Privacy Policy

At Nuevo Sentido Tecnológico Realidad Aumentada, S.L. we are committed to ensuring that your personal data is protected and is not used for purposes other than those indicated in this Privacy Policy. For this reason, in this section we inform users and interested parties of everything concerning the processing of their personal data, thus complying with the data protection regulations applicable in our country: General Data Protection Regulation (EU) 2016/679, of 27 April on the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter, “GDPR“) and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDGDDD“).

This Privacy Policy is applicable to the processing of data that Nuevo Sentido Tecnológico Realidad Aumentada, S.L. (ONIRIX) carries out through this website: www.onirix.com (hereinafter, the “Website“) and/or those indicated. We recommend that you read it carefully before using this Website or providing your data through it. Please do not hesitate to contact us with any questions you may have at the following e-mail address: info@onirix.com. 

TABLE OF CONTENTS

In this Policy you will find all the information relating to the processing of your personal data and the rights you can exercise to maintain control over them. In this regard, you will find information on:

  1. Who is responsible for the processing of your data?
  2. What requirements you must meet to provide us with your personal data?
  3. What data processing we carry out through the website and what are its main characteristics? Explaining to you:
  • What data we collect and how we collect it?
  • For what purposes we collect the data we request from you?
  • What is the legitimacy for its processing?
  • How long we keep them?
  1. To which recipients your data is communicated.
  2. Existence of international transfers of your data.
  3. What your rights are and how you can exercise them?
  4. How we protect your personal information?
  5. Which legislation affects this policy?
  6. Changes to this policy.

1.WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?

Your personal data will be processed by the company NUEVO SENTIDO TECNOLÓGICO REALIDAD AUMENTADA, S.L. (“ONIRIX“), with Tax Identification Number B74378720 and whose contact details are as follows:

  • Address: Edificio CEEI, Calle Ablanal, Parque Tecnológico de Asturias, Llanera – 33428
  • Contact email: info@onirix.com 

2.WHAT REQUIREMENTS DO YOU HAVE TO MEET IN ORDER TO PROVIDE US WITH YOUR PERSONAL DATA?

2.1. Minimum age. To provide us with your personal data, you must be at least 14 years of age and/or have sufficient legal capacity to use this Website.

2.2. Truthfulness. When you provide us with your data to use our services, you guarantee that the data and information provided is real, truthful, updated and belongs to you and not to third parties. 

Furthermore, you must notify us of any modification that may occur in the data provided, being responsible in any case for the truthfulness and accuracy of the data always provided. 

2.3. Age and Truthfulness Control. ONIRIX reserves the right to verify your age and identifying information at any time, if necessary, including by requiring an official proof of age or equivalent procedure and, in the event of fraud detection that proves or is suspected that you are under the age indicated, to delete, temporarily disable and/or terminate your account.

3.WHAT DATA PROCESSING DO WE CARRY OUT THROUGH THE WEBSITE AND WHAT ARE ITS MAIN CHARACTERISTICS?

Below, we explain how we treat your personal information and provide you, in detail, with all relevant information regarding your privacy:

3.1 When you contact us through our channels (contact form, chat or email):

What are the data collection methods?
-Contact form
-Chat
-Sending e-mails to info@onirix.com or other ONIRIX e-mail addresses.
What personal data do we collect?
Identifying and contact information. We collect your identifying information (name), email address, telephone number and the company you are a member of, if applicable, as well as any other information you voluntarily include in the communications you send us.We may request additional information from you if necessary to comply with your request or requirement.
What are the purposes of the processing of your personal data?
To answer your requests. The main purpose of the processing of this data will be to answer your requests, resolve your queries and/or provide you with the required information, as well as, where appropriate, to follow up on your requests.

Chat support on the Website is provided by automated software (chat bots). These bots analyse the keywords used in the communication and respond with information available on the website that may be relevant to your question. They can also categorise the query and then route it to the appropriate person or department. 

