chain maintains an up-to-date mapping of its subcontractors.
4.3 - Third Parties
Third Parties refer to all external recipients of personal data collected by the Site and the Products. Third parties as defined in Article 4 paragraph 10 of the GDPR include "a natural or legal person, a public authority, a service, or another body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data."

User's personal data is also transmitted to Third Parties such as Banks, Insurance, lawyers, notaries, auditors of Smart-Chain.

Dans une telle hypothèse, le Client sera préalablement informé par écrit d’une telle transmission de ses Données Personnelles et aura la faculté de s’opposer à cette transmission.

Case of Third Parties in the context of an activity transfer:User's personal data can also be transmitted to third parties in the event of a transfer of Smart-Chain's activities to a third-party company (merger, acquisition, dissolution, etc.).In such a case, the Client will be informed in writing in advance of such transmission of their Personal Data and will have the option to object to this transmission.
Case of "Authorized Third Parties":
User's personal data is also accessible to public authorities who have the power, under legislative and regulatory provisions, to demand the transmission of documents or information from organizations in the context of a specific investigation.
Authorized third parties under Article 4 paragraph 9 of the GDPR include:

- Tax administration;
- Social security (anti-fraud mission);
- Justice;
- Police, gendarmerie, bailiffs;
- When required by law, Smart-Chain may disclose User data if it is reasonably necessary for:
- Complying with legal processes, such as a court order, subpoena, search warrant, government or judicial investigation, or other legal requirement;
- Providing assistance in preventing or detecting illegal activity (subject to applicable law in each case);
- Protecting the safety of any person.
5 - Data Transfer
We retain your Personal Data within the European Union.

- These recipients are located in a country benefiting from an adequacy decision ; or
- These recipients are located in the European Economic Area (EEA); or
- Appropriate safeguards have been put in place (SCCs, BCRs, etc.).
6 - Data Protection
6.1 - Security Measures
Smart-Chain commits to ensuring the availability, integrity, and confidentiality (AIC) of collected data. In general, Smart-Chain implements appropriate technical and organizational measures to ensure a level of security adapted to the risks.

Employees of Smart-Chain are subject to an IT charter attached to the internal regulations to ensure an appropriate level of security.

Smart-Chain makes its best efforts, in accordance with the state of the art, to secure the Site and Products considering the complexity of the internet and mobile networks.
Personal data is processed to ensure maximum security.
To this end, Smart-Chain commits to implementing the following security measures:

- Pseudonymization and encryption of personal data;
- Means to ensure the constant confidentiality, integrity, availability, and resilience of processing systems and services;
- Means to restore the availability of personal data and access to it within appropriate timelines in case of a physical or technical incident;
- A procedure to regularly test, analyze, and evaluate the effectiveness of technical and organizational measures to ensure processing security;

Smart-Chain also ensures that its subcontractors and service providers implement all appropriate security measures for the personal data they process. Smart-Chain commits to regularly analyzing and evaluating the effectiveness of these measures.
6.2 - Data Breach
Smart-Chain promptly notifies the competent supervisory authority of any data breach as soon as it becomes aware of it and by any means.

In the event of a risk to the availability, integrity, or confidentiality of User data, Smart-Chain commits to notifying the competent supervisory authority of the breach within a maximum of 72 hours.

When the risk poses serious consequences for the availability, integrity, or confidentiality of data, Smart-Chain is obligated, pursuant to this Policy and applicable regulations, to inform the Users.
7 - Smart-Chain's Obligations as a Processor
When Smart-Chain acts as a processor on behalf of its Clients who have subscribed to a Product, its obligations are described in the general terms of service of these Products.
8 - Retention Periods
Personal Data is retained for a duration that does not exceed the time necessary for the purposes for which it is collected and processed.

A retention period is determined based on each purpose:
At the end of the specified duration, collected data will be either:
- Deleted;
- Anonymized;
- Archived: The necessity of each processing must be evaluated, and for each of these phases, a selection will be made among the data;

When the retention of Data is no longer justified by the management of a Client account, a legal obligation, business requirements, identification, exercise or defense of our legal rights, or when you withdraw your consent or request us to do so under one of your rights, we securely delete your Data.
9 - Exercising Rights
In accordance with Articles 15 to 22 of the GDPR, any User can exercise the following rights by simple written request, sent by postal mail or by email to the following address: Contact@smart-chain.fr.In accordance with Articles 15 to 22 of the GDPR, any User can exercise the following rights by simple written request; proof of identity may be requested if there is serious doubt about your identity.Any request must be clear, precise, and justified. In any case, Smart-Chain recommends contacting the CNIL to learn more about regulations concerning personal data protection, the rights of individuals, and the possibility of filing a complaint with this authority: https://www.cnil.fr/fr/cnil-direct/question/adresser-une-reclamation-plainte-la-cnil-quelles-conditions-et-comment.
The rights of Users are as follows:Right of access:

- Any User can request access to their data and the right to receive a copy of their personal data.
- Right to erasure and rectification: Any User can also request the erasure of their personal data as well as the rectification of inaccurate or outdated personal data.
- Right to object: Any User can object to the processing of their personal data, including withdrawing consent to the processing of their personal data at any time.
- Right to restriction: Any User can also request the restriction of processing of their personal data. This right applies if the User disputes the accuracy of their personal data, or in case of unlawful processing, or if Smart-Chain no longer needs the personal data for processing but they are still needed for the establishment, exercise, or defense of legal claims, or in case of exercising the right to object during the verification period to determine whether the legitimate grounds pursued by Smart-Chain prevail over those of the User.
- Right to data portability: Any User also has the right to data portability, meaning the right to receive the data that Smart-Chain possesses in a structured, commonly used, and machine-readable format, and the right to transmit this data to another data controller.
- Right to determine the fate of data after death: Any User, as an individual, also has the right to define directives regarding the fate of their personal data after their death.
- Right not to be subject to automated decision-making.
10 - Contact
If you have questions regarding the use of your personal data covered by this document, you can contact us at this address: contact@smart-chain.fr. 

In case of disagreement with this policy, you have the possibility to file a complaint with the CNIL:
- Either online via the form accessible on the following page: https://www.cnil.fr/fr/plaintes
- Or by mail at the following address: CNIL, 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07.