Version of April 2, 2024

This Charter applies to the website www.wydin.com and the Wydin application, the use of which implies unconditional acceptance of this Charter and the General Terms of Service available on the aforementioned website, which refer to this Charter.

The capitalized terms in this Charter are defined in Wydin’s General Terms of Sale, available on the website www.wydin.com and on the Wydin application.

1. Principles of What WYDIN Does

As part of its activity, WYDIN collects, stores, and processes personal data provided by entrepreneurs and professionals using the MARKETPLACE on www.wydin.com and the Wydin application. This data includes identity and contact details, billing information, login credentials, IP addresses, hyperlinks, VAT numbers, banking details, and information related to the services offered by the USER via the MARKETPLACE (hereinafter referred to as the "Site").

The purpose of this document is to present, in a concise, transparent, and accessible format, information about how data is processed, ensuring users understand the conditions under which their data is handled.

WYDIN complies with the obligations set out by the European General Data Protection Regulation (GDPR) No. 2016/679 and relevant national data protection laws in the countries where it operates. In France, this includes compliance with the "Informatique et Libertés" law of January 6, 1978, as amended by Law No. 2004-801 of August 6, 2004.

WYDIN is committed to collecting only the necessary data to provide an optimal service, ensuring confidentiality and security, and facilitating the exercise of your rights over your data, including when third-party service providers are involved.

WYDIN may also track user behavior on its site for user support, analytics, research, service development, fraud prevention, risk assessment, regulatory compliance, investigations, and access to the Site. Data is collected fairly, with full transparency, and without users being unaware.

Every data processing activity by WYDIN is carried out for a specific, legitimate, and explicit purpose. WYDIN ensures that only adequate, relevant, and limited data is collected and used strictly for the intended purposes.

2. Data Controller for Personal Data Processing

The data controller for the personal data collected is WYDIN, a simplified joint-stock company with a capital of €10,000, registered under number 921 024 188 RCS Paris, with its registered office at 13 rue de Naples, 75008 Paris, represented by its President, domiciled in this capacity at the registered office.

The data controller can be contacted either by mail at the company’s registered office address or by email at contact@wydin.com.

3. Data That May Be Collected

WYDIN does not process sensitive data, such as information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health-related data, or data concerning a person’s sex life or sexual orientation.

As part of your use of the Site's services and your browsing activities, WYDIN may collect and process several categories of data. These can come from the information you provide on the Site or from data generated by your use of the Site. Below is a detailed overview:

• Identification data: Title, first and last name, email, phone number, postal address, profile pictures, identity card details.
• Professional information: Occupation, business contact details.
• Economic and financial data: Bank account details, VAT number, billing data, accounting contacts.
• Browsing data: Connection logs, IP address, necessary cookies, and other cookies (as detailed in the Site's Cookie Policy).
• Transaction-related data: Identification and contact details of parties involved, transaction amounts, services provided, transaction frequency.
• Secure messaging data: Sender and recipient identification, date and time of messages, message content (only when necessary for fraud prevention, user support, or legal and regulatory compliance).
• Communication with WYDIN support teams: Content of discussions, duration, and follow-up actions.
• Statistical data: Usage of secure messaging, connection and navigation data, search engine interactions, engagement with Site modules, business metrics such as completed projects and transaction volumes by industry.
• User reviews and recommendations: Feedback and comments provided by users on the Site.

4. Purposes of Processing Collected Data

The data collected allows WYDIN to provide, administer, protect, and improve its services, develop new services, ensure technical support for using the Site, manage production and track subscriptions, evolve its services, and protect both the USERS of the Site and WYDIN itself from potentially fraudulent use of the Site.

The collected data is also processed to enable WYDIN to have the necessary information for fulfilling its online intermediary services, to comply with legal and regulatory obligations applicable to WYDIN, for the retention, publication, dissemination, and archiving of WYDIN's production, and for the legitimate interest of WYDIN.

Data is only used for the purposes for which it was collected.

5. Recipients of the collected data

The recipients of the collected data are exclusively WYDIN and authorized members of WYDIN, as well as any individuals acting on behalf of WYDIN within the scope of its online intermediary activity (such as payment service providers, whose identity is indicated on the payment page of the Site, or hosting service providers for the Site and its content). WYDIN applies an authorization policy to ensure that the data it processes is only shared with individuals authorized to access it.

