The website available at the following address: www.oniloo.com (hereinafter referred to as the "Site") is published by the company ONILOO FINANCIAL SERVICES, a simplified joint-stock company with a single associate, with a share capital of €1,000, registered in the Evry Trade and Companies Register under the number 979 048 964, with its registered office located at 10 rue Ernest Luisetti, 91200 ATHIS-MONS (hereinafter referred to as "ONILOO"), which, as the data controller of personal data, attaches great importance to the protection and respect of privacy.

This privacy policy aims to inform, during the navigation on the Site, any person using the Site (hereinafter referred to as the "Users" or the "User") of ONILOO's practices regarding the conditions of collection, use, and sharing of information that Users are required to provide, as well as their rights.

The Site complies with French and European standards relating to the protection of privacy and personal data and in particular with the law n°78-17 known as "Data Protection Act" of January 6, 1978, relating to information technology, files, and freedoms, amended by the law 2004-801 of August 6, 2004, and the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, known as the "GDPR" on the protection of individuals with regard to the processing of personal data and the free movement of such data.

IMPORTANT: NOTE TO USERS

ANY NAVIGATION ON THE SITE AFTER THE PUBLICATION OF THIS PRIVACY POLICY CONSTITUTES UNRESERVED ACCEPTANCE OF IT.

If the User wishes to withdraw their consent regarding the processing of their data, they can simply make the request directly by email at the following address: [TO BE COMPLETED]

Moreover, where required by law and/or in certain circumstances, the User's consent will be obtained or an option to refuse will be provided before any transmission of data.

The controller of personal data is ONILOO.

The data collected on the Site in the context of the use of the Site are those allowing ONILOO to directly or indirectly identify the Users.

This may include the following categories of data concerning Users:

The mandatory or optional nature of personal data collected and any consequences of a lack of response are indicated at the time of their collection on the associated forms.

Users who communicate third-party personal data must confirm that they have the consent of this third party for the use of their personal data by the Site.

Personal data collected on the Site are used only for and during the execution of services for the following purposes:

Furthermore, ONILOO may use the data to fulfill, where applicable, its legal obligations and/or regulatory requirements.

Processing activities and the collection of personal data are authorized on the following legal grounds:

ONILOO reserves the right to publish, disclose, and use aggregated information (information about Users or groups or specific categories of Users combined in such a way that an individual User can no longer be identified or mentioned) and non-personal information for sector and market analysis, demographic profiling, promotional and advertising purposes, and other business purposes.

Data collected by ONILOO is freely communicated by Users when creating an account on the Site, when proposing a project, or contributing to a project.

They may also be collected automatically during the use of the Site, particularly when the User:

These automatically collected data do not reveal the identity of the User but concern the use of the services. This collection is necessary for the maintenance and operation of ONILOO's services and for its internal analyses and reports.

This information includes:

In any case, the personal data collected:

The primary recipient of the personal data collected on the Site is ONILOO.

Personal data is not communicated to third parties except to ONILOO's partners when the communication of personal data is necessary for the execution of services offered by ONILOO (processing of donations), analysis, and data monitoring.

However, partners commit to strictly comply with the provisions of the Data Protection Act, the GDPR, and future new regulations.

Furthermore, other recipients may have access to personal data. These include, if applicable, service providers and subcontractors performing services for the Site (hosting, site security tools, customer service, and assistance tools) and its external service providers (electronic signature provider, payment provider, internet service providers, communication agency, etc.).

In the event of a change of control of ONILOO, a merger, acquisition, collective procedure, or any other form of asset transfer, data collected by ONILOO may be transferred to third parties. Nevertheless, ONILOO commits to ensuring the confidentiality of the personal data collected and to informing Users before such data is transferred or subject to new privacy rules.

If required by law, the User's consent will be obtained or an option to refuse will be provided before any data transfer.

Collected data may also be transferred if vital interests are at stake and ONILOO deems it necessary to investigate, prevent, or take measures to prevent potential violations of its policies and more broadly in situations involving suspicions of fraud, potential security threats, illegal activities, or as evidence in a dispute involving ONILOO.

In accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, known as the "GDPR" on the protection of individuals with regard to the processing of personal data and the free movement of such data, and the law n°78-17 known as "Data Protection Act" of January 6, 1978, amended by the law 2004-801 of August 6, 2004, relating to information technology, files, and freedoms, the User has:

The User wishing to exercise one of their rights can send their request via the rights exercise request form, by email or postal mail to the following addresses:

When exercising one of these rights, the User must provide ONILOO with the necessary elements for their identification: name, first name, email address, and possibly postal address.

Moreover, in accordance with current regulations, the User's request must be clear and specify in detail the right they wish to exercise, as well as the address at which they wish to receive the response in case one of the above-mentioned rights is exercised. ONILOO may ask them to provide a photocopy of an identity document bearing their signature to verify their identity.

ONILOO then commits to respond within a maximum period of one (1) month following the receipt of the User's complete request.

Due to the complexity of the request and/or the number of requests, this period may be extended by two (2) months, provided that ONILOO informs the User within one (1) month of receiving their request of the reasons for the delay.

ONILOO informs Users of their right to file a complaint with the National Commission on Informatics and Liberty (CNIL) in one of the following ways:

The personal data of Users collected are not retained beyond the time necessary for the execution of ONILOO's obligations defined at the conclusion of the contract or for the predefined duration of the contractual relationship, except for data that ONILOO needs to retain as evidence for legal, administrative purposes or in accordance with current legislation.

ONILOO retains the personal data of Users collected for the duration strictly necessary for the purposes described in this privacy policy.

At the end of the commercial relationship, ONILOO will retain for three (3) years from the end of the commercial relationship the information provided by the User, namely

Navigation data will be kept for a maximum of six (6) months in accordance with the recommendations of the CNIL.

Beyond this period, they will be anonymized and retained exclusively for statistical purposes and will not give rise to any exploitation, of any nature whatsoever.

As far as possible, ONILOO processes User data only within the European Union and does not transfer this data outside of this area.

Nevertheless, in case of international transfer of User data outside the European Union, it is necessary to distinguish:

ONILOO commits to implementing appropriate and reasonably necessary technical and organizational measures in view of the applicable data protection regulations, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage to ensure an adequate level of security for the risks incurred for the rights and freedoms of individuals in the context of the processing referred to in this privacy policy.

When personal data is transferred to third parties for processing, ONILOO ensures that these third parties implement all appropriate technical and organizational measures to ensure the protection of personal data in accordance with applicable laws.

These measures are defined taking into account the state of knowledge, implementation costs, and the nature, scope, context, and purposes of processing as well as identified risks.

Depending on the needs, risks, costs, and purpose of processing, these measures may include pseudonymization and encryption of data.

This protection can be ensured by the mention of "https" in the browser's URL address and the representation of a closed padlock at the bottom of the screen.

Finally, in case of a violation of rights concerning personal data likely to generate a high risk for the User's rights and freedoms, ONILOO commits to inform the User of this violation within a maximum period of seventy-two (72) hours.

On the Site, Users may have access to various links directing them to third-party sites.

ONILOO will not be responsible for the information sent to these third parties or collected by them.

This privacy policy does not govern third-party sites or third-party content accessed by the Site User.

ONILOO has no control over hypertext links and/or other promotional formats.

Therefore, ONILOO gives no guarantee regarding the personal data protection practices of indexed websites and cannot be held responsible in any case in a dispute arising between an indexed website on the Site and one of the Users, particularly due to losses or damages suffered, the operators of the indexed websites being solely responsible for their practice in terms of personal data protection.

A cookie (or connection witness) is a text file that can be saved, in a dedicated space on the User's computer's hard drive, when consulting an online service using browser software.

In practice, cookies are small text files that are placed on the User's computer by the websites the User visits. They are used to operate websites and improve the usability of these sites.

The cookie is transmitted by a website server to the User's browser. Each cookie is assigned an anonymous identifier. A cookie does not allow tracing back to a physical person.

