Privacy policy

Last updated: 22 August, 2022

This privacy policy (the "Privacy Policy") is provided by:
Roundtable, a French “société par actions simplifiée” with a share capital of 100 Euros, registered in France under the number 908 281 363 at the Commercial and Companies Registry of Nanterre, whose registered office is located at 25 Allée Robert Doisneau, 92100 Boulogne-Billancourt, France (referred as “Roundtable” or as “we”).

The Privacy Policy may be amended or updated from time to time without prior notice. All amendments or updates will be posted online on the Services. If amendments to our Privacy Policy involve matters for which the User consent was previously required, we will notify the User in order to obtain its renewed consent.

Introduction

The Privacy Policy forms a whole with the Roundtable Terms of Service (ToS). Capitalized terms will have the meaning they are ascribed in the ToS.


The Privacy Policy describes what personal data as defined in Applicable Regulations (“Personal Data”) we collect when the Client and its Users use the Services, Roundtable’s website, as well as other interaction (for example, customer support conversation, user surveys, etc.) the Client and its Users may have with Roundtable.
It also provides information about how we store, transfer, use, and delete that Personal Data, and what choices the User has with respect to such Personal Data.

The Privacy Policy applies where we are acting as a data controller with respect to the personal data of the Client and/or its Users of our Services; in other words, where we determine the purposes and means of the processing of that Personal Data.

How we collect, process and store Clients’ and/or Users’ Personal Data

We in Roundtable are committed to safeguarding the privacy of our Client and/or Users and use their Personal Data in accordance with Law no. 78-17 of 6 January 1978 on computer technology, computer files and civil liberties, known as the “Informatique et Libertés” Act, as well as with Regulation (EU) No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data applicable since 25 May 2018 (together the “Applicable Regulations”).

We undertake to:

  1. collect and process Personal Data of Clients and/or Users fairly and lawfully
  2. limit the processing of personal data to specific, explicit and legitimate purposes
  3. minimize the collection and storage of Personal Data in relation to the purpose of the processing
  4. ensure the accuracy of Personal Data and allow their deletion or rectification
  5. limit the retention of Personal Data
  6. ensure the security, integrity and confidentiality of Personal Data
  7. respect Clients and/or Users’ rights

Why do we collect, process, store and from time to time transfer Clients’ and/or Users’ Personal Data

We process Clients and/or Users’ Personal Data for the following purposes:

  1. create an account for Users and deliver the Services to Clients and/or Users, and continue to maintain and develop the services (legal basis: contract with the Client)
  2. operate transaction (legal basis: contract for the duration of the use of the Services and then legal obligation)
  3. sending newsletters and promotional offers when the Clients and/or Users have consented to this by accepting the present privacy policy as it may be amended from time to time (legal basis: consent)
  4. sending emails pertaining to Clients and/or User’s account, Services changes or new policies (legal basis: contract)
  5. responding to Client and/or User request for maintenance (legal basis: contract with the Client and/or User) or responding to Client and/or User request through the website (legal basis: consent)

What Clients’ and/or Users’ Personal Data we collect

Client and/or Users are required to provide Roundtable with accurate, truthful and sincere Personal Data. When using the Services, we may collect the following data:

  1. User account information: User name and first name, email address, phone number, profile picture, nationality, date of birth, address
  2. User KYC information: User ID document, proof of address, proof of fund, photography (through a KYC partner)
  3. User investment holding KYB information: For Users investing through an investment holding company, company’s denomination, legal entity type, company number, company bylaws, company incorporation document, company ultimate beneficial owners
  4. Payment and Transaction information: Client’s billing details such as credit card information, billing email, banking information, location at the time of transaction and/or a billing address
  5. Investor Banking Information: Bank account number, Bank address
  6. Usage of the Services information: metadata to provide additional context about the way the Service is being used. The usage data may include User’s IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation
    paths, as well as information about the timing, frequency and pattern of the use of the Services.

Personal Data are collected and processed when Client and/or Users use the Services and interact with the Services.

Security of Personal Data, storage and deletion of personal data

We make every effort to avoid any interference with the Personal Data of other Users, such as loss, misappropriation, intrusion, unauthorised disclosure, alteration or destruction thereof.

We undertake to ensure that this protection is provided by any person who may carry out processing on Client and/or Users’ Personal Data for the purposes described above.

