Monaco Crowdfunding meets its compliance obligations with regard to Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such (GDPR).

The Controller is the company Monaco Crowdfunding, which has its head office at Le Victoria 13 boulevard Princesse Charlotte, 98000 Monaco.

NATURE OF THE DATA COLLECTED.

The Data collected through our website is that provided voluntarily by Users, in particular via the registration form:

  • Civil status, identity and identification data, etc.
  • Data relating to professional life,
  • Economic and financial data (income, financial situation, tax status)
  • Connnection data (IP addresses, events log)
  • PURPOSE OF PROCESSING

    Within the framework of operating the Website and providing our services, personal data is processed for the purpose of managing clients, creating and managing accounts, managing contracts, statutory checks in terms of combatting money laundering, marketing, drawing up statistics, and managing requests relating to the rights of access, rectification and opposition

    PERSONAL RIGHTS

    You have the following rights within the limits provided for by the applicable legislation.

  • Right to access the personal data you have provided;
  • Right to rectification of the personal data provided;
  • Right to the erasure of your personal data;
  • Right to request a restriction on processing relating to you;
  • Right to object in the event of a legitimate reason;
  • Right to data portability;
  • Right to lodge a complain with a control authority (CCIN = Monegasque Data Protection Agency).
  • COMMUNICATION TO THIRD PARTIES

    Your personal data may be disclosed in application of a law, regulation or by virtue of a decision from a competent regulatory authority or court.

    DATA CONSERVATION PERIOD

    The personal data collected by Monaco Crowdfunding is kept for as long as needed for the processing purposes. Beyond this conservation period, it becomes an intermediate archive in which it is rendered anonymous and kept for statistical or historical purposes.
    Purges are implemented in relation to your personal data in order to ensure actual erasure o the expiry of the conservation or archiving period required for completing the determined or imposed purposes.

    COOKIES

    A cookie is a text file that may be placed on your terminal when browsing a website. A cookie file allows its issuer to identify the terminal on which it was registered.
    Monaco Crowdfunding undertakes to only keep cookies for a maximum of 12 months following its initial placement on the user’s terminal. The User’s consent shall also be valid for 12 months.
    Monaco Crowdfunding uses cookies for technical purposes, in order to guarantee its website operates correctly. Cookies can be used for statistical purposes, especially to optimize the services rendered to the User, by processing information concerning access frequency and personalizing pages, as well as for the operations carried out and information viewed.

    DATA SECURITY

    Monaco Crowdfunding implements suitable technical and organizational measures to guarantee an appropriate level of security. The technical measures implemented by Monaco Crowdfunding are detailed below.

    REQUESTS

    For any questions on the protection policy for user’s personal data, or to exercise your rights, you can contact Monaco Crowdfunding at the following email address: support@monacocrowdfunding.com

    VIOLATION OF PERSONAL DATA

    We undertake to implement all the suitable technical and organizational measures to guarantee an appropriate level of security with regard to the risks of accidental, unauthorized or illegal access, disclosure, alteration, loss or even destruction of your personal data. In the event we become aware of illegal access to your personal data stored on our servers or those of a sub-contractor, or of unauthorized access resulting in the occurrence of the risks identified above, we undertake to:

  • Report the incident as quickly as possible;
  • Take all the reasonable measures necessary to remove or limit the negative effects and damages that may result from the said incident.
  • LIMITATION OF LIABILITY

    In no event can the undertaking set out in the above point on the violation of personal data be likened to any acknowledgement of fault or liability with regard to the incident in question occurring.

    MODIFICATION TO THE CONFIDENTIALITY POLICY

    In the event this confidentiality policy is modified, Monaco Crowdfunding undertakes to not substantially lower the confidentiality level without informing the people concerned in advance and without obtaining your consent.
    Please note that the confidentiality policy may be modified or supplemented at any time, especially with regard to complying with any changes to legislation, regulations, case law or technology. These modifications shall be binding on the User as soon as they are put on line. As a result, the User should consult the confidentiality policy on a regular basis in order to learn of any modifications thereto.

    TECHNICAL MEASURES IMPLEMENTED FOR GDPR COMPLIANCE

    In accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such, and in particular Article 32 thereof, Monaco Crowdfunding ensures the security of your personal data by the following technical and organizational measures:

    ENCRYPTION OF CONFIDENTIAL DATA.

    All the data (documents, digital data) is stored on file systems that are automatically encrypted on the fly (AES-256) and compatible with the General Data Protection Regulation thanks to FIPS 140-2 certified software.

    The data is housed in France, in data centres meeting ISO 27001 and PCI DSS standards.

    ACCESS RIGHT MANAGEMENT.

    The rights of access are subject to compliance with internal allocation procedures meeting the following requirements:

  • Monitoring groups and directories with a security policy boosting the data control;
  • Reduction of access rights using an “a minima” principal, i.e. maintaining the principle of lowest privilege. If it is not strictly necessary, the right of access is not authorised;
  • Fine management of authorizations and revocation in the event users leave or transfer.
  • Monitoring of access rights is subject to a permanent internal control carried out by our compliance team.
  • TOOLS FOR COMBATTING EXTERNAL INTRUSIONS INTO THE NETWORK.

    Monaco Crowdfunding, via its on-line payment service provider Lemon Way, has chosen to trust the publisher’s McAfee antivirus and anti-malware solution and its VirusScan Enterprise suite. Network protection solutions are also in place, with the use of a latest-generation firewall equipped with advanced UTM (Unified Threat Management)-type functions, automatic DDOS protection solutions (DPS) and a WAF (Web Application Firewall) operated by the company Incapsula.

    The information system is continually analysed by Nessus agents from the company Tenable in order to report any new vulnerability detected in real time, a SIEM (Security Information and Event Management) completes the set in order to collect and analyse all the sensitive activities acting on all the IS components.

    PASSWORD POLICY

    A robust password management policy is in place (unique ID, complexity, size, regular change, limited attempts, etc.); security policies have been defined and implemented. The correct application of these policies is regularly and automatically monitored on all the Information System machines via specific monitoring agents and any anomaly is reported to the security team.