PRIVACY AND COOKIES POLICY

Updated: June 2, 2024

The company (hereinafter "the Company" or "we") refers to SEEFTY LTD.

The Company is responsible for processing the data of its customers and more generally of internet users (hereinafter "you") browsing the websites it operates as part of its activities, such as www.abdouboutaleb.com

We are committed to ensuring that the collection and processing of personal data are carried out lawfully, fairly, and transparently, in accordance with the General Data Protection Regulation ("GDPR").

Failure to provide information with a mandatory character may result in the related data collection request (e.g., online registration or order, information request, etc.) not being processed or delayed.

For any clarification or complaint, feel free to contact us by email at [email protected]

I. DEFINITIONS - PREAMBLE

For a clear understanding of this Privacy Policy, it is necessary to clarify the following terms:

- A "personal data" refers to any information related to an identified or identifiable natural person (the "data subject") particularly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

- A "processing" refers to any operation with personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

- A "data controller" is the one who, alone or jointly with others, determines the purposes and means of the processing, and a "processor" is the one who processes personal data on behalf of the controller.

- A "recipient" is a natural or legal person, public authority, agency, or another body to which personal data are disclosed, whether a third party or not.

Warnings.

We invite you to be cautious about what you decide to make public on the internet. Regarding

personal data

, including those related to your private life or sensitive (political and philosophical opinions, trade union membership, health information, sexual orientation, religious beliefs, etc.)

made public at your initiative

or inferred via your contributions, comments, and any kind of position-taking on social networks (Facebook, YouTube, etc.), it is reminded that processing of personal data made public by the data subject is not subject to the prohibition principle of sensitive data processing.

In case of a capital letter attributed to a word, the Client can refer to the general terms of sale applicable on the Site.

II. MANAGEMENT OF THE CLIENT-PROSPECT FILE

Via the Site, you transmit the following categories of information by filling in the information forms and communicating with us:

- Identity data (civility, surname; first name), contact data (email address; postal address (address, postal code, city, country); phone number)

- Login information to your user account: username, password

In case of an order, we will also process information related to the contractual and commercial relationship you may establish, including the correct correspondence of information related to the order of a Boot Camp, and Coaching reserved for Boot Camp members. As the order is chargeable, we will also process payment and transactional information (transaction date, amount, payment method, order number).

We also collect information when you complete a satisfaction form or when you subscribe to a free product or service (name, email). Subscribing to a free service implies acceptance to receive commercial information, from which the User can unsubscribe at any time.

Finally, we collect data on account login and use of tools made available to people on the virtual space dedicated to them (IP address, connection time, duration of connection, account settings, tool management, watched videos, progress indices).

Veracity of transmitted information: You must not provide false personal information and not create an account for another person without their permission. The details you transmit to us must always be accurate and up to date.

Personal identifiers - Any holder of an account allowing access to a virtual space (Boot Camp, viewing, etc.) holds access rights that are strictly personal, confidential, and non-transferable. Any account holder must take the necessary security measures to preserve the integrity of his access rights (username, password) to prevent a third party from connecting to his account. The holder of the access rights will be responsible for any fraudulent or abusive use of his access codes when it results from his own negligence. In any case, the holder of the access rights must inform us without delay of the loss or theft of his identifiers.

III. PROVISION OF A VIRTUAL SPACE FOR ACCESS TO SERVICES

Training content is delivered on a dematerialized platform

accessible via a URL link provided to the Client upon his order. Coaching is provided via private groups on social networks, especially Discord.

Email notifications - The checkboxes like "Please notify me of updates to my products." and "Please alert me when a response to one of my messages or comments is created." which may be provided to Clients on a virtual space to receive email notifications (product updates, response to one of the messages or comments) can be unchecked at any time.

IV. SOCIAL NETWORKS AND THIRD-PARTY SITES

Groups, accounts, and pages. Any coaching may be provided via a private group created on Discord, where content is shared, and clients can interact. We may also contact you or answer your questions via social networks if you have first contacted us in this way. Finally, we have various public pages and accounts to which you can subscribe.