Improve customer service. All the information obtained from the doubts, queries and advice offered to interested parties, as well as the way in which requests are resolved, allows us to know how we provide our own customer service and to improve the quality of the same. 
In the same way, all the information collected will be anonymised at the end of the retention period indicated below and will be used to analyse the most frequently asked questions via chat, to automate the most frequently asked questions, to create FAQs or for statistical purposes in order to develop commercial strategies.
What is the basis of legitimacy that allows us to process your data? Is it mandatory to provide this data?
Consent. The data provided for the above purposes will be processed based on your consent, given when you voluntarily contact us through the means made available to you to request information or make a request.
All information collected by the Customer Service Department will be processed by us for statistical purposes to help us improve the quality of customer service. This purpose is considered compatible with the first one.
The information that you are required to provide will be indicated by an asterisk or similar. Without this information it will not be possible to deal with your enquiries or requests.
How long do we keep your information?
We will process all your personal information for as long as your requests are being processed and, if necessary, to follow up on them. Once this period has expired, ONIRIX will keep this information, blocked, for the periods provided for by law to meet any liabilities and to demonstrate compliance with our obligations. From this moment on, ONIRIX will only process the information in an anonymised form, so it will not be possible to link the statistical information with the specific users to whom it refers.
To whom do we give your personal information?
We do not make any additional transfers to carry out this processing other than those indicated, in general terms, in point 4. To whom do we transfer your personal information? In this regard, some of the channels through which you can contact us are managed by service providers, who act as processors, including our chat, which is owned by Zendesk, with whom we have signed the Data Processing Agreement.You will find more information on how these service providers operate in section 4 above.

3.2 When you sign up for our newsletter and other commercial communications:

What are the data collection methods?
Registration box for receiving commercial information on the registration form.Newsletter registration form.
What personal data do we collect?
Identification and contact data: For the sending of commercial information by electronic means, we use the identification data (name) and contact data that you include in the form.
What are the purposes of the processing of your personal data?
Sending publications and commercial communications related to our products/services: We may send you, by electronic means, our newsletter and other commercial communications related to our products and services.
What is the basis of legitimacy that allows us to process your data? Is it mandatory to provide this data?
The sending of commercial communications is carried out based on your consent, granted by: (i) ticking the box to register for commercial communications; or (ii) registering on our newsletter registration form.You may unsubscribe from these commercial communications at any time through the mechanism indicated in each e-mail or by expressing your wish to unsubscribe by sending an e-mail to info@onirix.com
How long do we keep your information?
The information will be kept by us for as long as you are on our mailing list for this type of information and, once you unsubscribe, it will be blocked for the legally required period of time in order to deal with possible liabilities.
To whom do we give your personal information?
There are no specific disclosures of your personal data for the purposes set out in this section. However, we may use the services of email marketing service providers or other advertising and marketing service providers, who will have limited access to the data and will be bound by a duty of confidentiality (for more information on how our service providers operate, see section 4. To whom do we disclose your personal information? > Service Providers).

