Privacy

policy

Jeito Capital is a simplified joint-stock company (société par actions simplifiée), registered with the Paris Trade and Companies Register under the number 839 611 449, and authorised by the Autorité des Marchés Financiers (“AMF”) under the number GP-19000043, with its registered office located at 37, rue de la Victoire, 75009 Paris (“Jeito” or “we”).

Preamble

We attach a great importance to respecting the protection of personal data.

By reading this privacy policy (“Privacy Policy”), you are hereby informed on how Jeito processes your personal data, regardless of your status (employee of a target company, subscriber, shareholder, candidate, service providers, partner or Internet user) (“Data Subject”), in the context of our relationship.

The Privacy Policy complies with the legal provisions applicable to the protection of Personal Data and in particular those defined by the General Data Protection Regulation No. 2016/679 (“GDPR”) and by the French Data Protection Act no. 78-17 (Loi Informatique et Libertés, or “FDA”).

What is personal data?

Personal data are information that allows you to be personally identified as a natural person, directly or indirectly, in particular by reference to an identifier, such as a surname, a first name, an address, an identification number or to one or more factors specific to your identity (physical, cultural, social, etc.).

Who collects your personal data?

Jeito is responsible for the processing of the Data Subject’s personal data for the purposes described below.

What processing is carried out and how does it work?

Data retention periods


Purposes	Legal bases	Data collected	Retention periods
Service providers
Management of the contractual relationship	Performance of the contract.	Identification data Login data	5 years from the end of the contractual relationship 1 year for connection logs Intermediate archive: 10 years for invoices
Individuals related to a target company undergoing a fundraising
Deal Flow management	For the identification of target companies and exchanges with them, as well as for receipt and analysis of applications: Jeito’s legitimate interest in finding target companies.	Identification data Login data Professional life data	10 years from the end of the partnership or from the last contact (identification + professional life data) 1 year for the connection logs
Deal Flow management	For the background check of key people in target companies: Jeito’s legitimate interest in verifying the information provided by the target companies.	Identification data Login data Professional life data
Fund management	For the investments and their monitoring, the audits and the contractualization: Jeito’s legitimate interest in investing in companies.	Identification data Economic and financial data Data revealing political opinions or trade union membership	10 years from the end of the relationship between Jeito and the target company.
Fund management	For the KYC AML FT procedure: legal obligation.
Investors / subscribers or one of their employees and shareholders
Implementation of the relationship with the subscribers / prospective subscribers	For the implementation of the relations and the exchanges as part of due diligences: Jeito’s legitimate interest in conducting its activities.	Identification data Economic and financial data Login data Data revealing political opinions or trade union membership	10 years from the end of the partnership (identification + economic and financial data) 1 year for the connection logs
	For the KYC AML FT procedure: legal obligation.
Implementation of the relationship with the shareholders	Jeito’s legitimate interest in conducting its activities.	Identification data Data relating to criminal convictions and offences	10 years from the end of the relationship.
Applicants
Management and follow-up of applications	For the processing of applications: Jeito’s legitimate interest in implementing a recruitment process.	Identification data Personal life data Professional life data Economic and financial data	Duration of the application and after that, with the applicant’s consent, 2 years in Jeito’s CV database. Intermediate archive: 5 years from the date of the decision to hire, in accordance with the limitation period for actions for damages resulting from discrimination.
	For the implementation of background checks: Jeito’s legitimate interest to assess suitability of applicants.
	For the constitution of a CV database: applicant’s consent to keep their CV in Jeito’s databases.
Individuals exercising their rights on their data
Management of rights requests	Legal obligation.	Identification data	Duration necessary to process the request and then applicable criminal statute of limitations.
Website user
Responding to inquiries and contact requests	Jeito’s legitimate interest in responding to requests for information.	Identification data Login data Message	Duration of the processing of the request.
Website improvement, statistics	Jeito’s legitimate interest in improving the functionality of the website.	Login data	Cookies and other commercial trackers may be placed on the user’s terminal for a maximum period of 13 months. Beyond this period, the raw traffic data associated with an identifier is either deleted or anonymized. The information collected through cookies and trackers is kept for a period of 25 months. Beyond this period, this data is deleted or anonymized.
Website improvement, statistics	User consent when required.	Login data

In any case, we undertake to ensure that your personal data is only collected and processed for the purposes mentioned above, according to a principle of proportionality and minimization.

In addition, we store your personal data for no longer than is necessary to achieve the purposes of the respective processing operations. In other words, this means that the data retention periods we apply may vary depending on the purpose for which we process the personal data in question.

In any event, at the end of the applicable retention period, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.

How is personal data collected?

We collect and process your personal data directly from you. In the event that we indirectly collect your personal data, you will be informed at the time of collection.

Who has access to your personal data?

Within the limits of their respective responsibilities and for the purposes set out above, the categories of recipients who may have access to your personal data are:

authorized personnel of the various departments of Jeito (such as the authorized personnel of human resources, sales, accounting, IT, marketing, and legal departments);
the service provider in charge of hosting and managing the website;
authorized personnel of Jeito’s data processors;
Jeito’s partners, such as investors and subscribers;
where applicable, the courts concerned, mediators, certified public accountants, auditors, lawyers, bailiffs, debt collection companies, supervisory authorities;
third parties who may deposit cookies on your devices with your consent (for more details please refer to our Cookie Policy).