Regarding all the information you may provide to the social network Discord (liking a video, watching a video, messages sent to coaches), Instagram (commenting, liking, sharing...), and any other social network, we inform you that we are not responsible for the processing of personal data carried out by this third-party site, and you are invited to consult the data protection policies for more information.

Outside the Boot Camp provided:

Public information: The information about you that you have transmitted to us may be enriched for commercial, prospecting, communication, solicitation, or marketing purposes using other sources of information such as social networks (information said to be "public" or to which we may have access as a page administrator.

Link to third-party sites. The Site may provide links to other sites, applications, and services than its own, which may be operated by third-party companies. Clicking on these links may allow third parties to collect or share data about you. In this case, we are not responsible for the processing of personal data by these third-party sites, and the user is invited to consult the data protection policies for more information.

Link to the Site. Conversely, if one of the third-party sites points to our Site (URL link), it does not mean that the privacy policy of this third-party site is applicable to our activity, nor that we guarantee compliance by this third party with its obligations in terms of personal data protection.

V. COOKIES

Collection of technical data for advertising, commercial, and statistical purposes. Technical data of your device are automatically collected and recorded by the Site for advertising, commercial, and statistical purposes. This information helps us to continuously personalize and improve your experience on our Site. We do not collect or store any personal data (name, first name, address...) possibly attached to technical data. These collected data may be resold to third parties by the cookie providers allowing their collection.

Cookies/pixels provided by third parties such as Facebook and Google allow for retargeting, more information at:

- https://www.facebook.com/business/learn/facebook-ads-pixel

- https://policies.google.com/technologies/cookies?hl=fr

Duration of cookie storage. In accordance with European recommendations, the maximum duration of cookie storage is 13 months after their first deposit in the User's terminal, as well as the duration of the User's consent to the use of these cookies. The lifespan of cookies is not extended with each visit. The User's consent must therefore be renewed at the end of this period.

Purpose of cookies. Cookies may be used for statistical purposes, in particular, to optimize the services rendered to the User, based on the processing of information concerning the frequency of access, the personalization of pages, and the operations carried out and the information consulted. You are informed that the cookie provider may place cookies on your terminal. The cookie records information relating to navigation on the service (the pages you have viewed, the date and time of consultation, etc.) that we can read during your subsequent visits. Some features of the site such as video players or interactive content may use services offered by third parties and place cookies allowing them to identify your consultation of the content.

User's right to object to cookies. If you do not want cookies to be used on your terminal, most browsers allow you to disable cookies via the setting options:

- Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DAndroid&hl=fr

- Safari: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac

- Firefox: https://support.mozilla.org/fr/kb/protection-renforcee-contre-pistage-firefox-ordinateur

- Internet Explorer: [https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies](https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies)

VI. EXERCISE OF RIGHTS

You have the right to access your data, rectify or delete it, interrogate, limit the processing of your data, portability, and erasure (more

info here), within the limits set by the regulation, particularly the GDPR.

You also have the right to object at any time, for reasons related to your particular situation, to the processing of personal data having as a legal basis our legitimate interest, as well as a right to object to commercial prospecting by clicking on the unsubscribe link of the newsletter.

Requests to exercise your rights are to be addressed electronically to the address: [email protected]. If you are not satisfied with our response, you can file a complaint with the data protection authority you fall under.

For all useful purposes, it is specified that from the exercise of the right to erasure, to oppose processing, or to withdraw consent, the proper functioning of the site and/or training services (including the e-learning platform) may be disrupted or even interrupted. For example, if these rights are exercised at the time of ordering services or products, then said order cannot be executed.

VII. DURATION OF PERSONAL DATA STORAGE

Data used for commercial prospecting management purposes are kept for a maximum of three years from the last contact from the prospect or the end of the contract with the client. If you have not authenticated on the Site or have not had active behavior (for example, by clicking on a link) for a period of three years, you may receive an email inviting you to connect as soon as possible, otherwise, your data will be deleted from our databases.

