Privacy Policy

MUSIC VINS Simplified Joint Stock Company (SAS) Share capital: €2,423,760.00 Registered office: 4 Rue du Chapelier, 93290 Tremblay-en-France, France RCS Bobigny: 432 280 592 Email: contact@music-vins.com We are responsible for processing your personal data in accordance with the General Data Protection Regulation (GDPR) and French data protection law.

Identification Data: • Title, surname, first name • Date and place of birth • Nationality • Postal and email address • Phone number Identity Verification Data (KYC): • Copy of ID document (ID card, passport) • Proof of address • For companies: registration certificate, articles, directors' identity Financial Data: • Bank details (IBAN, BIC) • Transaction and operation history Connection Data: • IP address • Browsing data • Language preferences

Your data is used for: Online Cellar Management: • Creation and management of your personal account • Execution of entrusted sales mandates • Tracking of your lots and resale operations • Communication of real-time buyback offers Regulatory Compliance: • Identity verification (KYC) • Anti-money laundering (AML) • Tax and accounting obligations Personalized Support: • Contact by your dedicated advisor • Lot recommendations tailored to your profile • Information about new opportunities Service Improvement: • Anonymized statistical analysis • User experience improvement

Contract Performance: Processing necessary for the execution of the Sales Mandate Contract and management of your online cellar. Legal Obligation: KYC/AML verifications required by current regulations. Legitimate Interest: Transaction security, fraud prevention, service improvement. Consent: Commercial and marketing communications (revocable at any time).

Active customer data: Throughout the duration of the business relationship. Inactive customer data: 3 years after the end of the business relationship. KYC documents: 5 years after the end of the business relationship (AML legal obligation). Billing and transaction data: 10 years (accounting and tax obligation). Connection data: Maximum 1 year. At the end of these periods, your data is deleted or irreversibly anonymized.

Your data may be shared with: MUSIC VINS Staff: Sales teams, advisors, customer service, accounting. Technical Providers: • Hosting: Vercel Inc. • Secure payment solutions • Identity verification services Operational Partners: • Approved bonded warehouses (storage) • Insurance companies (product coverage) • International network of buyers (resale) Authorities: In case of legal obligation or judicial requisition. Important: We never sell your data to third parties. Our partners are contractually bound to confidentiality.

Your data is primarily processed within the European Union. In case of transfer to a third country (particularly for hosting), we ensure appropriate safeguards are in place: • European Commission standard contractual clauses • European Commission adequacy decision • Approved certification or code of conduct

Under the GDPR, you have the following rights: Right of access: Obtain a copy of all your personal data. Right to rectification: Correct inaccurate or incomplete data. Right to erasure: Request deletion of your data (within legal limits). Right to restriction: Request temporary suspension of processing. Right to portability: Receive your data in a structured, reusable format. Right to object: Object to processing for legitimate reasons. Withdrawal of consent: At any time for consent-based processing. To exercise your rights: Email: dpo@music-vins.com Mail: MUSIC VINS - Data Protection 4 Rue du Chapelier, 93290 Tremblay-en-France, France You can also file a complaint with the CNIL: www.cnil.fr

We implement robust technical and organizational measures: Technical Measures: • Encryption of sensitive data (AES-256) • HTTPS protocol for all communications • Two-factor authentication available • Firewall and intrusion detection • Daily encrypted backups Organizational Measures: • Access limited to authorized personnel • Regular security training • Incident management procedures • Periodic security audits

Our site uses cookies to improve your experience: Essential Cookies (required): Necessary for site operation (authentication, security, language preferences). Analytics Cookies: Anonymized analysis of site usage to improve our services. Preference Cookies: Remembering your choices (currency, display). You can manage your preferences via the cookie banner or in your browser settings. Refusing non-essential cookies does not affect access to the service.

Data Protection Officer: Email: dpo@music-vins.com Phone: +33 1 62 14 22 27 Updates: This policy may be updated to reflect regulatory changes or changes in our practices. Significant changes will be notified to you by email. Effective date: Changes take effect upon publication on the site.