3.3 When you register and create an account on the Website (Onirix.studio)

What are the data collection methods?
Registration form / account creation on the Website (Onirix.studio).  
What personal data do we collect?
When you choose to create your account via a registration form: We collect your identification data (first and last name) and email address, as well as a password. 
When you create your account by signing in with your Google Account: In case you choose to register or sign in via your Google Account, we will have access to some of your information that Google transmits to us, namely: your first name, last name, email address, as well as your Google ID.
ONIRIX use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Employment details: We collect information about the company you belong to and represent or your profession, within the options available in the drop-down. We also collect your phone number.
Other information: During account creation, additional information related to the purpose of our services is collected (type of devices at your disposal, use of augmented reality, etc.).
What are the purposes of the processing of your personal data?
Create your account and offer you a space where you can create augmented reality projects. Once your identity has been verified by email, you will have access to your account, where you will be able to create augmented reality projects.
To perform and maintain the contractual relationship between the Parties. The main purpose of the processing of this data will be to maintain and execute the contractual relationship between the parties, which may include Administrative, fiscal, legal, accounting and commercial management of customer data. Attention of queries and complaints via web, telephone, or electronic means. Establishment of follow-up meetings. Management of active subscriptions and collections. Contact you.
Send you commercial information. See section 3.2.
Identity verification, Prevention, detection and prosecution of activities that are unlawful or contrary to the terms of service or jeopardize the security of the information or the Website. ONIRIX may process the data to verify that you are a real person, and to monitor and prevent any form of abuse of our services, such as fraudulent activities, denial of service attacks, sending spam, unauthorised access to user accounts, as well as any other practice that is contrary to the Terms of Use or jeopardises the security of the information or the integrity of the Website itself.
What is the basis of legitimacy that allows us to process your data? Is it mandatory to provide this data?
Execution of the contract. The processing of data is necessary for the performance of the contract between the parties. Consent: If you have ticked the relevant box to receive commercial communications, ONIRIX may send you commercial communications based on your consent, as indicated in section 3.2.Legitimate interest: The processing that we carry out for the verification of your identity, prevention of unlawful activities and others related to the security of the Website will be processed based on our legitimate interest in ensuring the security of the network and information to prevent events that could compromise the availability, authenticity, integrity and confidentiality of personal data or the Website itself. If you would like more information about the weightings, we have given to ONIRIX’s legitimate interests in relation to the above purposes, please contact us at info@onirix.com. All data requested and processed by ONIRIX for the above purposes will be necessary for the purposes indicated. If they are not provided, it will not be possible to perform the services and administrative tasks related to them.
How long do we keep your information?
All personal information will be processed by us for the duration of the contractual relationship between the parties. Once this period has expired, ONIRIX will keep this information, blocked, for the periods provided for by law to meet any liabilities and to demonstrate compliance with our obligations. 
To whom do we give your personal information?
We do not make any additional transfers to carry out this processing other than those indicated, in general terms, in point 4. To whom do we transfer your personal information? In this regard, we may use service providers for the provision of certain ancillary services (e.g. management software), who act as Processors. You will find more information on how these service providers operate in point 4 above.

3.4 When you post comments through our Blog:

What are the data collection methods?
Publication of comments on our Blog.
What personal data do we collect?
Identification and contact details: We ask you for your identification details (name), email and website.
What are the purposes of the processing of your personal data?
Publication of your comments in the corresponding blog entry. The main purpose of the processing of your data through this form is the publication of your comment, opinion, or contribution in the corresponding blog entry. You should note that it is mandatory to comply with the Comments Policy.
What is the basis of legitimacy that allows us to process your data? Is it mandatory to provide this data?
Consent. The publication of comments on the Blog is done based on your consent, granted at the time of sending the comment for publication.
The information necessary to process your application will be indicated by an asterisk or similar marking.
How long do we keep your information?
The comment will remain published if the entry is published on our website, as long as it is relevant to the public. All information, after this period, will be blocked for the legal deadlines foreseen to attend possible responsibilities.
To whom do we give your personal information?
Please note that comments are public, so the chosen username will be visible to all other users accessing the Website.We may use the services of service providers, who will have limited access to the data and will be bound by a duty of confidentiality (for more information on how our service providers operate, see section 4. To whom do we disclose your personal information? > Service Providers).

3.5 Website navigation (cookies)

We use cookies or other tracking and tracing tools on this Website to collect information about how users use the Website. 

For more information on how we treat you through these tracking tools, please visit our Cookie Policy.

3.6 Onirix profiles in social networks.

ONIRIX has a profile on the main social networks, such as Facebook, Twitter, Instagram, LinkedIn, and YouTube

When you become a follower of any of our pages on social networks, the processing of data will be governed by the terms of use, privacy policies and access regulations belonging to the corresponding social network and previously accepted by the user. 

ONIRIX, in this sense, will process your data for the purposes of correctly managing its presence on the social network, informing you of activities, products or services, as well as for any other purpose that the regulations of the social networks allow. 