Except for specific legal storage period, we store Client and/or Users’ Personal Data:

  1. for up to five (5) years following the date of the end of the investment
  2. for up to five (5) years after using the Services
  3. for up to three (3) years for account information after the deletion of a User account
  4. for up to one (1) years from the last contact for support information

Transfer of Personal Data

We may disclose Personal Data of Users to our services providers and relevant commercial partners, in particular:

  1. Airtable, the company hosting User, Holding and Investment data
  2. Bank partners (in particular Qonto, Olkipay) for KYC/KYB
  3. Domiciliation providers (in particular Finimmo in Luxembourg)
  4. Incorporation services providers entities required for formalities (in particular, notary, trade registry) for Investment vehicle incorporation
  5. Customer support tools providers, such as Calendly, the company providing online calendar. Within this framework, the data can be transferred to third countries outside the European Union
  6. Relevant commercial partners offering services and products that are complementary and analog to the Roundtable services to promote relevant services and products

Except for our services providers and relevant commercial partners, contractually bound to appropriate data protection obligations, we undertake not to disclose, assign or transfer Personal Data to any third parties without the Client and/or Users’ express consent. We could however be induced to disclose such if the law should so require or by judicial or administrative request. In the case where we are involved in a merger, acquisition, bankruptcy, reorganization or sale of assets such that your information would be transferred or become subject to a different privacy policy, we will notify the Client and/or User.

Clients’ and/or Users’ rights over their Personal Data

Client and/or Users have the following rights over their Personal Data: a right of access, a right to rectification and to request the deletion of their personal data, the right to obtain communication thereof in a structured and readable form (save legitimate impediment) and the right to define guidance relating to their digital will. Client and/or Users may also ask Roundtable to restrict the processing of their Personal Data, or object to processing, including profiling.

If a User has an account, she/he may access, modify or export its Personal Data, or delete its account by sending an email to contact@roundtable.eu. In case of deletion of the User’s account, its information and content will be unrecoverable after that time. To comply with our legal obligations, we may however keep storing Personal Data after the deletion of the Roundtable account.

Where Client and/or Users have given consent to Roundtable, they may also withdraw their consent at any time, by sending an email to contact@roundtable.eu.

To exercise their rights or if Client and/or Users otherwise have any questions regarding our processing of personal data, we encourage the Client and/or Users to contact us at the email address contact@roundtable.eu.

Roundtable also notifies Client and/or Users that they may raise complaint to a data protection authority, e.g the supervisory authority where the Client and/or Users live or the French Data Protection Authority, the Commission Nationale de l’Informatique et des Libertés (“CNIL”).

Cookies and Other Tracking Mechanisms

A cookie is a text file that may be installed on the hard drive of a User terminal when he uses the Services. These small files may contain, for instance, the language used by User’s browser, and its preference settings. When we use cookies, we may use “session” cookies (that last until you close your browser) or “persistent” cookies (that last until you or your browser delete them). Some of the cookies we use are associated with Users’ account, and other cookies are not.

Traffic data is generated when your device is connected to the internet and to the Services.

Roundtable may use traffic data (generated when the User’s device is connected to the internet and the Services) for statistical purposes in order to analyse the number of visits to the Services and to improve such by adapting it to its needs. Traffic data is never used nominatively by Roundtable.

We install cookies on the User’s devices in order to allow the User to use the Services in optimal conditions, to save its profile and restore its preferences when he is connected via its usual device, or to establish statistics.

We use the following type of cookies:

  1. Browsing cookies, which are necessary for the proper technical functioning of the Services, as they allow the display of content from each device to be optimized
  2. Functional cookies, which are not indispensable to the proper functioning of the Services but optimize browsing experience;
  3. Other Web Site Analytics Services. We use third party service providers such as Google Analytics to provide certain analytics and User interactions with our Services, including the collection and tracking of certain data and information regarding the characteristics and activities of the User.

Google’s privacy policy is available by clicking on this link.

Users may accept or refuse cookies being installed on its device using the banner contemplated to that effect when using the Services.

We do not store any cookies enabling the User to be tracked or to obtain IP addresses beyond a period of twelve (12) months from the initial installation on its device. Users may delete cookies at any time from its browser software and configure it to prevent them from being stored on its terminal.

Users are invited to refer to their browser's help file to determine the appropriate settings. Refusing to accept cookies may seriously impair its browsing experience.