Our Commitment to Data Privacy

Protecting the privacy of individuals who provide us with Personal Data ("Personal Data") is of sincere importance to CoinShares France (“CoinShares”, “we”, “our”, us) and to the way we do business. You have shown your trust in us by interacting with SHPRD.FINANCE (the “App”), and we value that trust.

To this end, we are committed to respecting local data privacy legislations (together “Applicable Laws”), in particular, the (EU) 2016/679 General Data Protection Regulation of the European Parliament and of the Council of 27 April 2016 on the protection of persons with regard to the processing of personal data (“the GDPR”).

General Provisions

This Privacy Policy (the "Policy") describes how we collect, use, store, share and protect your Personal Data when you use the App. This Policy applies when you ("you", "Client", "User", “Visitor”) access, visit or use any portion of the App. Please read this Policy carefully. The term Personal Data used in this Policy, refers to the term defined in Article 4 of the GDPR. This Policy does not apply to information submitted or collected through Apps maintained by other companies or organisations to which we may link or who may link to us. We are not responsible for the actions and privacy policies of third-party Apps.

Data Protection Officers

When using the App, we are the personal data controller. This means that we determine the purposes and means by which your data is processed. “Controller”, “Joint controller” or “Processor”, used in this Policy, refer to the terms defined in Article 4 of the GDPR. We are not a public authority or body; a body whose core activities would lead us to carry out regular and systematic monitoring of individuals on a large scale; or a body whose core activities would lead us to process on a large scale so-called "sensitive" data (biometric data, genetic data, data concerning health, sex life, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership) or data concerning criminal convictions and offences. As a result, we are not required to appoint a Data Protection Officer at the group level, although we understand the importance of ensuring good governance of this system. To do so, we have appointed our Compliance Function with the duty to ensure that our processing operations comply with this Policy and, more generally, with the Applicable Laws. The Compliance Function will endeavour to answer any questions or requests in relation to the processing of your data, your rights, and our Policy. If you have any questions or requests regarding the processing of your Personal Data, please contact our Compliance Function at the following address: privacy@coinshares.com

Automated decision-making and profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. Please note that we may use automated decision-making systems, especially in the context of preventing fraud in relation to our regulatory obligations. However, no decision is exclusively based on such a type of processing, as each decision always requires human intervention.

How we process your Personal Data

We collect and process information relating to you and your use of the Services. How we handle it differs as set out below:

How long do we keep your Personal Data?

We retain the data collected for the time strictly necessary for the purpose of the processing, and within the limits provided for by Applicable Laws if it allows longer retention. Unless explicitly stated in this Policy, the Personal Data we process is deleted or anonymized as soon as it is no longer necessary for the purpose for which it was collected and if the deletion does not conflict with our legal retention obligations.

How do we protect your Personal Data?

We adopt appropriate data collection, storage, processing practices and security measures to protect against unauthorised access, alteration, disclosure, or destruction of your Personal Data, username, password, transaction information, and data stored on the App. All Personal Data is being dealt with in accordance with the Applicable Laws. We designed our systems with your security and privacy in mind. We implemented technical and organisational security measures to protect your data from an accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure, in particular: Ultra-secure encryption; Secure servers; Backups; Continuous monitoring. We maintain physical, technical, administrative, and procedural safeguards to protect Personal Data, and access to Personal Data is limited to the employees who require it for their job functions. CoinShares is ISO 27001 certified, demonstrating thereby our engagement to maintain a secure platform for our customers, under strict design, procedures, controls and continual improvement.

How do we share your Personal Data?

Please note that we do not sell, trade or rent your Personal Data to others. We will only share your Personal Data with third parties as described in this Policy and ensure the data recipients follow practices at least as protective as those described in this policy. We may share your Personal Data with: ● Group's companies: Relevant departments from the Group will receive your Personal Data if they need it to contribute to the purpose of processing. We transfer data as part of our business operations, to carry out our internal administrative activities efficiently and to improve our products and services. ● Service providers, affiliates and commercial partners: These recipients help us with our business operations, and only have access to Personal Data necessary for the performance of their functions and may not use it for any other purpose. Processors are also carefully selected and contractually obliged to ensure the confidentiality and security of your personal data that they process on our behalf. ● Third parties, including governmental authorities and law enforcement: We may transfer your personal data to the relevant public authorities to i) defend our legal rights, interests or property and any of its related entities; ii) protect the safety and security of our customers or members of the public; iii) protect against fraudulent activities, or comply with Applicable Laws, subpoena or legal process. ● Companies that we plan to merge with or may be acquired by. If Coinshares may be sold or transferred in whole or in part (or such a sale or transfer is being contemplated), your personal data may be transferred to the new entity or potential new entity as part of the transfer itself or as part of an initial review for such transfer/purchase (i.e. due diligence), subject to any rights provided by applicable law, including jurisdictions where the new entity or potential new entity are located. Coinshares has a legitimate interest in being able to perform these transactions (Art. 6(1)(f) GDPR). ● Other third parties with your consent or at your direction to do so. ● Third parties for any legitimate business purpose not otherwise prohibited by the Applicable Laws. Data transfer within and outside the European Economic Area (EEA) The Personal Data we process on this App is stored by our hosting provider Amazon Web Services on servers located within the European Union. Due to the international nature of our business, we may transfer your Personal Data inside and/or outside the European Union, as well as outside the European Economic Area (EEA). Where applicable, we will put in place appropriate technical, organisational and contractual safeguards, to ensure that such transfer is carried out in accordance with applicable data protection rules, unless the country to which the data is transferred is already considered by the European Commission to provide an adequate level of protection. If you need further information on how your Personal Data is being transferred, you can reach us as described in Section 3 of this Policy.