Please note that we have no influence over the information that the social network collects or how it processes it, so we recommend that you keep yourself informed of the purpose and extent of the collection of information through these social networks.

4.TO WHOM DO WE DISCLOSE YOUR PERSONAL INFORMATION?

In general, ONIRIX will not communicate your data to third parties. However, in addition to the transfers that we specifically indicate in the section in which we explain the characteristics of the different operations (point 3), we inform you of the communications that we may make, in general, and which affect all the above processing and its legitimate basis.

  1. Providers of essential services to carry out the service we offer you (for example, computer hosting companies or platforms for sending commercial communications). However, these entities have signed the corresponding confidentiality agreements and will only process your data in accordance with our instructions and may not use them for their own purposes or for purposes other than the service they provide us with.
  2. Public bodies. We may disclose to the competent public authorities the data and any other information in our possession or accessible through our systems when there is a legal obligation to do so, as well as when required, for example, when the purpose is to prevent or prosecute abuse of the services or fraudulent activities through our Website or web page. In such cases, the personal data you provide to us will be retained and made available to administrative or judicial authorities.
  3. In the event of a corporate transaction: In the event of a merger, acquisition, sale of all or part of its assets or any other type of corporate transaction involving a third party, we may share, disclose or transfer user data to the successor entity (including during the pre-transaction phase).
  4. To third parties after aggregation or anonymisation: we may disclose or use aggregated or anonymised data (i.e. data which cannot be linked to an identified or identifiable natural person) for any purpose.
  5. To third parties with your consent or other legitimate basis: In the event that we wish to share data with third parties outside the scope of this Privacy Policy, we will always seek your consent or inform you of your consent and legitimate basis.

We also inform you that this Privacy Policy only relates to the collection, processing and use of information (relating to personal data) by us through your interaction with our Website. Access to third party websites that you may access through links from the Website have their own privacy policies over which we have no control. Therefore, before you provide them with any personal information, we recommend that you inform yourself about their privacy policies.

5.ARE YOUR PERSONAL DATA TRANSFERRED TO THIRD COUNTRIES OUTSIDE THE ECONOMIC AREA?

Some of our service providers are in countries outside the European Economic Area (“EEA“).

The location of these companies outside the EEA implies the existence of an international transfer of your personal data, which could lead to a lower level of protection than that provided for in European legislation. However, ONIRIX has implemented measures to ensure that such transfers do not result in a lower level of protection of your personal data.

In this regard, service providers outside the EEA have signed the relevant Standard Contractual Clauses approved by the European Commission (“SCC“), an agreement signed between the two entities whereby the non-EU company guarantees that it applies European data protection standards. 

Therefore, the use of these providers does not result in a lower level of protection of your personal data than the use of providers located in the European Union. You can consult the content of the TCHs at the following link:

https://ec.europa.eu/info/law/law-topic/data-protection/publications/standard-contractual-clauses-controllers-and-processors_en

Currently, ONIRIX makes the following international transfers:

Entity
Location
Guarantee mechanism
Automattic, Inc.
United States
SCC
The Rocket Science Group LLC
United States
SCC
Google
United States
SCC
Mixpanel
United States 
SCC
Stripe
United States 
SCC
Sendgrind
United States
SCC
Zendesk
United States
SCC

6.WHAT ARE THE RIGHTS YOU CAN EXERCISE AS A STAKEHOLDER?

You can exercise the rights guaranteed to you by law in relation to the processing of your personal data by contacting us by email at info@onirix.com.   

Any rights request we receive will be dealt with as soon as possible and in any event within the maximum time limit set by law from the time we receive it. In some cases, we may need to ask you for a copy of your identity card or other identification document if we need to verify your identity.

Your rights as a stakeholder are as follows: 

  1. Right to withdraw consent

You may withdraw your consent in relation to all processing based on your consent at any time. However, withdrawal of consent will not affect the lawfulness of the processing based on the consent prior to its withdrawal.

