Article 1: Preamble

This Privacy Policy applies to the PRIMUM CHALLENGE website: https://primum-challenge.com/

The purpose of this Privacy Policy is to explain to the users of the website:

• How their personal data is collected and processed. Personal data is any data that can identify a user. This includes the first and last name, age, postal address, email address, location of the user or his IP address;
• What are the rights of the users concerning these data;
• Who is responsible for the processing of the personal data collected and processed;
• To whom this data is disclosed;
• Eventually, the policy of the website regarding “cookies”.

Article 2: General principles regarding data collection and processing

In accordance with the provisions of Article 3 of Law 09-08 on the protection of individuals with regard to the processing of personal data, and Article 5 of the European Regulation 2016/679, the collection and processing of the website users’ data respect the following principles:

• Legality, fairness and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his data is being collected, and for what purpose his data is being collected;
• Limited purposes: the collection and processing of data is carried out for one or more of the purposes set out in this Privacy Policy and the Terms of Use;
• Minimal data collection and processing: only the data necessary for the proper execution of the objectives pursued by the website are collected;
• Limited data retention: data is kept for a limited period of time, of which the user is informed. When this information cannot be provided, the user is informed of the criteria used to determine the retention period;
• Integrity and confidentiality of collected and processed data: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.

In order to be lawful, and in accordance with the requirements of Article 4 of Law 09-08, and Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the following conditions:

• The user has expressly consented to the processing;
• The processing is necessary for the proper execution of a contract;
• The processing responds to a legal obligation;
• The processing is necessary to protect the vital interests of the data owner or another natural person;
• The processing can be explained by a necessity linked to the execution of a mission of public interest or the exercise of public authority;
• The processing and collection of personal data is necessary for the legitimate and private interests pursued by the controller or by a third party.

Article 3: Personal data collected and processed in the context of navigation on the website

A. Data collected and processed and method of collection

PRIMUM CHALLENGE does not collect any personal data through this website. However, users can voluntarily share some information by addressing a message to one of the contact email addresses they can find on the website. In that case, the nature of data shared by the user via email is left to the user’s appreciation, whom is considered to have consented to this Privacy Policy.

The data processing carried out is based on the following legal grounds:

• The user’s consent;
• The Law 09-08 on the protection of individuals with regard to the processing of personal data (Morocco);
• The General Data Protection Regulation (GDPR) [Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC] (European Union).

B. Disclosure of data to third parties

The collected data may be openly disclosed to PRIMUM CHALLENGE S.A.R.L. employees in the course of their duties, insofar as they need it to pursue the purposes set forth in this Privacy Policy.

In addition, the personal data collected may be shared with third parties:

• If required by law;
• If the information is required for any legal proceedings;
• To protect the company’s legal rights.

Other than as set forth in this document, personal information will not be disclosed or shared with third parties under any circumstances.

C. Data hosting

The PRIMUM CHALLENGE website is hosted by Hostinger International Ltd., with headquarters at the following address: 61 Lordou Vironos Street, 6023 Larnaca, Cyprus. The hosting company can be contacted through the following page: https://www.hostinger.com/contacts

Article 4: Data controller

A. Data controller

The website is edited by PRIMUM CHALLENGE S.A.R.L., which is responsible for the processing of personal data, and can be contacted in this regard in the following manner:

• By e-mail: privacy@primum-challenge.com;
• By postal mail: Bd. Hassan 2, Res. Kolma 8, n° 3, Bouznika 13100 – Morocco;
• By phone: +212.537.74.53.17.

The data controller is responsible for determining the purposes and means of processing personal data.

B. Obligations of the data controller

The data controller is committed to protecting the personal data collected, not disclosing said data to third parties without the user’s knowledge, and respecting the purposes for which the data was collected.

The website makes use of an SSL certificate to ensure that the information and data transfer through the website is secure. The purpose of an SSL certificate (“Secure Socket Layer”) is to secure the data exchanged between the user and the website.

Moreover, the data controller will notify the user in the event of rectification or deletion of the data, unless it entails disproportionate formalities, costs or processes.

In the event that the integrity, confidentiality or security of the user’s personal data is compromised, the data controller will inform the user by any means deemed appropriate.

Article 5: User’s rights

In accordance with the regulations concerning the processing of personal data, the user has the rights listed below.

In order for the data controller to comply with the user’s request, the user must provide the data controller with the following information: first and last name, e-mail address, and any other information deemed necessary.