Effective deletion means are implemented once the duration of storage or archiving necessary for the fulfillment of the determined or imposed purposes is reached, especially after the deletion of your account with our company.

Under our legal obligations, certain documents related to our internal operation and containing personal information (order forms, contracts, invoices, etc.) will be archived. Similarly, we may archive until the expiration of the applicable limitation/forfeiture periods for legal actions, for the proper defense of our interests before the courts in the event of subsequent litigation.

In any case, personal data subject to processing are not kept beyond the time necessary for the performance of the obligations defined at the conclusion of the contract or imposed by current legislation. Beyond that, they may be anonymized and kept exclusively for statistical purposes.

VIII. RECIPIENTS

We do not sell any personal data files. The information you provide us is for internal use by authorized persons, it is strictly confidential and cannot be disclosed to third parties, except with express agreement or if you have decided to make them public.

Our external providers may, within the framework of the treatments described above, be recipients of personal data to perform treatments. This is the case for tools provided under the names Shopify (orders), Godaddy (site hosting), Teachable (training platform, access management including password), FreshDesk (customer support).

As such, we verify that (i) any processor presents sufficient and appropriate contractual guarantees to respect your rights, so that the processing meets the requirements of the GDPR and (ii) to respect the provisions of the GDPR applicable to data transfers.

Based on our legal obligations, your personal data may be disclosed in application of a law, a regulation, or pursuant to a decision by a competent regulatory or judicial authority.

Transfer outside the EU. We are committed to complying with the applicable regulations relating to transfers of data to countries located outside the European Union, and in particular according to the following modalities:

- We will transfer the data of visitors, prospects, and clients to countries recognized as offering an adequate level of protection. In case of transfer to the United States, to organizations that have adhered to the Privacy Shield;

- When the destination country does not benefit from an adequate level of protection, we frame the flows with transfer tools compliant with the regulation (standard contractual clauses of the European Commission, in particular).

IX. COMPUTER SECURITY

We are committed to implementing all appropriate technical and organizational measures through physical and logistical security means to ensure a level of security adapted to the risks of accidental, unauthorized, or illegal access, disclosure, alteration, loss, or destruction of your personal data.

Secure payment

All transactions made on our Site are secure. Payments by credit card are provided by our partner STRIPE, a trusted payment service provider. We thus have an SSL encryption system to protect your personal data and the means of payment used. At no time do we directly possess your bank details thanks to this process.

The payment page address starts with "https" and is accompanied by a closed lock or a key appears at the bottom right of your browser. This allows you to verify that you are in a secure payment area when your card number is requested. Stripe automatically checks that this connection is secure before sending your banking and transactional data.

Generalities - Data breach

In the event that we become

aware of illegal access to your personal data stored on our servers or those of our service providers, or unauthorized access resulting in the realization of the identified risks above, we commit to:

- Notify you of the incident as soon as possible if this meets a legal requirement;

- Examine the causes of the incident;

- Take the necessary measures within reasonable limits to lessen the negative effects and damages that may result from said incident

Under no circumstances can the commitments defined above be assimilated to any recognition of fault or responsibility as to the occurrence of the incident in question.

If you observe any security breach or any incident that could affect the integrity of your personal data or those of other people, we thank you in advance for informing us immediately by email, at the address [email protected].

X. APPLICABLE LAW AND LANGUAGE

This privacy policy is written in English. In case it is translated into one or more languages, only the English text will prevail in case of dispute. The temporary or permanent non-application of one or more clauses of these terms shall not be deemed a waiver of its part of the other clauses of these terms which continue to produce their effects.

We reserve the right to modify this Privacy Policy. The concerned persons will be notified when this is provided by the GDPR or any other regulation. The update date is indicated at the top, and we invite you to consult it regularly.