Privacy Policy

Last version: November 30, 2022

Kinetix, a simplified joint-stock company (“société par actions simplifiée”) with capital of 2,050 euros, registered with the Trade and Companies Register of Paris (France) under no. 887 848 349, having its registered office at 9 rue des Colonnes, 75002 Paris (France) (hereinafter “Kinetix”, “We”, “Us” or “Our”) attaches great importance to the protection of Your personal data and closely monitors respect for protective provisions relating to privacy and the processing of personal data, in particular European Regulation no. 2016/679 of 26 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the law of 6 January 1978 entitled "Data processing and freedoms" (“informatique et libertés”) as amended in 2018 (hereinafter the “Applicable Legislation”).

For the purposes hereof, “You” or “Your” means the individual whose personal data is collected for the purposes set forth herein and who is a “data subject” within the meaning of Applicable Legislation.

Kinetix undertakes to protect Your privacy. The aim of this privacy policy (hereinafter the “Policy”) is to describe how and when Kinetix, as a “data controller” pursuant to Applicable Legislation, collects, uses, and discloses certain personal data that You submit, to meet Your needs but also to optimize and improve the quality of the services We offer, and which are described in Our General Terms and Conditions (the “Services”).

This Policy and the General Terms and Conditions accessible on our Platform form an indivisible whole.

Definitions

"Applicable Law": refers to the legislation applicable to the Processing of Personal Data, including the GDPR, supplementary national legislation, as well as practices, guidelines and recommendations issued by a national or EU supervisory authority.

"Controller": is the company/organization that decides for what purposes and in what way personal data is to be processed and is responsible for the Processing of Personal Data in accordance with Applicable Law.

"Data Subject": is the living, natural person whose Personal Data is being processed.

“Dashboard”: refers to the Dashboard on the Platform, accessible by the User via the Platform Login. User Dashboards are an integral part of the Platform.

“Platform”: means the website accessible at the URL addresses https://kinetix.tech/, https://studio.kinetix.tech, https://marketplace.kinetix.tech (hereinafter the "Site") of the Company.

"Personal Data": is all information relating, directly or indirectly, to an identifiable natural person.

"Processing": means any operation or set of operations which is performed on Personal data, e.g. storage, modification, reading, handover, and similar.

"Processor": is the company/organization that processes Personal Data on behalf of the Controller and can therefore only process the Personal Data according to the instructions of the Controller and the Applicable Law.

“Services”: refers to all the services offered by KINETIX to Users via the Platform, and as defined in the article "Description of Services". The Services are an integral part of the Platform.

“Users”: means any person who accesses and uses the features of the Platform. The definitions above shall apply in the Policy regardless if they are capitalized or not.

What personal data do we process?

Within the framework of the processing of Personal Data, KINETIX collects and processes the following data in its capacity as a Data Controller:

  • data of civil status (civility), identity (name, first name), identification (e-mail address, postal address, and telephone number);

    • name, surname, gender, email address, occupation, industry, the reason for using Our Services

  • connection data (IP addresses, event logs);

  • payment method data (payment method);

  • information on your usage of the service or product.

It may also happen that Users communicate other data by contacting Kinetix by email or through our customer service.

In order to provide our services to our Users, we may receive personal information about you from other sources, including:

  • Social media platforms where Kinetix is actively communicating (e.g. Facebook, Twitter, and Discord)

  • Partners Websites

  • Secondary marketplaces (e.g. Opensea and Rarible)

  • KINETIX newsletter registration

What do we do with this data?

As per Applicable Legislation, Your data will only be used by Kinetix for specified, explicit, and legitimate purposes and if an appropriate and relevant legal basis permits it. The following table summarizes these purposes and legal basis:

With whom do we share your personal data?

In the context of the purposes outlined above, we may transfer some of Your data to third parties such as:

  • IT services providers, for the purposes of hosting Your data, maintaining and improving our systems;

  • companies within Our group of companies;

  • Our accountants and counsels.

We also draw Your attention to the use of authentication buttons provided by Google, Facebook or Apple such as "Connect via ...". The use of these buttons simplifies, in some cases, the entry of Your details in order to complete a form. The use of these buttons may lead to the collection of personal data by Google, Facebook, or Apple.