When consulting the Site, Users are informed that cookies or other means of recording navigation data are used by the Site or by third parties, service providers for the Site, and deposited on the User's terminal (computer, mobile, or tablet).

ONILOO or its partners may install, subject to the User's acceptance, various cookies, including:

Only the issuer of a cookie can read or modify the information contained therein.

In application of CNIL recommendations, during their first connection to the Site, the User will be expressly asked to accept the Site's cookies.

Cookies used by ONILOO or its partners allow identifying Users, recognizing their browser when they connect to the Site, recording their access frequency (traffic measurement), and their terminal display preferences, adapting and/or personalizing the presentation of the Site to improve User experience and optimizing the Site solely to provide the services requested by the User.

Furthermore, cookies used on the Site are based on the International Chamber of Commerce guide by categories:

Les cookies strictement nécessaires permettent à l’Utilisateur de naviguer sur le Site.

Ces cookies ne recueillent aucune information concernant l’Utilisateur qui pourrait être utilisée à des fins de marketing.

ONILOO utilise ces cookies pour :

ONILOO n’utilise pas ces cookies pour :

Ces cookies permettent l’amélioration des performances et du Site, tels que la gestion des erreurs, le suivi des taux de réponse ou l’amélioration de la conception du Site.

Ces cookies sont utilisés pour fournir des services ou pour garder en mémoire les paramètres de l’Utilisateur afin d'améliorer sa visite sur le Site.

Ces cookies sont utilisés pour promouvoir des produits ou des services pour l’Utilisateur sur d'autres sites. Ils peuvent également être utilisés pour limiter le nombre de fois que l’Utilisateur voit une publicité particulière sur le Site et pour mesurer l'efficacité d'une campagne particulière.

Conformément aux recommandations de la CNIL, la durée maximale de conservation des cookies est de treize (13) mois au maximum après leur premier dépôt dans le terminal de l'Utilisateur, tout comme la durée de la validité du consentement de l’Utilisateur à l’utilisation de ces cookies. La durée de vie des cookies n’est pas prolongée à chaque visite. Le consentement de l’Utilisateur devra donc être renouvelé à l'issue de ce délai.

Lors de la première navigation sur le Site une bannière explicative sur l'utilisation des cookies apparaît. Elle permet à l’Utilisateur d'activer ou de désactiver certains cookies. Elle ne disparaîtra que lorsque l’Utilisateur aura accepté, ou non, l'utilisation des cookies pour poursuivre la navigation.

L’enregistrement d’un cookie reste subordonné à la volonté des Utilisateurs. Conformément aux dispositions législatives et réglementaires, ONILOO recueille le consentement préalable au dépôt des cookies.

Les Utilisateurs disposent également de la possibilité de configurer leur logiciel de navigation de sorte à s’opposer, totalement ou partiellement (notamment en fonction de l’émetteur) à l’enregistrement de cookies. La configuration offre également la possibilité d’accepter ou refuser des cookies de manière ponctuelle, avant leur enregistrement dans le terminal des Utilisateurs.

Dès lors, les Utilisateurs qui souhaitent empêcher l’enregistrement des cookies, peuvent suivre la procédure spécifique à chaque navigateur et décrite dans le menu d’aide du navigateur.

Toutefois, en cas d’opposition à l’enregistrement de cookies ou de désinstallation d’un cookie, les Utilisateurs sont informés que certains services sont susceptibles de ne plus fonctionner correctement.

ONILOO reserves the right to modify and update this privacy policy at any time, particularly to take into account any legal and/or jurisprudential developments and to meet the requirements of the regulations applicable to the protection of personal data.

The prevailing version is the one accessible online on the day of the Site consultation.

Any consultation of the Site after the publication of the modified privacy policy implies unconditional acceptance of the new privacy policy.

For any request for information or to learn more about the processing of personal data, including the exercise of the rights mentioned above, the User may contact ONILOO via the rights exercise form, by email or postal mail at the following address:

For any complaint or dissatisfaction regarding the use of personal data by ONILOO, the User may contact ONILOO via the rights exercise form, by email or postal mail at the following address:

When the User contacts ONILOO, they will be asked to identify themselves.