Privacy Policy – Anantys

Last updated: March 7, 2026

This policy describes how Anantys SAS collects, uses, and protects the personal data of users of its application and website, in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller is:

Anantys SAS
61 rue de Lyon, 75012 Paris
Email: privacy@anantys.com

2. Data Collected

We collect only the data necessary to provide our services:

User identifiers : email, username (authentication is handled by established identity providers such as Google or Microsoft; we do not store passwords).
Investment data : information entered manually or synchronized from connected bank accounts.
Technical data : session cookies, security logs.

3. Purpose of Processing

The collected data is used exclusively for:

Managing the user account and providing access to the service.
Analyzing and displaying the user's financial data in their dashboard.
Providing personalized tracking of investment strategies.
Conducting anonymized statistical analyses to improve functionality and user experience, without exploiting data for commercial purposes or sharing it with third parties.

No personal data is sold or shared with third parties for commercial purposes.

4. Legal Basis for Processing

Processing is based on:

Contract : provision of the Anantys service.
Consent : for certain features (analytics cookies, bank account synchronization).

5. Data Retention Period

Data is retained for the duration of service use. In case of cancellation, it is deleted 45 days after the end of the current subscription.

6. User Rights

In accordance with GDPR, you have the following rights:

Access : your data is accessible at any time via the native CSV export.
Rectification : you can modify your information via your personal space.
Deletion : your data is automatically deleted upon cancellation.

Any request can be sent to: privacy@anantys.com

7. Data Security

Data is hosted in the European Union, on secure servers from Railway (Amsterdam, Netherlands). Technical and organizational measures protect your information against unauthorized access, modification, or disclosure.

Since Railway is an American company, certain legal obligations (e.g., Cloud Act) may, in exceptional cases, involve access by American authorities. In this context, Anantys applies standard contractual clauses (SCC) and ensures that appropriate safeguards are in place to maintain a level of protection compliant with GDPR.

8. Cookies and Tracking

The site uses:

Session cookies necessary for the service to function (consent not required).
Analytics cookies activated only with your consent.

You can manage your preferences via the consent banner.

9. Contact

For any questions regarding the protection of your data: privacy@anantys.com

By using Anantys, you accept this privacy policy.