The data controller is obliged to respond to the user within 30 (thirty) days.

A. User’s rights regarding data collection and processing

a. Right of access, rectification and deletion

The user may view, update, modify or request the deletion of his or her data by following the procedure set out below:

• Send a written request by e-mail or by post, providing the data to verify his/her identity and retrieve the records associated with him/her.

b. Right to data portability

The user has the right to request the portability of his/her personal data, held by the website, to another website, by complying with the following procedure:

• Send a written request by e-mail or by post, providing the data to verify his/her identity and to retrieve the records associated with him/her.

c. Right to limit and object to the processing of data

The user has the right to request the limitation of or to object to the processing of his/her data by the website, with no possibility for the data controller to refuse, unless it can be shown that there are legitimate and compelling reasons, which can prevail over the interests and rights and freedoms of the user.

In order to request the limitation of the processing of his/her data or to object to the processing of his/her data, the user must follow the following procedure:

• Send a written request by e-mail or by post providing the data to verify his/her identity and retrieve the records associated with him/her.

d. Right not to be subjected to a decision based exclusively on an automated process

In accordance with the provisions of Law 09-08 and European Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him/her, or significantly affects him/her in a similar way.

e. Right to refer to the competent regulation authority

In the event that the data controller decides not to respond to the user’s request, and the user wishes to contest this decision, or if he/she believes that any of the rights listed above have been infringed, he/she is entitled to refer the matter to the “Commission Nationale de contrôle de la protection des Données à caractère Personnel” (CNDP) or any competent jurisdiction in Morocco.

B. Personal data of minors

In accordance with the provisions of Article 8 of the European Regulation 2016/679, only minors aged 15 years or older may consent to the processing of their personal data.

If the user is a minor under the age of 15, the consent of a legal representative will be required in order for personal data to be collected and processed.

The website editor reserves the right to verify by any means necessary that the user is over 15 years old, or that he/she has obtained the consent of a legal representative before browsing the website.

Article 6: Use of “cookies”

The website may use “cookies”.

A “cookie” is a small file containing information about the user’s browsing habits, and stored by the website on the user’s terminal. These files allow the website to process statistics and information on traffic, facilitate navigation and improve the service for the user’s comfort.

To make use of “cookies” involving the storage and analysis of personal data, the user’s consent must be requested.

The user’s consent is considered valid for a maximum period of 6 (six) months. At the end of this period, the website will request the user’s authorization to save “cookies” on his/her device again.

a. Opposition to the use of “cookies”

Cookies that are not essential to the operation of the website are only saved on the user’s terminal after obtaining his consent.

The user can also refuse the usage of “cookies” by configuring his/her browser.

For information, the user can find the steps to follow in order to configure his web browser to refuse the usage of “cookies” at the following links:

• Chrome: https://support.google.com/chrome/answer/95647?hl=fr
• Firefox: https://support.mozilla.org/fr/kb/enable-and-disable-cookies-website-preferences
• Safari: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
• Edge: https://support.microsoft.com/fr-fr/windows/supprimer-et-gérer-les-cookies- 168dab11-0753-043d-7c16-ede5947fc64d
• Opera: http://www.opera.com/help/tutorials/security/cookies/

In the case where the user decides to disable “cookies”, he/she will be able to continue his navigation on the website normally. However, any dysfunction of the website caused by this manipulation could not be considered as being due to the editor of the website.

b. “Cookies” used by the website

By default, the website does not use “cookies” to store personal data.

However, the website integrates social network buttons, allowing the user to share their activity on the website, as well as embedded content from other platforms. Cookies from these platforms and social networks may be stored on the user’s computer when using these features.

These services have their own privacy policies and Terms of Use that may differ from the website’s. The website’s editor invites users to consult these platforms’ specific privacy policies and Terms of Use.

Article 7: Changes to the Privacy Policy

This Privacy Policy can be viewed at any time at the following address: https://primum-challenge.com/privacy-policy/

The editor of the website reserves the right to modify it in order to guarantee its compliance with applicable legislation.

Therefore, the user is invited to consult this Privacy Policy regularly in order to be informed of the latest changes.

Article 8: Consent

By using the PRIMUM CHALLENGE website, the user agrees to:

• All terms and conditions included in this Privacy Policy;
• All the terms and conditions included in the General Terms of Use;
• The collection, use and retention of the data listed in this Privacy Policy.