How can you restrict us from sharing your Personal Data?

It is possible to limit our use and sharing of your Personal Data, as such: ● You may unsubscribe from marketing emails, by clicking the “Unsubscribe” link in the email footer or contacting privacy@coinshares.com. ● You can modify your browser settings to decline cookies, but certain features of the App may not function properly or be unavailable if you do so. For more information, you can also read our Cookie Policy below. During your browsing, you can always withdraw your consent to cookies at any time by changing your cookie preferences. ● On your mobile device, you can know which third parties have currently enabled cookies and eventually opt-out of some of those cookies. You may also select “Limit Ad Tracking” (on iOS devices) or “Opt out of Interest-Based Ads” (on Android). Even if you disable tracking, keep in mind that you may still receive interest-based advertising, including from third parties with whom your information had been previously disclosed and that you may still receive advertising from third parties, although such advertising may not be based on your interests and preferences. ● We use the information provided by Google Analytics to improve our Services. For more information regarding how Google collects, uses, and shares your information and how to opt-out of certain uses please visit How Google uses information from sites or apps that use our services – Privacy & Terms and Google Analytics Opt-out Browser Add-on Download Page. ● Your browser or device may include “Do Not Track” functionality. Note that our information collection and disclosure practices, and the choices we provide to visitors, will continue to operate as described in this Policy whether or not a Do Not Track signal is received.

Third-Party Links

The App may contain links to third-party Apps, including social media sites. By including a link to a third-party App, we do not endorse or recommend any products or services offered or information contained in the third-party App. This Policy does not govern any access to and use of such linked Apps, but instead is governed by the privacy policies of those third-party Apps. We are not responsible for the information practices of such third-party Apps. If you decide to visit a third-party App via a link contained in or by the App, you do so at your risk.

Asserting your rights

You may request, for example, to access, correct, or delete Personal Data that you have provided to us. You will not be permitted to examine the Personal Data of any other person or entity and may be required to provide us with Personal Data to verify your identity prior to accessing any records containing information about you. Unless stated otherwise by the Applicable Laws or any other legal provision or applicable regulations, you may exercise the following rights: ● Right of access: You have the right to obtain confirmation from CoinShares to whether or not your personal data is being processed. In that case, you have the right to request a copy of the personal data and additional information such as the purposes of the processing, the categories of personal data concerned, where the data came from and the recipients or categories of recipients to whom the personal data have been or will be disclosed. To request a copy of the personal data undergoing processing does not mean that you always have the right to obtain the document itself where your personal data occurs. The right of access should not be confused or equated with right to access official documents from an authority. For additional copies requested by you, we may charge a reasonable fee based on administrative costs. ● Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. ● Right to erasure: In certain cases, you have the right to ask us to erase your personal data if, for example, the personal data is no longer necessary in relation to the purpose, you withdraw your consent and there is no legal ground for us to process the personal data, the personal data have been unlawfully processed or you have objected to the processing and there are no overriding legitimate grounds for the processing. To the extent that it is necessary to continue the processing of your personal data, for example to fulfil our legal obligations or to establish, exercise or defend legal claims, we are not obliged to delete your personal data. This means that certain data can be stored until we are no longer obliged to process them. However, we will cease our communication (direct marketing/newsletter) to you after you have requested to be deleted. ● Right to restriction of processing: You have the right to request the restriction of the processing of your personal data if you believe that your personal data is inaccurate, our processing is unlawful or that we no longer need the personal data for specific purposes. If you object to the processing of personal data you may also request the restriction while we assess the legitimate grounds (the objection request). In this case, the respective data will be marked and the personal data may only be stored and processed by us for certain purposes. Coinshares will inform you when the restriction is lifted. ● Right to withdraw your consent: If Coinshares processes your personal data based on consent, you have the right to withdraw your consent at any time by contacting us and this will not affect the lawfulness of the processing based on consent before the withdrawal.Right to data portability: You have the right to receive a copy of the personal data concerning you which you have provided to us and that we process by automated means for the performance of a contract with you or based on your consent. You have the right to receive your personal data in a structured, commonly used and machine-readable format and this allows you to transmit those personal data to another entity without hindrance from us. ● Right to object: You have the right to object at any time to our processing of your personal data with reference to your personal circumstances and provided that the processing is based on a legitimate interest (Art. 6(1)(f) of the GDPR) as a legal basis. Unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims, we will no longer process this data. If your personal data is processed for direct marketing, you have the right to object to the processing at any time and we have no right to continue processing your personal data for such purposes. In your objection, please state which processing purpose(s) you object to and your grounds relating to your particular circumstances.

