Privacy Policy and Protection Framework – FinanzaMaestra Security and protection of your personal data.

Version 5.0 – Last updated: May 1, 2026

Article 1: Identification of the Data Controller This privacy policy defines the rigorous data processing protocols maintained by FinanzaMaestra ("the Platform", "we", or "us"), whose registered office is located at 27 Avenue de l'Opéra, 75001 Paris, France. We act as the data controller in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act (Informatique et Libertés). To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO) reachable at [email protected].

Article 2: Categories of personal information collected In accordance with the data minimization principle, we collect:

Identity Metrics: Full legal name, date of birth, nationality, and official identification document for mandatory KYC/AML verification.

Contact Details: Authenticated email address, active mobile phone number, and verified residential address.

Financial Telemetry: Source of funds, digital asset wallet addresses, and transaction history.

Digital Footprint: IP addresses, device hardware specifications, and detailed interaction logs with our interfaces.

Article 3: Legal basis for processing Our collection and use of information are based on:

Contractual Necessity: Essential for managing your account and providing our services.

Statutory Obligations: Compliance with the Monetary and Financial Code (anti-money laundering and counter-terrorist financing).

Legitimate Business Interests: Proactive fraud prevention and network security enhancement.

Explicit Consent: For personalized market analytics and non-essential analytical cookies.

Article 4: Advanced Security and Sovereignty

Encryption: All data at rest is stored using AES-256 cryptographic protocols.

Transmission: Secured via TLS 1.3 end-to-end encryption.

Hosting: Data is exclusively hosted on redundant, highly secure servers within the European Economic Area (EEA), ensuring full protection under EU data sovereignty laws.

Article 5: Retention and Your Rights We retain identity and financial records for a minimum period of five (5) to seven (7) years after account closure to satisfy the requirements of the French tax administration and anti-money laundering regulations. Under GDPR, you have the right to access, rectify, erase, and port your data. Requests can be sent to [email protected]. You also have the right to lodge a complaint with the National Commission for Information Technology and Liberties (CNIL).