  1. Right of access

You have the right to know what data is being processed, if any, and, if so, to obtain a copy of it, as well as to obtain information relating to: 

  • the origin and recipients of the data; 
  • the purposes for which they are processed; 
  • whether there is an automated decision-making process, including profiling; 
  • the data retention period; and 
  • the rights provided for in the regulations.
  1. Right of rectification

You have the right to obtain the rectification of your personal data or to complete them when they are incomplete.

  1. Right of suppression

You have the right to request the deletion of your personal data if they are no longer necessary for the purpose for which they were collected or if we are no longer authorised to process them.

  1. Right to data portability

You have the right to request data portability in the case of processing of your data that is based on your consent or the performance of a contract, provided that the processing is carried out by automated means. In case of exercise of this right, you will receive your personal data in a structured format, commonly used and readable by any electronic device. However, you may also request, where possible, that your data be transferred directly to another company.

  1. Right to restrict the processing of your personal data

You have the right to limit the processing of your data in the following cases:

  1. When you have requested the rectification of your personal data during the period in which we verify the accuracy of your personal data.
  2. When you believe that we are not authorised to process your data. In this case, you can ask us to limit its use instead of requesting its deletion.
  3. When you consider that it is no longer necessary for us to continue processing your data and you want us to keep it for the purpose of exercising or defending claims.
  4. Where there is processing based on our legitimate interest and you have exercised your right to object to such processing, you may ask us to restrict the use of your data during the verification of the prevalence of those interests over your interests.

7.Right to object

You have the right to object at any time to the processing of your personal data based on our legitimate interest, including profiling.

Unsubscribe from commercial communications: Remember that at any time you can object to receiving this type of communication by sending an email to info@onirix.com. You may also opt out of this service by following the instructions indicated at the bottom of the body of each of the electronic communications we send you.

  1. Right to lodge a complaint with the Supervisory Authority

Remember that, at any time, and if you consider that we have infringed your right to the protection of your data, you may contact the corresponding Control Authority, in the case of Spain, the Spanish Data Protection Agency (www.agpd.es). 

7.HOW DO WE GUARANTEE THE CONFIDENTIALITY OF YOUR INFORMATION?

The security of your personal data is a priority for us. For this reason, ONIRIX has implemented all the necessary security measures to guarantee the effective use and processing of the personal data provided by the user, safeguarding the privacy, privacy, confidentiality, and integrity of the same and makes use of the technical means necessary to avoid the alteration, loss, unauthorised access or processing of your data, according to the state of technology at any given time.

Consequently, we comply with the security standards recommended to protect them. However, it is impossible to fully guarantee their security due to the nature of the Internet and because there may be malicious acts by third parties beyond our control. 

We undertake to act promptly and diligently if data security is compromised or compromised, and to inform you if relevant. 

8.WHAT LEGISLATION AFFECTS THIS PRIVACY POLICY?

Below, we provide you with the laws and regulations that assist, protect, and establish your rights, which have inspired this policy:

  • General Data Protection Regulation (EU) 2016/679 of 27 April on the protection of natural persons with regard to the processing of personal data and the free movement of such data 

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679

  • Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights.

https://www.boe.es/eli/es/lo/2018/12/05/3

  • Law 34/2002 of 11 July 2002 on information society services and electronic commerce.

http://www.boe.es/buscar/act.php?id=BOE-A-2002-13758

9.PRIVACY POLICY MODIFICATIONS

ONIRIX may modify the content of the privacy policy at any time, especially when there are changes in legislation, jurisprudence or interpretation of the Spanish Data Protection Agency that affect the data processing carried out by ONIRIX through this Website. Any new version of this Privacy Policy will come into force on the date of entry into force published. 

If the revised version includes a material change that affects the processing of your data, we will notify you at least 30 days in advance by posting a notice on our website or communicating it to you via email. In any event, we encourage you to periodically review this Privacy Policy to be informed of how your personal data is processed and protected, and of your rights.

This Privacy Policy was amended in January 2023.