Privacy Policy

Last updated: February 22, 2026

This Privacy Policy describes how we process personal data at Pirenix, in accordance with Regulation (EU) 2016/679 (GDPR), Spanish Organic Law 3/2018 (LOPDGDD), and other applicable laws.

1. Data Controller

• Data Controller: Joan Medina i Martí
• Email: contact@pirenix.com

2. Personal Data We Process

• Account data: email, role, user status, internal identifiers.
• Authentication and security data: session cookies, CSRF tokens, technical logs.
• Integration data: OAuth identifiers and tokens from connected platforms.
• Analytics/advertising data: campaign metrics and ads performance data.
• Usage data: browser, dates/times, and feature interaction data.

3. Purposes of Processing

• Provide the contracted service and manage user accounts.
• Authenticate users and prevent fraud/abuse.
• Display analytics and operational recommendations.
• Comply with legal obligations and respond to lawful authority requests.
• Improve service security, stability, and performance.

4. Legal Bases (Article 6 GDPR)

• Performance of a contract (Art. 6(1)(b) GDPR): service provision.
• Legitimate interests (Art. 6(1)(f) GDPR): security, fraud prevention, and operational improvement.
• Consent (Art. 6(1)(a) GDPR): where required for specific purposes.
• Legal obligation (Art. 6(1)(c) GDPR): regulatory compliance.

5. Recipients and Data Processors

We do not sell personal data. Data may be accessed by:

• Technology providers required to operate the service (hosting, email, monitoring).
• Third-party platforms you explicitly connect (for example, Meta).
• Authorities when required by law.

6. International Transfers

If any provider processes data outside the EEA, we apply appropriate safeguards (for example, the European Commission's Standard Contractual Clauses or other valid mechanisms).

7. Data Retention

We retain data for as long as necessary for the relevant processing purpose and, afterwards, for applicable statutory limitation periods. You may request deletion where appropriate.

8. Data Subject Rights

You may exercise the following rights:

• Access
• Rectification
• Erasure
• Objection
• Restriction of processing
• Data portability
• Withdrawal of consent (where applicable)

To exercise your rights, contact contact@pirenix.com. You may also lodge a complaint with the Spanish Data Protection Authority (AEPD): www.aepd.es.

9. Security

We apply appropriate technical and organizational measures to protect personal data (access controls, encryption in transit, hardening measures, monitoring, and traceability).

10. Cookies

This service uses essential technical cookies for authentication and security. Where applicable, we comply with Spanish cookie rules under the LSSI and provide information through the corresponding cookie policy/banner.

11. Minors

The service is intended for professional/business use and is not directed at children under 14. We do not knowingly process children's data.

12. Changes to This Policy

We may update this policy due to legal or service changes. The current version will be published at this same URL with its update date.