@extends('public.layout') @section('title') Your crypto trading advisor | myfo @endsection @section('content')

Privacy Policy

Last updated on January 28 2022

We at myfo SAS value the integrity of personal data and aim to process personal data fairly and transparently. This Privacy Policy describes the types of personal information we obtain, how we may use that personal information, with whom we may share it and how you the concerned persons may exercise their rights regarding our control, if any, and processing of such data. The Privacy Policy also describes the measures we take to safeguard the personal data we obtain and how we can be contacted about privacy issues.

Scope of this Privacy Policy

This Privacy Policy aims to describe how we process, for our own purposes, the personal data we collect or store about natural persons who visit our website https://crypto.myfo.fr/ (respectively “you” and the “Site”), use the services based on a software owned and operated by us (“Services”) or otherwise interact with us.
This Privacy Policy applies only to your relationship with myfo crypto. It does not apply to the interactions that you have with any other individual, entity, investor or other group through the use of our Services.
We treat your data in capacity as data controller within the meaning of the General Data Protection Regulation (known as the “GDPR”).
Any capitalized term not otherwise defined in this Privacy Policy shall have the meaning set forth in the General Conditions of Use of myfo crypto.

Identity and contact details

Personal data is received or collected by myfo SAS, a company registered under the laws of France, company ID number RCS 881 061 840 and having its registered office at Le Relecq-Kerhuon (France). In this Privacy Policy, “myfo crypto”, “we” and “us” refer to myfo crypto, as controller of your personal data, acting for its myfo SAS division. If you have any questions regarding this Privacy Policy, feel free to email us directly at: info@myfo.fr You may lodge any complaints on the manner in which we handle your personal data with your local supervisory authority.

Data collected

In subscribing to our Services, filling in a contact form on the Site, or using our Services, you acknowledge that (i) we have access to your personal data given by you and (ii) we may receive, collect, store, enrich or otherwise process and/or use any personal data thus provided in accordance with this Policy.
Personal data collected may include information about who you are, how to contact you, the account through which you use our Services, your browsing data and other technical data collected automatically through your activity on our Site or in respect of our Services.
You are responsible for ensuring that any third party whose personal data is entered into the Site by you through your use of a Service has been adequately informed and has consented to their personal data being collected.

Purposes of processing and legal basis

In general, we use your personal data:

Our principal purpose for collecting and processing your personal data is to offer you an optimum, efficient and personalized experience when you use our Services. To this end, you acknowledge that we may use your personal data, on the basis of our legitimate interest in offering high quality services and developing our customer relationship.
If you are a Customer, we process:

If you visit our website, we may process your electronic identification data in aggregate form to measure the frequency on our website, improve your browsing experience and to detect and prevent fraud and computer security breaches.
If our workplaces are equipped with surveillance cameras, we are able to request access to images about you only when such access is necessary to pursue our legitimate interest in detecting offenses or incivilities and to the extent permitted by applicable law.

We may also process some of your personal data for the following purposes:

Marketing emails

Subject to your consent, we may use your personal data to send you marketing communications by email. You may unsubscribe from receiving any marketing emails we may send you at any time by following the unsubscribe link included in every marketing email sent to you by myfo crypto or by sending an email to myfo@info.fr

How we share your personal data

Your personal data may be consulted by members of our staff who need it to carry out their mission.

Certain personal data relating to you may be shared with myfo crypto's partner companies or third-party providers so that we may obtain assistance and support in the context of carrying out our Services. Myfo crypto ensures that it has in place clear data protection requirements for all of its third-party providers.

Among other things, we ensure that our processors undertake to process personal data only on our instructions, not to hire subprocessors without our prior authorisation, to take appropriate technical and organisational measures to guarantee the security of personal data, to ensure that persons authorised to access personal data are subject to adequate obligations of confidentiality, to return and/or delete the personal data they process at the end of their services, to comply with audits and to provide us with assistance in following up requests from data subjects for the exercise of their rights regarding their personal data.

Myfo crypto does not disclose your personal data to third parties, except as provided herein and except if: (1) you requests or authorizes such disclosure; (2) the disclosure is required to supply the Services; (3) myfo crypto is compelled to do so by a government authority or a regulatory body, in the case of a court order, a summons to appear in court or any other similar requisition from a government or the judiciary, or to establish or defend a legal application; or, (4) the disclosure is necessary to comply with myfo crypto legal and/or regulatory obligations.

The following recipients may receive or have access to some of your personal data (only if necessary for the performance of their tasks):

Myfo crypto does not sell or rent your personal data to third parties for their own marketing purposes.

Myfo crypto will inform you immediately to the extent we are legally authorized to do so, in case of any application or order originating from an administrative or judicial authority relating to your personal data.

Cookies/Tracking

As a general rule, myfo crypto uses cookies to improve the Site and/or measure its audience. Cookies are files saved on your computer’s hard drive when browsing on the Internet and in particular on our site. A cookie is not used to gather your personal data without your knowledge but instead to record information on site browsing which can be read directly by myfo crypto on your subsequent visits and searches on the site.

The cookies used by myfo crypto are intended to enable or facilitate communication, to enable the services requested by users to be supplied, to recognize users when they revisit the Site, to store the first referrers of traffic, to register logged-in sessions and to enable myfo crypto, internally, to carry out analyses on hit rates and browsing experience so as to improve content, and to track email opening rates, click rates and bounce-back rates at individual levels.

