Privacy Pollicy

Privacy Policy

Last Updated: September 1, 2025

1. Introduction

This Privacy Policy explains how DATA INNOVATION, SL (“we,” “us,” or “our”) collects, uses, shares, and safeguards personal data when you visit our website, interact with us, or use our services.

We are committed to processing your personal data transparently and in compliance with applicable data protection laws, including:

  • Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR)

  • Organic Law 3/2018 – on the Protection of Personal Data and guarantee of digital rights (LOPDGDD)

  • Applicable commercial, tax, and data protection regulations

By using our website, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

DATA INNOVATION, SL
CIF: ESB67565283
Registered Address: Pere IV 148B, 08005 Barcelona, Spain
Phone: +34 624 112 679
Email: info@datainnovation.io

3. Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Identification Data: First and last name

  • Contact Data: Email address, phone number

  • Technical Data: IP address, browser type, operating system, pages visited, duration of visit

  • Commercial & Contractual Data: Information necessary to process service requests, proposals, or quotes

  • Behavioral Data: Navigation patterns collected through analytics tools such as Google Analytics and Metricool

We do not collect sensitive personal data such as racial or ethnic origin, religious beliefs, health data, or sexual orientation.

4. Purposes of Processing

Your personal data is processed for the following purposes:

  1. Service Management: Handling requests, inquiries, or quotations submitted through contact forms or email.

  2. Commercial Communications: Sending marketing and promotional messages about our services (only with your prior consent).

  3. Analytics & Improvement: Monitoring website traffic, user behavior, and performance to improve our services and user experience.

  4. Compliance: Fulfilling legal, tax, accounting, and data protection obligations.

5. Legal Basis for Processing

We process personal data based on:

  • Consent: For sending commercial communications and using non-essential cookies

  • Contractual necessity: To respond to service requests or perform pre-contractual measures

  • Legal obligations: For data required under tax, accounting, or compliance regulations

  • Legitimate interest: For website analytics, security, and continuous service improvement, always balancing your rights and freedoms

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact requests: Stored until the inquiry is resolved

  • Contractual data: Retained during the contractual relationship and the legally required retention periods thereafter

  • Marketing data: Stored until consent is withdrawn

  • Analytics data: Retained up to 26 months, in line with Google Analytics settings

7. Data Sharing & Service Providers

We do not sell or disclose personal data to third parties except when required by law or necessary for service delivery.

We work with trusted data processors who act on our behalf under contracts that ensure GDPR compliance. These include:

  • Google LLC – provider of Google Analytics, with international data transfers under EU Standard Contractual Clauses

  • Metricool Software S.L. – analytics provider with servers within the EU

  • Technology partners – hosting, email, and technical maintenance providers

All partners are contractually bound to protect your data and ensure confidentiality.

8. International Data Transfers

Some processing activities may involve transferring data outside the European Economic Area (EEA). These transfers are carried out only when adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Additional technical and organizational measures such as encryption, pseudonymization, and restricted access

You may request more details about international transfers by writing to info@datainnovation.io.

9. Your Rights

You have the following rights regarding your personal data:

  • Right of Access – Obtain confirmation of whether we process your data

  • Right of Rectification – Correct inaccurate or incomplete data

  • Right of Erasure – Request deletion when data is no longer needed

  • Right to Object – Object to processing based on legitimate interest

  • Right to Restriction – Request processing limitation in certain circumstances

  • Right to Portability – Request transfer of your data to another controller

To exercise your rights, please email info@datainnovation.io with a copy of your ID or equivalent documentation.

If you believe your rights have not been properly addressed, you may file a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es

10. Cookies & Tracking Technologies

Our website uses first-party and third-party cookies to enhance navigation, personalize content, perform analytics, and show relevant advertising (with prior consent).

You can review our full Cookie Policy here:
https://datainnovation.io/en/cookie-policy/

11. Security Measures

We have implemented appropriate technical and organizational measures to ensure an adequate level of security, including:

  • Encrypted connections (HTTPS)

  • Access control policies and strong authentication

  • Regular data backups

  • Incident response protocols and periodic reviews

12. Children’s Privacy

We do not knowingly collect personal data from children under 14 years of age. If we become aware of unauthorized data collection from a minor, we will delete such data immediately.

13. Policy Updates

We reserve the right to update this Privacy Policy at any time to reflect legal, operational, or technological changes. Updates will be published on this page with the last updated date indicated. We recommend reviewing this Privacy Policy periodically.