We invite You to be vigilant and to consult the personal data protection policies of these companies so that You are precisely aware of the information which is collected by these sites and applications as well as the purposes of use of Your data, in particular for advertising purposes, and how You can object to their processing.

In the event of a transfer outside the European Union, We ensure that Our processor or partner offers sufficient guarantees with regard to Applicable Legislation (in particular by means of standard contractual clauses of the European Commission).

If Our business is sold or merged with another company, Your data may be disclosed to Our counsels, any potential purchasers and advisors, and transferred to new assignees or beneficiaries of the business.

We can also share information about You:

  • in response to a request for information from a competent authority, if We believe that disclosure of such information is lawful or required by any applicable law or regulation, or in the course of legal proceedings;

  • with representatives of law enforcement, judicial or administrative authorities, or other authorized third parties.

We may make certain Personal Data available to strategic partners who work with us to provide services or help us market our services.

How long is your data kept?

Your data will be kept for a period not exceeding that necessary to fulfill the purposes set out in this Policy.

If Your data is no longer required for the purposes stated in this Policy, it will be duly deleted or anonymized unless it is necessary to keep it for longer:

(i) to ensure compliance with legal, accounting, and tax retention requirements, i.e. 10 years;

(ii) for the retention of evidence during the applicable prescription periods, i.e. 5 years;

(iii) for commercial prospecting purposes, i.e. 3 years from the end of Our business relationship with You or from Our last contact with You.

How do we ensure the security of your data?

We have implemented measures to protect the confidentiality, security, and integrity of your Personal Data, against unauthorized access and disclosure, modification, alteration, damage, accidental loss, or accidental or illicit destruction, as well as against any other form of illicit processing or communication to unauthorized persons.

Access to Personal Data is restricted to those employees, partners, and service providers who need to know the information, to whom we impose strict security and information protection rules.

However, we cannot guarantee you against any loss, destruction, or damage of your Personal Data. We are not held, or able to carry out a safeguard of your data present on your dashboard.

Our backup services will not make a backup of your data present on your dashboard; consequently, you must use a secondary backup source. In other words, unless it is caused by our negligence or willful misconduct, we take no responsibility for the loss of data.

In addition, when you need to choose a password to access certain parts of the Platform that require you to log in to your dashboard, it is your responsibility to choose a secure password (strong, unique (i.e. not used for another site and/or application, etc.) and to keep it confidential and safe. Passwords are kept encrypted to ensure their confidentiality.

What are your rights?

Right to information

You acknowledge that this Privacy Policy informs you of the purposes, legal framework, interests, recipients, or categories of recipients with whom your Personal Data is shared. If we decide to process data for purposes other than those stated, we will communicate the full information about the new purposes.

Right of access and rectification of your data

You have the right to access and correct your Personal Data, which you can exercise by sending a mail to the following email address at dpo@kinetix.tech, or by post at Kinetix, 9 rue des Colonnes 75002 Paris.

In this respect, you have the right to confirm whether or not your Personal Data is being processed and, if so, to request access to it, as well as, upon request, information concerning:

  • the purposes of the Processing;

  • the categories of Personal Data concerned;

  • the recipients or categories of recipients as well as the international organizations to whom the Personal Data have been or will be communicated, in particular recipients who are established in third countries;

  • where possible, the period of time for which the Personal Data will be kept or, where this is not possible, the criteria used to determine this period;

  • the existence of the right to ask the data Controller to rectify or erase your Personal Data, the right to request a limitation of the Processing of your Personal Data, the right to object to such Processing;

  • the right to lodge a complaint with a supervisory authority;

  • information about the source of the data when it is not collected directly from the Data Subjects;

  • the existence of automated decision-making, including profiling, and in the latter case, relevant information about the underlying logic and the significance and intended consequences of such Processing for the Data Subjects.

You can ask us to correct or complete your Personal Data if they are inaccurate, incomplete, ambiguous, or out of date.

Right to the deletion of your data.

You may request that we delete your Personal Data when any of the following reasons apply:

  • the Personal Data is no longer necessary for the purposes for which they were collected or otherwise processed;

  • you withdraw the consent previously given;

  • you object to the Processing of your Personal Data when there are no legal grounds for such processing;

  • the Processing of Personal Data does not comply with the provisions of the applicable laws and regulations;

  • your Personal Data has been collected in the context of offering information society services to children under the age of 16.

