MAINBOT SAS, a simplified joint stock company with a capital of EUR 3,807.33, registered in the Evry Trade and Companies Register under number 824 611 800, whose registered office is located at 73 rue Léon Bourgeois, 91120, Palaiseau in France (hereinafter “Company”).: https://www.getwinkies.com and hereafter called “Mainbot”.
Within the framework of the implementation of the Services proposed by MAINBOT, the latter will be required to process personal data (hereafter “Personal Data”), as a consequence it undertakes to respect the privacy of its contacts (users, content creators, partners… hereafter referred to as “Contact(s)”) and to treat Personal Data confidentially. This Personal Data is collected in accordance with the provisions of the European Regulation 2016/679 on the protection of personal data (GDPR) and the French law n°78-17 of January 6, 1978 relating to data processing, files and freedoms. The terms defined in article 4 of the GDPR apply to this GDPR Policy and are themselves mentioned with capital letter. MAINBOT is qualified as the “Data Controller”.
As a reminder, Personal Data is any information relating to “a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (identified or identifiable natural person).
The purpose of this GDPR Policy is to inform on one hand about the way MAINBOT, in its capacity as Data Controller, collects and processes Personal Data of the Contacts and on the other hand about the means available for these Contacts to control this use and to exercise their rights relating to it.
By browsing the Site, the Contact certifies that he/she has read and understood this GDPR Policy and accepts its terms.
This GDPR Policy applies not only to the Site, but also to MAINBOT’s activity in relation to its Contacts. The GDPR Policy may be subject to updates. In the event of significant changes to this GDPR policy, the Contact will be required to express its clear consent to such changes, failing which they will be required to cease using the MAINBOT Services.
2. Processed Personal Data
The Personal Data processed in the context of the Services offered by MAINBOT are:
For participants in the Winkies offer (White list, pre-ICO, ICO):
Name, first name, email address, crypto wallet (public key), information required for prevention of money laundering and terrorist financing’s check
Last name, first name, pseudo, email address, crypto wallet (public key)
The collection of Personal Data is limited to the strict minimum. Consequently, only relevant, adequate and limited information is collected in relation to the purposes for which it is processed.
3. Purposes of the processes
The purposes of this Processing of Personal Data is to allow the Contacts to benefit from the Services offered by MAINBOT and for which the Processing of Personal Data is essential. Thus, the collection and Processing of Personal Data by MAINBOT responds to specified, explicit and legitimate purposes, namely:
For participants in the Winkies offer (White list, pre-ICO, ICO):
– Account management, relationship follow-up – Allocation, management of Winkies and accounting, – preventing money laundering and terrorism financing and fighting against corruption; – Organisation, registration, sending of articles, information and invitations to events – Prospecting and animation.
– Account management, relationship monitoring – Allocation, management of Winkies and accounting, – Organisation, registration, sending of articles, information and invitations to events – Prospecting and animation.
4. Legal basis of the Processing
The collection and Processing of Personal Data is based on the consent of the Contact for all cases where he/she transmits his/her Personal Data in order to benefit from the Services offered by MAINBOT. This consent can be withdrawn at any time (see below 9).
The collection and the Processing are also based on the legitimate interest of MAINBOT, the execution of pre-contractual measures or of a contract with the Contact, the respect of legal and regulatory obligations.
5. Recipients of Personal Data
With the exception of service providers that MAINBOT uses to provide the Services, MAINBOT is the sole recipient of the Personal Data collected and will not sell this Personal Data without your express consent.
The Personal Data will be processed exclusively on the territory of (i) France, (ii) and/or any other member state of the European Union, (iii) and/or any other signatory state of the agreement on the European Economic Area or Switzerland (iv) and/or any other state ensuring an adequate level of protection (hereafter referred to as the “Territory”.) Apart from the cases mentioned above, any transfer of Personal Data to a third country requires the prior agreement of the Contact and is subject to the respect of the laws on the protection of personal data in force.
MAINBOT may also share the Personal Data collected:
– with the companies it controls or those controlling it in the sense of articles L233-1 and following of the French Commercial Code,
– in the event of a sale, demerger, partial contribution of assets, or any other form of restructuring that it may undergo,
– in order to meet its legal and regulatory obligations.
6. Data security
MAINBOT takes care to protect and secure the Personal Data in order to ensure its security and prevent it from being distorted, damaged, destroyed or disclosed to unauthorised third parties. All persons having access to the Personal Data are bound by an obligation of confidentiality.
The Site uses technical “cookie”.
A cookie is a small file (less than 4 kb), stored by the Site on the hard disk of the Contact, containing information relating to the navigation habits of the latter.
These files are used to process statistics and information on traffic, to facilitate navigation and to improve the Site for the convenience of the Contacts.
For the use of “cookies” files involving the storage and analysis of personal data, the consent of the Contact is necessarily requested.
This consent is considered valid for a maximum period of 13 (thirteen) months. At the end of this period, the Site will again request the Contact’s consent to save “cookies” files on his hard disk.
The Contact is informed that he/she may oppose the recording of these “cookies” files by configuring his/her browser software.
In the event that the Contact decides to deactivate the “cookies” files, he/she will be able to continue browsing the Site. However, any malfunctioning of the Site caused by this manipulation could not be considered as being due to the editor of the Site.
- b) Description of the cookies used by the Site
The editor of the Site draws the attention of the Contact to the fact that the following cookies are used during his navigation:
Google Analytics – traffic and visit analysis
Polylang – Multilanguage
8. Data retention
MAINBOT keeps the Personal Data for the time necessary to achieve the purposes pursued, subject to the legal possibilities of archiving, obligations to keep certain Personal Data, and/or anonymisation.
Considering the Blockchain technology used, the Contacts are aware that this technology does not allow the deletion of information anchored on it. However, MAINBOT takes all appropriate technical measures to pseudonymise and/or make inaccessible Personal Data that must survive their deletion.
Concerning the Personal Data processed outside the Blockchain, the retention periods are as follows:
- For accounting purposes: 10 years from the end of the accounting period;
- For the purposes of preventing money laundering and the financing of terrorism, and the fight against corruption: 5 years after the end of the relationship with MAINBOT;
- For the needs of identification and management of the Users and Content Creators: for the duration of the contractual relations increased by 2 years;
- For the needs of recruitment within MAINBOT: for the duration necessary to process the application and 3 years after the last contact.
9. Rights of Contacts
Under the conditions defined by the French law n°78-17 of January 6, 1978 relating to data processing, files and freedoms and the RGPD, the Contacts – natural persons – have a right of access to the Personal Data concerning them, of rectification, of limitation, of portability, of deletion.
The persons concerned by the Processes implemented also have the right to object at any time, for reasons relating to their particular situation, to the processing of Personal Data, as well as the right to object to commercial prospecting.
The Contacts – natural persons – also have the right to define general and specific directives defining the way in which they intend the above-mentioned rights to be exercised after their death by e-mail to the following address: [email protected]
In the event of a dispute or infringement of one of the rights listed above, the Contact is entitled to refer the matter to the French Data Privacy Authority (CNIL – Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr).
10. Applicable law and place of jurisdiction
This RGPD Policy is subject to French law. In the event of a dispute and in the event that an amicable agreement cannot be reached, the competent courts will be those within the jurisdiction of the Paris Court of Appeal, notwithstanding multiple defenders or the introduction of third parties.