When WYDIN uses a service provider, it only shares personal data after obtaining a commitment and guarantees from the provider regarding its ability to meet these security and confidentiality requirements.

WYDIN may share information related to registered users of the Site in response to requests for information from investors, accountants, or any auditor of WYDIN, particularly in the context of potential fundraising efforts or verification of the use of raised funds, or for legal and regulatory compliance purposes related to WYDIN and the Site.

WYDIN may retain or disclose information if it reasonably believes it is necessary to fulfill any legal or regulatory obligation, legal proceeding, or administrative request, to protect an individual's safety, to address any fraudulent, security, or technical issues, or to protect the rights or property of its users.

6. Location of Data Storage

The collected data is stored and retained on servers located within France and/or the European Union.

7. Retention period of collected data

WYDIN may retain personal data for as long as necessary for the operations for which the data was collected, as follows:

• Up to ten years after the last contact between WYDIN and the user, in order to comply with accounting obligations, social security payment obligations, as well as declaration and documentation requirements to the tax authorities,
• Up to five years after the last contact between WYDIN and the user for other cases.

8. Data Security

WYDIN implements appropriate technical and organizational measures to ensure the security, confidentiality, integrity, availability, and ongoing resilience of the information system used by the Site and your data, and to protect the data being processed from destruction, loss, alteration, unauthorized disclosure, or unauthorized access to the data. WYDIN is committed to using all reasonably available means to ensure the security and confidentiality of this data, particularly:

• Encryption of most of its services using TLS/SSL technology,
• Verification of your email address when creating your account on the Site.

9. Your rights

‍

Users whose personal data is collected have the following rights:

The right of access to their collected personal data,
The right to object to the processing of their personal data,
The right to request the limitation of the processing of their personal data,
The right to request access, rectification, erasure, or portability of these data,
The right to withdraw consent given regarding the collection and processing of all or some of their personal data,
The right to give instructions on the fate of their data after death.
Users can exercise their rights by sending a request accompanied by a certified true copy of an identity document, dated and signed, to contact@wydin.com or by mail to WYDIN's address at 13 rue de Naples 75008 PARIS, FRANCE.

Any request that does not comply with this procedure will be considered potentially fraudulent, and WYDIN is not obligated to respond. In such cases, the lack of response will never be a source of liability for WYDIN, which the user expressly accepts as part of WYDIN's data security policy in the interest of the concerned individuals themselves.

10. Deletion of User Account / End of Subscription to the WYDIN Site

‍

The USER's account on the WYDIN site can be deleted at any time by the USER. Deleting the account results in the permanent and irreversible deletion of the account and all the information it contains.

The deactivation, if applicable, or deletion of the account by the USER during the subscription does not terminate the subscription before its expiration, and the monthly subscription fee will remain due until the end of the current subscription period.

The end of the subscription, deactivation, if applicable, or deletion of the user account does not automatically result in the deletion of the personal data collected in relation to the said subscription or account, which will remain stored and managed until the end of the retention period indicated above. It is specified that you can request early deletion of your data as outlined in Article 9 above.

11. Modifications

WYDIN reserves the right to modify this Data Protection Charter at any time. The most current version of this Charter governs the use of your data and is available at: www.wydin.com and on the Wydin application.

If WYDIN makes a substantial modification to this data protection charter, it commits to notifying you via the email address you provided on the Site.

12. Clarifications, questions - Complaints

If you would like to obtain clarification or have a question regarding this Charter, you can contact us at the following address: contact@wydin.com.

If, after contacting us by sending a request along with a certified copy of an identity document, dated and bearing your signature, to contact@wydin.com or by postal mail to WYDIN at 13 rue de Naples 75008 PARIS, FRANCE, and in the absence of a response within fifteen days of receiving the request, or if the response does not satisfy the user who believes that their "Data Protection and Privacy" rights are not being respected, they may file a complaint with the CNIL.

If the complaint is not satisfactorily resolved by the CNIL, the complaint may be taken before the Paris Commercial Court by either WYDIN or the user.

13. Applicable law

‍

This Charter, its conclusion, execution, interpretation, termination, and any matters related to it, are governed by French law.