However, the exercise of this right will not be possible when the conservation of your Personal Data is necessary with regard to the legislation or the regulation and in particular for example for the establishment, the exercise or the defense of rights in justice.

Right to limit data processing

You may request the restriction of the Processing of your Personal Data in the cases provided for by the laws and regulations.

Right to object to data processing

You have the right to object to the processing of your personal data where the processing is based on the legitimate interests of the Controller.

Right to data portability

Since May 25, 2018, you have the right to portability of your personal data, when:

  • the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a), or on a contract pursuant to Article 6(1)(b) of the GDPR; and

  • the Processing is carried out by means of automated processes.

In this case, we may provide you with the data that you have submitted to us or that we have received from you in connection with a contract that we have entered with you. You will receive your information in a commonly used and machine-readable format that you can transfer to another Personal Data manager, or we will send it directly to them, on your request, if that’s possible.

Where the data processing operations we carry out are based on your consent, you may withdraw them at any time. We will then stop processing your Personal Data without affecting the previous operations to which you have consented. Please note that you can only withdraw your consent for future Processing of Personal Data and not for Processing that has already taken place.

Right to appeal

If you consider that we do not respect its obligations with regard to your Personal Data, you can send a complaint or a request to the competent authority.

In France, the competent authority is the Commission Nationale de l'Informatique et des Libertés (Cnil), to which you can send a request electronically by clicking on the following link: https://www.cnil.fr/fr/plaintes/internet

Right to define post-mortem directives

For French Users, you have the ability to set up instructions for the retention, deletion, and disclosure of your Personal Data after your death with a trusted, certified third party who is responsible for carrying out the wishes of the deceased in accordance with the requirements of the applicable legal framework.​​

How to exercise your rights

You can exercise your rights electronically at dpo@kinetix.tech, or by post at Kinetix, 9 rue des Colonnes 75002 Paris.

To do so, you must clearly indicate your name(s) and surname(s), the address to which you wish the reply to be sent and the email address used to access the Dashboard.

As a matter of principle, you may exercise all of your rights free of charge. However, with respect to the right of access, you may be required to pay a reasonable fee based on administrative costs for any copy of the data you request.

Concerning the right to information, Kinetix will not be obliged to follow up when you already have the information you are requesting.

Kinetix will inform you if it is unable to satisfy your request.

Kinetix would like to inform any modification or missing information in your Personal data are likely to have consequences in the treatment of certain requests within the framework of the execution of Services and that your request under the exercise of your rights will be preserved for follow-up purposes.

Cookies

Cookies are pieces of information placed on the Internet user's terminal equipment by the server of the website visited. They are used by a website to send information to the Internet user's browser and to allow this browser to send information back to the website of origin (for example, a session identifier or the choice of a language).

How does it work?

Only the sender of a cookie can read or modify the information contained in it.

There are different types of cookies:

  • session cookies that disappear as soon as you leave the website or the mobile application;

  • permanent cookies that remain on your terminal until their lifetime expires or until you delete them using your browser's functions.

You are informed that, during your visits to the Platform, cookies may be installed on your terminal equipment.

To know more about our use of cookies inside our Platform, please see the cookie policy here:

How can You restrict or delete cookies?

You may delete and block all cookies from this website, but please be aware that restricting or deleting cookies may impact the functionalities of the Services.

Your web browser may allow You to restrict or delete cookies set by Our website. The Help function within Your browser should tell You how. Alternatively, You can visit www.allaboutcookies.org which provides general information about cookies and how You can manage cookies on Your device.

To opt out of being tracked by Google Analytics across all websites visit - http://tools.google.com/dlpage/gaoptout.

Modification of this Policy

We may update this Policy at any time. If We make significant changes to the way in which We process Your personal information or this Policy, We will notify You through a dedicated electronic communication or through our Platform.

We invite You to periodically review this Policy to ensure You are up to date with Our privacy practices.

How can you contact us?

If You have any questions or requests regarding this Policy or in general about how We process Your data, You may contact us by mail at the following email address at dpo@kinetix.tech, or by post at Kinetix, 9 rue des Colonnes 75002 Paris.

Last updated