By default, cookies are not installed automatically (with the exception of those cookies needed to run the site and the myfo crypto's services), and your consent is sought prior to their installation by way of a banner, in compliance with applicable regulations. You may provide your consent implicitly by continuing your navigation on the website after having been informed of the use of cookies.

You can choose to decline acceptance of any or all cookies, but depending on the cookies you choose to decline, your experience of the Site may be deteriorated.

Your data protection rights

You can have access to your personal data

You have the right to request access to your personal data. We will then provide you with an overview of the personal data we process on you and if you request, provide you with additional information such as why these personal data are processed, the origin of the data, the types of third parties with whom we share your personal data, etc.

You can correct your personal data

If you notice that certain data that myfo crypto holds about you are no longer correct, you can adapt them.

You can have your personal data deleted

In certain cases (e.g. if you suspect that myfo crypto has unlawfully processed your personal data), you can ask for your personal data to be deleted. This may result in your access to the Services being blocked or permanently cancelled.

You may object to the use of certain personal data

You may object (without a motivation) to the use of your personal data for marketing purposes.
If you have a specific reason (motivated request), you can object to myfo crypto using your personal data for purposes other than those required for the performance of an agreement or for complying with a legal obligation (e.g. fraud prevention). In case of a justified request, myfo crypto will stop using your personal data unless we have compelling grounds to continue using it.

You may withdraw a consent previously given

Whenever you give us explicit consent to process personal data for specific purposes (e.g. sending marketing emails), you may withdraw the consent previously given at any time.

You may request the transfer of your personal data

You may have the right to request transfer of personal data in machine readable format directly to a third party where this is technically feasible.

Exercising your rights

You may request to exercise your rights by sending us an email at myfo@info.fr. We will acknowledge receipt of your request shortly after receipt, but it may take up to 30 days for us to react to your request (unless specific circumstances justifying a longer reaction time apply, in which case you will be notified accordingly). We may require that your request be accompanied by a photocopy of proof of identity or authority.

Data retention period

Myfo crypto will only retain your personal data for as long as necessary to fulfill the purposes

Myfo crypto collected it for, including for the purposes of satisfying any legal or accounting requirements.

Myfo crypto retains the personal data it receives or collects about you in active databases, log files or other types of files so long as you use our Services, and in accordance with the current regulations in force.

Myfo crypto in no way undertakes to store all your data indefinitely. You are able to access your data so long as you hold or use an active account with us and for a period that varies depending on the type of data concerned but, in no event for longer than one year after closing of the Customer Account in respect of which your data have been collected.

Myfo crypto keeps invoices and other accounting documents (which may include some of your personal data) for a period of seven (7) years from the end date of the accounting year when they were issued in accordance with accounting laws. These accounting documents may, where applicable, contain certain personal identification data, professional identification data and contact data.

Myfo crypto also uses the following criteria to determine the retention periods of personal data according to the context and purposes of each processing activity:

Location of data storage and international transfer

The host servers on which myfo crypto processes and stores its databases are located in the France. However, some data might transit through and/or be stored outside of the France via the usage of certain third-party processors located in the United States. Any transfers towards such third-parties will be protected by adequate frameworks such as a Privacy Shield certification or a data transfer agreement based on the EU Commission’s model clauses.

Security

Within the framework of the Services, myfo crypto attributes the very highest importance to the security and integrity of personal data.
Thus and in accordance with the GDPR, myfo crypto undertakes to take all pertinent precautions in order to preserve the security of the data and, in particular, to protect them against any accidental or unlawful destruction, accidental loss, corruption, unauthorized circulation or access, as well as against any other form of unlawful processing or disclosure to unauthorized persons.
To this end, myfo crypto implements industry standard security measures to protect personal data, including Customer Data from unauthorized disclosure.  Such measures include the following:

Authentication
Myfo crypto is served 100% over https.

Hosting
All of our services run in the cloud. XXX does not host our own routers, load balancers, DNS servers, or physical servers. All our services and data are provided and hosted in OVH Cloud facilities in France. OVH Cloud has implemented strong security protocols, as explained here: https://us.ovhcloud.com/about/company/security
All personal data is stored in the EU. Personal data is stored in multi-tenant datastores, we do not have individual datastores for each user. However strict privacy controls exist in our application code to ensure data privacy and prevent one club from accessing another club data.

Data Transfer
All data sent to or from myfo crypto is encrypted in transit using strong TLS encryption (we followed Mozilla's recommendations). Our API and application endpoints are TLS/SSL only and score an "A+" rating on SSL Labs' tests. This means we only use strong cipher suites and have features such as HSTS fully enabled.
Moreover, in order to avoid in particular all unauthorized access, to guarantee accuracy and the proper use of the data, myfo crypto has put the appropriate electronic, physical and managerial procedures in place with a view to safeguarding and preserving the data gathered through the use of its Services.
Notwithstanding the above, there is no absolute safety from piracy or hackers. That is why in the event a breach of security were to affect your rights, XX undertakes to inform you thereof without undue delay and to use its best efforts to take all possible measures to neutralize the intrusion and minimize the impacts.

Privacy policy changes

This Privacy Policy may change at any time, in particular pursuant to any changes in applicable law, or if we make any substantial improvements, additions or changes to our practices regarding your personal data. It is your responsibility to review this Privacy Policy frequently and to remain informed of any changes. The then-current version of this Privacy Policy will supersede all earlier versions. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this Privacy Policy or other notice on the Site. If we make material changes to this Privacy Policy, we will notify you through email or any other electronic notification.

@endsection