Privacy Policy

1. Data Controller Information

Company: Graphext Inc Sucursal en Espana
NIF: W0279624A
Address: Calle de Arlaban 7, Planta 5, Puerta 51. 28014 Madrid, Spain
DPO Contact: dpo@graphext.com

2. Information We Collect

We collect and process personal data that you provide directly to us, as well as data collected indirectly through cookies and similar technologies.

• Data you provide: Name, email address, company information, and any other information you submit through our forms or services.
• Data collected automatically: IP address, browser type, device information, usage data, and cookies.

3. Sources of Data

We collect data from the following sources:

• Directly from you when you register, contact us, or use our services
• From your web navigation and interaction with our website
• From third-party services with your consent

4. Purposes of Processing

We process your personal data for the following purposes:

• Contractual: To provide and manage our services, process payments, and fulfill our contractual obligations
• Legitimate interest: To improve our services, conduct analytics, prevent fraud, and send relevant communications
• Consent: To send marketing communications and use certain cookies
• Legal compliance: To comply with applicable laws and regulations

5. Data Transfers

Your data may be transferred to:

• Public administrations when required by law
• Service providers who assist us in delivering our services
• Business collaborators with appropriate safeguards in place

When transferring data outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

6. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data
• Restriction: Request limitation of processing
• Portability: Request transfer of your data
• Objection: Object to processing based on legitimate interest

To exercise your rights, contact us at dpo@graphext.com.

7. Data Retention and Cookies

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by law. For information about our use of cookies, please see our Cookie Policy.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Access controls and authentication
• Regular security assessments
• Staff training on data protection

9. Children's Privacy

Our services are not intended for individuals under 14 years of age. If you are under 14, you must have parental authorization to use our services. If we learn that we have collected personal data from a child under 14 without parental consent, we will take steps to delete that information.

10. Updates to This Policy

We review this Privacy Policy monthly and update it as necessary. When we make significant changes, we will notify you through our website or by other appropriate means. We encourage you to review this policy periodically.