Sign in Subscribe

Privacy Policy

Key Terms
In addition to the terms already defined in Article 1 of the General Terms and Conditions, the following terms are added, the meanings of which are defined by the “General Data Protection Regulation” (GDPR), Regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016, concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC:

Personal Data: Any information that, in any form, allows for the identification of natural persons to whom it relates. A natural person is considered identifiable if they can be identified, directly or indirectly, by reference to a name, an identification number, or one or more specific elements related to their physical, physiological, genetic, mental, economic, cultural, or social identity.

Data Subjects: Persons who can be identified, directly or indirectly, in the context of the Company's activities (commercial activity, marketing, customer relations, etc.), meaning all Users, Clients, and Prospects of the website.

Data Controller: The entity that, alone or jointly with others, determines the "why" and "how" of data processing, i.e., its purpose (goals pursued) and its means (conditions of implementation, particularly on a technical, material, and organizational level).

Processor: An entity that processes data on behalf and following the instructions of another entity, the Data Controller.

Personal Data Processing: Any operation performed on personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination, or any other form of provision, reconciliation or interconnection, limitation, erasure, or destruction.

Data Controller
The company SBEC determines the purposes and means of processing your Personal Data. In the context of managing the Website and the Accounts, the Company acts as the Data Controller as defined by Article 4 of the GDPR.

Categories of Personal Data Concerned

  • Identification Data: First and last name; email address.
  • Connection Data: Country of connection; IP address; log; User ID, etc.
  • Web Data: Cookies and browsing data; reviews and comments left across multiple channels, such as our websites or social media platforms.
  • Financial Data: Data related to the credit card of the Data Subject for the payment of a subscription made through a third-party service provider.

Although these data are sensitive or important, they are not classified as "sensitive data" in terms of fundamental freedoms and rights (Article 9.1 of the GDPR). While these data may require appropriate safeguards due to their specific nature or confidential character, their processing is not subject to specific rules under the European data protection regulation.

Recipients of Personal Data
Access to Personal Data is strictly regulated. The Company ensures that the data is only accessible to authorized internal or external recipients.

Internal Recipients:
Authorized personnel of the Company.

External Recipients:
The Company’s partners and subcontractors, particularly their authorized personnel, who have access only to the data necessary for the implementation of their services.
Authorities, legal representatives, and court officers, in the context of debt collection.

Furthermore, your Personal Data may be transmitted to third-party service providers who are required to use it solely in the context of the services assigned by the Company, such as:

  • When the Company engages subcontractors and independent contractors to assist in the provision of certain services: customer messaging platforms, advertising, statistics, data management and hosting, subscription payment services. These providers have limited access to the data of Data Subjects in strict compliance with the execution of their services.
  • When a Data Subject publishes information in public comment areas (blog, Facebook page, etc.) that is publicly accessible.
  • When a Data Subject authorizes a third-party website to access their data.

In this context, the Company ensures the security of your Data through strict controls:

  • If personal information is transferred within the European Union, the Company ensures that these third-party service providers comply with the principles of the General Data Protection Regulation (GDPR).
  • If personal information is transferred outside the European Union, the Company ensures that the relevant service provider has an adequate level of protection as determined by European regulations.

Your Personal Data may also be communicated to any authority legally authorized to access it. The Company may transmit data to comply with claims made against it and to adhere to administrative and judicial procedures. In this case, the Company is not responsible for how the personnel of these authorities access and use your data.

Data Retention Period
The Company retains your data for a certain period to provide its services or assistance. The Company may also retain certain of your information even after you close your account or when it is no longer needed to provide its services. However, your Personal Data will not be sold, rented, or exchanged for the benefit of third parties.

The retention period for data is defined by the Company according to the legal and contractual obligations it must comply with, or otherwise based on its needs, for each category of Personal Data concerned:

  • Data relating to Users and Clients (identification data, web data, client relationship tracking): These data are retained for the duration of the Account’s opening and up to 30 days afterward, upon request. This period may be extended for 5 years for marketing and prospecting purposes following the deletion of the Account or subscription cancellation.
  • Data relating to Prospects (identification data and web data): These data are retained for a maximum period of 3 years from their collection or from the last contact initiated by the Prospect.
  • Technical Data (connection data and cookies): Connection data (IP addresses and logs) are retained for 1 year from the last connection or use. Cookies may be retained for up to 13 months from the last consent.
  • Financial Data (payment details): Financial transactions related to subscription payments via the Website are handled by a third-party payment service provider who ensures the hosting, smooth processing, and security of the transaction. We never have access to your payment details.

