Privacy Policy

The data controller responsible for processing your personal data is: Guipock Location: Spain Contact: Through the contact form on our website In compliance with the General Data Protection Regulation (GDPR) and the Spanish Organic Law 3/2018 on Personal Data Protection, we inform you about the processing of your personal data.

We collect the following categories of personal data: Data you provide directly: - Account information: name, email address, password - Contact form data: name, email, message content - Payment information: processed securely through third-party payment providers Data collected automatically: - Device information: device type, operating system, unique identifiers - Usage data: features used, content accessed, interaction patterns - Location data: only when you grant permission for location-based services - Technical data: IP address, browser type, access times Data from third parties: - If you register using social login (Google, Apple), we receive basic profile information as permitted by your privacy settings

We process your data for the following purposes: Contract execution (Art. 6.1.b GDPR): - Provide and manage our audio guide services - Process purchases and manage your account - Deliver purchased content and features Legitimate interest (Art. 6.1.f GDPR): - Improve and optimize our services - Prevent fraud and ensure platform security - Analyze usage patterns to enhance user experience Consent (Art. 6.1.a GDPR): - Send commercial communications (you can withdraw consent at any time) - Process location data for personalized recommendations - Use cookies for analytics and personalization Legal obligation (Art. 6.1.c GDPR): - Comply with tax and accounting obligations - Respond to requests from competent authorities

We may share your data with: Service providers: - Cloud hosting providers (data storage) - Payment processors (transaction processing) - Analytics services (usage analysis) - Email service providers (communications) Legal requirements: - When required by law or court order - To protect our rights or the safety of users - In response to valid requests from public authorities Business transfers: - In case of merger, acquisition, or sale of assets We do not sell your personal data to third parties for advertising purposes.

Your data may be transferred to countries outside the European Economic Area (EEA). When this occurs, we ensure adequate protection through: - Standard Contractual Clauses approved by the European Commission - Adequacy decisions by the European Commission - Other legally recognized safeguards We primarily use service providers located within the EU or in countries with adequate data protection levels.

We retain your personal data for: - Account data: While your account is active and up to 3 years after deletion - Transaction data: 6 years to comply with tax obligations - Usage data: Up to 2 years for analytics purposes - Contact form data: Up to 1 year after resolving the inquiry After these periods, data is securely deleted or anonymized.

Under GDPR, you have the following rights: - Access: Request a copy of your personal data - Rectification: Correct inaccurate or incomplete data - Erasure: Request deletion of your data ("right to be forgotten") - Restriction: Limit how we process your data - Portability: Receive your data in a structured, machine-readable format - Objection: Object to processing based on legitimate interests - Withdraw consent: Withdraw previously given consent at any time To exercise these rights, contact us through our contact form. We will respond within 30 days. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es

We implement appropriate technical and organizational measures to protect your data: - Encryption of data in transit (TLS/SSL) and at rest - Secure authentication and access controls - Regular security audits and vulnerability assessments - Employee training on data protection - Incident response procedures While we strive to protect your data, no method of transmission over the Internet is 100% secure.

Our services are intended for users aged 16 and over. We do not knowingly collect personal data from children under 16 without parental consent. If you believe we have collected data from a minor without appropriate consent, please contact us immediately so we can delete that information.

We use cookies and similar technologies to: - Ensure proper functioning of the website - Remember your preferences - Analyze traffic and usage patterns - Improve our services For more information, please see our Cookie Policy.

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Significant changes will be notified through: - Email notification to registered users - Prominent notice on our website - In-app notification We recommend reviewing this policy periodically.

For any questions about this Privacy Policy or to exercise your rights, you can contact us through: - Contact form on our website: guipock.com/contact We will respond to your inquiry as soon as possible and no later than 30 days.