Privacy Policy

1. Purpose

This Privacy Policy describes how Napoleon Group, (A French simplified joint stock company, registered with the Paris RCS under number 882 455 108, with a share capital of 7 857 569.17 euros, and domiciled at 11 Rue Paul Lelong, 75002 Paris) collects and processes your personal data, through their websites and applications.

By way of background, the company is a subsidiary of CoinShares International Limited, a Jersey-based entity registered with the Jersey Financial Services Commission (JFSC) under number 102185. The CoinShares Privacy Policy can also be accessed by clicking on the following link: CoinShares – Privacy Policy

If you have any queries about your rights, possible remedies, or any other matter relating to our privacy policy, you can contact our DPO by email privacy@napbots.com

2. Scope

This Privacy Policy applies to all Napoleon Group platforms, websites, applications and services and the parties that operate those services, including, but not limited to, the legal entities, organisations and teams that provide and are responsible for the Napoleon Group services.

By using Napoleon Group services, you consent to the collection, storage, processing and transfer of your personal information as described in this policy.

3. Personal data controller

Napoleon Group is your personal data controller. This means that it determines the purposes and means by which your data is processed.

By “controller”, “joint controller” or “processor”, as used in this policy, we refer to the terms defined in Article 4 of the GDPR.

Napoleon Group has appointed a Data Protection Officer (DPO), whose contact details can be found in section 1, who will endeavour to answer any questions or requests in relation to the processing of your data and your rights.

4. Minors

Napoleon Group’s products and services are not intended for persons under the age of 18. Only persons of legal age may register for our services. Therefore, we do not process personal data of minors.

5. On which grounds do we use your personal data?

We process your personal data on one or more of the following legal grounds (in accordance with Article 6 of the GDPR):

Processing for the performance of a contract or prior to entering a contract (article 6. 1. b GDPR)The processing of your personal data is necessary to take the necessary steps for your request, prior to entering into a contract or to perform that contract with you.
Processing based on your consent (Art. 6. 1. a. GDPR)If you have given us your consent to process your personal data, the processing will only be carried out for the purposes and to the extent stated in the declaration of consent. If you no longer agree with this processing, you have the possibility of revoking your consent at any time, without the need for justification.
Processing necessary for the purposes of our legitimate interests (Art. 6. 1. f. GDPR)We process some of your personal data to best protect our legitimate interests and those of our users, for example as part of our risk management, or when we detect and prevent fraud and abuse to protect the safety of our users, ourselves or others.
Processing for compliance with a legal obligation (Art. 6. 1. c. GDPR)In the course of our business, we are required to process some of your personal data in order to comply with our legal obligations (inter alia, identity checks, anti-money laundering controls, anti-fraud and market integrity, disclosure of data to supervisory authorities and other competent public authorities, if necessary, etc.)

6. Data categories

We may process the following personal data on the basis mentioned in section 5:

  • Contact data : when creating a new account or communicating with us, we may process, for example, the following personal data: surname, first name, address, nationality, e-mail, account photo.
  • Financial data : When purchasing and selling our services, we may process, for example, the following data : bank details (IBAN, BIC), payment service provider information, payment details, transaction identification data.
  • Account operation data : To ensure the proper operation of your account, we may process the following data: language preferences, login/password, transaction data, products and strategies chosen, user profile type, trading data, list of connected exchanges, API keys of connected exchanges, subscription date, amount of assets allocated and allocation(s), login time(s) and date(s), affiliate and referral program data, performance reports, billing data.
  • Activity analysis data : During certain activities on the website, we may process for example the following data: your IP address, computer or mobile device information, frequency, time, operating system, browser type, device type, unique device identification number, cookies, possibly form data, crash reports, performance data, third party cookies, etc., performance data and only with your explicit consent, data from camera, microphone, storage, phone.
  • Data related to a support/complaint request : if you contact our support team, we may process for example personal data provided to our team for this purpose.
  • Data for marketing purposes : If you visit our website or social networks, or during the use of mobile applications, we may process statistical and marketing data, e.g. number of visitors, frequency, clicks, time, locations, target groups, data from cookies and similar technologies, consumer behaviours, interests and preferences, data relating to market research and target group surveys etc.

7. Personal data retention period

Napoleon Group retains the data collected for the time strictly necessary for the purpose of the processing, and within the limits provided for by European and national legislation if it allows longer retention.

Unless explicitly stated in this Privacy Policy, the personal data we process is deleted as soon as it is no longer necessary for the purpose for which it was collected and the deletion does not conflict with our legal retention obligations.