Contact the competent supervisory authority

We remind you that you have the possibility to file a complaint with the competent supervisory authority, in particular in the EU Member State of your habitual residence, place of work or alleged infringement of the GDPR. In France, this authority is the Commission National Informatique et Libertés (CNIL), whose App address is: https://www.cnil.fr.

How to contact us

The following legal entity is data controller for the processing of your personal data: CoinShares France Registered under the number 882 455 108 With headquarters registered 25 rue du 4 Septembre 75002 Paris If you want to exercise any of your rights, have any questions regarding this privacy policy or the processing of your personal data, please contact our Compliance Function at the following address: privacy@coinshares.com.

Changes to this policy

As our business is constantly evolving, it may become necessary to updatethe Policy from time to time as necessary to comply with Applicable Laws or for legitimate business purposes. By continuing to use our App, you agree to remain bound by the Policy. You acknowledge and agree that it is your responsibility to periodically review this Policy and check for any changes. In such a case, a new version will be published on the App.

Cookies Policy

About the Cookies Policy

This Cookies Policy (the “Policy”) describes how CoinShares France (“CoinShares”, “we”, “our”, us) uses cookies and other tracking devices through www.shprd.finance (the “App”). This Policy applies when you ("you", "User", “Visitor”) access, visit, or use any portion of the App and has to be read in conjunction with our above-mentioned Privacy Policy. Your privacy is important to us. As such, we encourage you to read this policy on cookies and other tracking devices to understand how they work and how our company and third parties use them. We use cookies to personalise content and ads, provide social media features, and analyse traffic. We also share information about your use of our site with our social media, advertising and analytics partners, who may combine it with other information you have provided or collected from your use of their services. This Policy allows you to understand how and why we use them so that you can make an informed choice about their use during your browsing.

Legal basis

When you first visit our App, we ask for your consent to the use of cookies for different purposes. You have the option to accept all, allow a specific selection (i.e.preferences, statistics and/or marketing) or decline cookies. We do not need your consent to use strictly necessary cookies and we may process personal data collected via strictly necessary cookies based on a legitimate interest, where our interest in maintaining the App overrides the visitors interest in not having the information processed. During your browsing, you can always withdraw your consent to cookies at any time by changing your cookie preferences.

What are cookies, and why do we use them?

Cookies are text files placed on the user's device when visiting an App. Cookies are downloaded to the Visitor’s computer, tablet, smartphone or other devices. Cookies then allow us to recognise that device, track your browsing and record helpful information to optimise your visit to our site and access the various features. Cookies can be classified by their lifetime and by the domain to which they belong: ● By legitimacy: ○ Necessary: Necessary cookies help make an App usable by enabling essential functions like page navigation and access to secure areas of the App. The App cannot function properly without these cookies. ○ Preferences: Preference cookies enable an App to remember information that changes the way the App behaves or looks, like your preferred language or the region that you are in. ○ Statistics: Statistic cookies help App owners to understand how visitors interact with Apps by collecting and reporting information anonymously. ○ Marketing: Marketing cookies are used to track visitors across Apps. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers. ○ Unclassified: Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies. ● By duration: ○ Session cookies: These are cookies that are deleted when the user closes the web browser. ○ Persistent cookies: These are cookies that remain stored on the hard disk of the user's terminal for a predefined period. ● By domain: ○ First-party cookies: These are cookies deposited by the server of the visited App that shares the same domain. ○ Third-party cookies: These are cookies that are deposited by a domain other than that of the App visited. Because of the way they work, we cannot access the data collected by third-party cookies, and in particular, we cannot control all the tracking functions of third-party tools. However, these providers are required to comply with applicable data protection regulations. We may use different types of cookies.

Which tools do we use and can you opt out?

Because of how cookies and similar technologies work, we cannot access data collected by third-party cookies, nor can other companies or persons access the data generated by such tools, and in particular, not all tracking functions of third-party tools can be controlled by us. All the following providers are obliged to comply with the applicable data protection regulations and are solely responsible for any processing of personal data as a data controller according to article 4(7) of the GDPR.

How to manage your cookies settings?

When you first visit our App, we ask for your consent to use cookies. You have the option to accept or decline cookies via the cookie settings banner. Other options exist, in particular via your browser settings, which allow you to permanently oppose the installation of cookies or to be informed if a new cookie has been installed. Cookies that have already been installed can be deleted at any time via your browser or other software. You can find a description of the appropriate settings for each current browser by clicking on the following links: ● Chrome: Clear, enable, and manage cookies in Chrome - Computer ● Firefox: Apps say cookies are blocked - Unblock them | Firefox Help ● Safari: Manage cookies and App data in Safari on Mac - Apple Support ● Microsoft Edge: Allow or Block Cookies in the new Microsoft Edge ● Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Changes to this Policy

Please note that this Policy may be updated from time to time. We, therefore, recommend that you read this policy whenever you decide to accept or decline cookies from us or change your initial cookie setting.

Contact

If you have any questions about this Cookies Policy, or more generally about the processing of your personal data, please contact us at privacy@coinshares.com.