Do we transfer personal data outside of the EU?

Wherever possible, we turn to data processors located within the European Union (“EU”).

However, we may transfer your data outside the territory of the EU. These transfers are carried out in accordance with the provisions of the GDPR and we put in place all the guarantees required to secure your personal data, in particular through the choice of processors located in countries guaranteeing an adequate level of protection or the application of the European Commission’s standard contractual clauses supplemented by the implementation of additional guarantees where necessary.

For more information on data transfers, you can contact us:

By post to the following address: Jeito Capital, 37, rue de la Victoire 75009 Paris
By e-mail to the following address: privacy@jeito.life

Do we use cookies?

Jeito’s website uses cookies. For more information about cookies, please refer to our Cookie Policy.

What are your rights over your personal data?

In accordance with the applicable regulation, you have rights when your personal data is processed.

Subject to the conditions applicable to the exercise of these rights, you may exercise the following rights:

Right to withdraw consent: if you have given your consent to us to process your personal data, you have the right to revoke the consent you granted, at any time, and to have your personal data deleted.
Right of access: you have the right to obtain confirmation about whether your personal data is being processed by Jeito and where it is being processed. When we process your personal data, you have the right to receive a copy of all the personal data that we hold concerning you.
Right to rectification: you have the right to supplement, correct, or have deleted, without undue delay, your personal data, where such data is inaccurate or incomplete.
Right to restriction of processing: you may request the restriction (e.g., suspension) of the processing of your personal data if (i) the personal data is incorrect, (ii) you have exercised your right to object, (iii) the personal data in question is no longer necessary for the purposes of the processing but is still necessary for the establishment, exercise or defense of your legal claims, or (iv) the processing is unlawful but you object to the erasure of your personal data.
Right to erasure: you may request the deletion of your personal data in certain cases provided for by the applicable data protection regulation, and in particular when, among other reasons, the processing is based on your consent and you wish to withdraw it, or if it appears that your personal data is no longer necessary for the purposes for which it was collected or processed. However, this right is not absolute, and Jeito may invoke a legal basis or a legitimate reason to retain your personal data.
Right to data portability: only where the legal basis for processing is the performance of a contract or consent, you may request the portability of your data and may receive the personal data concerning you in a structured, commonly used, and machine-readable format, in particular for the purposes of transmission to a third party. Where technically feasible, you have the right to have your personal data transmitted directly to this third party.
Right to object: you may object to the processing of your personal data for legitimate grounds. However, this right is not absolute, and Jeito may reject your request if it demonstrates legitimate compelling grounds for the processing.
Right to not be subject to a decision based solely on automated processing, including profiling.
Right to determine the fate of your personal data after your death and to choose whether or not Jeito communicates your personal data to a third party that you have previously designated. In the event of your death and in the absence of instructions from you, Jeito undertakes to destroy your data, unless its retention is necessary for evidentiary purposes or to meet a legal obligation.

How can you exercise your rights?

To exercise your rights, you may contact Jeito’s dedicated service using the contact details provided below, and in particular by sending an email to the address privacy@jeito.life, with the Reference “Data Protection”.

You must always state clearly who you are, so that we can be certain that we do not modify or delete any personal data concerning the wrong person.

In order to process your request in the best possible way, we may ask you for certain additional information to confirm your identity and/or facilitate the location of the personal data concerned by your request (e.g., identity document or any other document allowing your identity to be verified).

Some of your rights are subject to specific conditions set out in the applicable data protection regulations, including the GDPR. If your particular situation does not meet these requirements, we will unfortunately not be able to respond to your request. If so, we will inform you of the reasons of the refusal.

In any event, if you believe that your rights have not been respected or that your personal data has been processed in violation of the applicable data protection regulations and the principles set out in this Privacy Policy, you have the right to lodge a complaint with the French data protection authority (Commission Nationale de l’Informatique et des Libertés or “CNIL”) or the data protection authority competent in your country.

You can lodge your complaint on the CNIL’s website or by post to the following address: CNIL – Complaints Department – 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.

How can you contact us?

If you have any questions or requests regarding the processing we carry out with your personal data under this Privacy Policy, including the exercise of your rights as detailed above, you can contact us:

By post to the following address: Jeito Capital, 37 rue de la Victoire, 75009 Paris
By e-mail to the following address: privacy@jeito.life

What security measures do we take?

We will process your personal data at all times in an absolute confidential way and maintain the mandatory duty to secrecy with regard to said personal data, in accordance with the provisions set out in applicable regulations, and to this end adopting the measures of a technical and organizational nature required to guarantee the security of your personal data and prevent it from being altered, lost, processed or accessed illegally, depending on the state of the technology, the nature of the stored personal data and the risks to which it is exposed.

How do we amend and update this privacy policy?

In order to ensure compliance with the applicable regulations, we reserve the right to make amendments to this Privacy Policy at any time. It is recommended that you consult this Privacy Policy regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.