Data that serve to establish proof of a right or contract (Client Data, etc.) or are retained for legal compliance (billing data, etc.) are subject to an intermediate archiving policy for a period not exceeding the duration necessary for the purposes for which they are retained, in accordance with applicable regulations.
After the retention periods have elapsed, the data is either deleted or anonymized, especially for statistical purposes. Data deletion or anonymization is irreversible, and the Company can no longer restore it afterward.

Security Measures for Personal Data
As the Data Controller, the Company commits to aligning its practices with European regulations and ensuring an adequate level of security corresponding to the risk (Article 32.1 of the GDPR).

Organizational security measures taken by the Company for the processing of Personal Data include, but are not limited to, the following:

  • All personnel are trained and regularly informed about developments in data security and Personal Data protection.
  • Only authorized personnel may access Personal Data, and access is provided only as necessary. Preventive measures are implemented to block unauthorized access to Personal Data.
  • No Personal Data is ever sold by the Company, even anonymously, for any purpose.

Technical security measures include, but are not limited to, the following:

  • Passwords and usernames are required before accessing any electronic environment in which Personal Data is stored.
  • All electronic devices and software storing Personal Data are regularly updated and protected against malware and unauthorized access.
  • Adequate security measures (e.g., firewalls) are in place at the interface between publicly accessible environments and company data storage areas, with measures to counter virtual attacks threatening data security (IDS/IPS, etc.).
  • Personal Data transmission is always done through encrypted communication services (e-mail, FTP, file sharing, HTTPS).
  • The physical environment (servers, etc.) where Personal Data is stored for the Data Controller is protected, and access is controlled and limited to authorized personnel only.
  • Personal Data can be anonymized or deleted using appropriate methods. The deletion of stored Personal Data makes it impossible to recover the data.

Your Rights Regarding Your Personal Data
To allow for regular updating of the Personal Data collected, the Company may request that Data Subjects comply with its requests. Under the applicable data protection regulations, Data Subjects have the following rights:

  • Right of Access (Article 15 of the GDPR): Data Subjects can exercise their right to access in order to know what Personal Data is being held about them.
  • Right to Rectification (Article 16 of the GDPR): If the Personal Data held by the Company is inaccurate, Data Subjects can request an update of the information.
  • Right to Deletion (Article 5 of the GDPR on “data purge” and Article 17 of the GDPR on data erasure or “right to be forgotten”): Data Subjects can request the deletion (either full or partial) of their Personal Data, in accordance with applicable data protection regulations.
  • Right to Restrict Processing (Article 18 of the GDPR): Data Subjects can request the Company to limit the processing of their Personal Data under conditions set by the GDPR.
  • Right to Object to Processing (Article 21 of the GDPR): Data Subjects can object to their data being processed under the conditions specified by the GDPR.
  • Right to Data Portability (Article 20 of the GDPR): Data Subjects can request the Company to provide their Personal Data in a portable format for transmission to a new entity, in strict compliance with applicable data protection regulations.

You can exercise one or more of these rights by contacting us via the contact form. A response will be sent to you no later than one month after receiving the request. This period may be extended by two months if the complexity of the request or the number of requests requires it. To protect against data leaks or identity theft, certain requests may require a photocopy of a valid signed identity document.

Contact Regarding Data Protection
A Data Protection Officer is available for any questions or additional clarifications regarding the Privacy Policy. You can contact them via the website's contact form.
For more general information on Personal Data protection, you can consult the National Commission on Informatics and Liberty (CNIL) website at: www.cnil.fr.

Conditions of Application of the Privacy Policy
Continuing to navigate on the MyMomentumPortfolio.com Website signifies full acceptance of the provisions of this Privacy Policy. The version currently online is the only one applicable during the use of the Website until a new version replaces it.
Our policy on Personal Data (confidentiality and cookies) may be modified or amended at any time in response to legal, jurisprudential developments, CNIL decisions, or evolving practices. Any new version of this Policy will be communicated to Data Subjects by any means defined by the Company, including electronic means (e.g., by email or online publishing).

Last updated on 13/03/2025.