8. Personal data recipients

We do not sell the personal data we collect from our users. Napoleon Group may only share personal data collected from users as described below, and with subsidiaries or affiliates of Napoleon Group, or its parent company, that follow practices at least as protective as those described in this policy.

Data transfer within the groupWithin the group, the relevant departments/employees will receive the personal data they need to fulfill the purposes of processing.
We transfer data as part of our day-to-day business operations, such as the management of customer accounts and other operations you have requested, as well as to carry out our internal administrative activities efficiently and to improve our products and services.
Data transfer to processorsWe may transfer data to processors who provide services to us. These service providers only have access to personal information that is necessary for the performance of their functions and may not use it for any other purpose.
Processors are also carefully selected and contractually obliged to ensure the confidentiality and security of your personal data that they process on our behalf.
Data transfer to third partiesJoint controllers: In the event that Napoleon Group is jointly responsible for the processing of personal data with other parties, we will pass on the data to these parties (in accordance with the legal bases in point 5). In the case of joint control, we will only pass on your data if there is sufficient agreement with our partners.
Data transfer to public administrations and institutionsWe may transfer your personal data to the relevant public authorities for the purposes of legal obligations, investigations, legal proceedings, or if we consider that the disclosure of personal data is necessary to prevent damage or financial loss.

9. Where do we store your personal data ?

The personal data we process is stored by our hosting provider Amazon Web Services on servers located within the European Union (in Ireland).

10. Data transfer within and outside the European Economic Area (EEA)

Due to the international nature of our business and our membership of the CoinShares Group, Napoleon Group may transfer your personal data outside the European Union and outside the European Economic Area (EEA).

Where applicable, Napoleon Group will put in place appropriate technical, organisational and contractual safeguards (under Article 46 of the GDPR), to ensure that such transfer is carried out in accordance with applicable data protection rules, unless the country to which the data is transferred is already considered by the European Commission to provide an adequate level of protection.

Napoleon Group will in all circumstances protect personal data as defined in this Privacy Policy.

For more information regarding the transfer of data, you may contact us as described in Section 1.

11. Cookies

We use cookies and similar tools to enhance your user experience, provide our services and understand how customers use our services so that we can improve them. The cookie banner on your browser tells you how to set them.

For more information about tracking, cookies and similar technologies and how to opt out, see our Cookie Policy.

12. Advertisement

You have the right to object to the processing of your personal data for advertising purposes. If you wish to object to this processing in general, you can contact us by email at the following address: privacy@napbots.com

The objection does not affect the lawfulness of the processing of your personal data on the basis of legitimate interests before your revocation.

With the cookie banner mentioned in section 11, please note that you also have the possibility to unsubscribe from tracking and setting cookies for advertising purposes.

13. Protection of your personal data

We design our systems with your security and privacy in mind. Napoleon Group implements technical and organisational security measures to protect your data from accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure.

14. Asserting your rights

Right of accessYou have the right to obtain confirmation from the controller as to whether or not your personal data is being processed. If they are, you have the right to request access to them.
Right to rectificationYou may request the rectification of your inaccurate personal data. In view of the purposes of the processing, you can have this data completed.
Right to erasureIn some cases, you have the right to have your personal data deleted. In such cases, we will delete the data as soon as possible.
Right to restriction of processingUpon request, you may obtain the restriction of the processing of personal data, in accordance with the conditions set out in Article 18 of the GDPR.
Right to data portabilityYou can ask us to disclose your personal data and you also have the right to pass this data on to another controller without us objecting.
Right to objectYou have the right to object to the processing of your personal data at any time. Unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims, we will no longer process this data.
Right of appealHave you noticed a failure in the processing of your personal data? You can lodge a complaint with the authority that transferred the data, the authority receiving the data or both. To do so, you can contact our DPO, whose contact details are given in section 1.

To assert your rights, or for any related questions, you can contact us:

  • via Zendesk or the chatbot accessible on Napbots;
  • by email at the following address: privacy@napbots.com.

In accordance with Applicable Regulations, we will ask you to prove your identity.

15. Contact the competent supervisory authority

We remind you that you have the possibility to file a complaint with the competent supervisory authority. In France, this authority is the Commission National Informatique et Libertés (CNIL), whose website address is: https://www.cnil.fr.

16. Policy updating

As our business is constantly evolving, our privacy policy will be reviewed periodically. We recommend that you check our site frequently for recent changes. If you do not agree with the revised content, you should stop using our services.

When an updated version of the Privacy Policy is posted, you continued access to our services signifies that you agree with the updated content and that you agree to abide by the updated Privacy Policy. Unless otherwise stated, our current privacy policy applies to all information we have about you and your account.