Privacy Policy App

Privacy Policy

1.-  Identification and contact details of the data controller

E-wink app is property of Youforget.me S.L., company with address at Avenida de la Borbolla, 41, (41013) in Seville, which is responsible for the processing of personal data through this website (hereinafter “the website”).

The purpose of this privacy policy is to provide information on the rights of the user under the General Data Protection Regulations (GDPR) and the Organic Law on Data Protection and Guarantees of Digital Rights.

If you have any questions regarding the processing of your personal data, contact the Company at the following address: dpd@youforget.me

2.- General information: description of the information contained in the privacy policy

In this privacy policy you will find a table identifying the treatments carried out by Youforget.me. In these tables you will be informed about:

  • The reasons for processing your personal data
  • The legal bases that allow the processing of data by Youforget.me for the indicated purpose.
  • The possible transfer or communication of your data to third parties, as well as the reason for this communication. For these purposes, we inform you that we do not transfer your personal data, except when there is a legal obligation (Public Treasury, Judges and Courts, Security Forces and Bodies, etc.) or we expressly indicate it in the table that appears below in the following point.
  • On the other hand, those in charge of processing the company may have access to your personal data, that is, the service providers who, in order to carry out their functions, have to access your personal data. The service providers that access your personal data, in general, are dedicated to the information systems and technology sectors. The table below indicates, where appropriate, the sectors in which other potential service providers who may access your personal data are engaged.

Technology

Hosting

Siteground

Technology

Digital Footprint Service

Lampyre

Technology

Difigital Footprint Service

Pimeyes

Technology

Infrastructure and microservices

Google – Firebase

Technology

Infrastructure and microservices

Apple

Financial/tax/legal consulting

Financial, tax, legal advisors

Multiple providers

Marketing

CRM and digital marketing campaigns

Hubspot/GetResponse/Clientify/

Technology

Digital signature and verified ID

Logalty

We inform you that you can request more detailed information regarding the recipients of your data by sending an email to the address: dpd@youforget.me

  • The existence of potential international data transfers.
  • The term of conservation of the data that you provide us. We inform you that, subsequently, your data will remain blocked for the attention of judicial, administrative or fiscal claims, for the periods legally determined by each applicable regulation.

3.- Necessary and updated information

The blank fields provided to you in the forms on our website that contain asterisks are mandatory to fill in. Omitting one or more of these fields will leave us unable to provide you with our services, so you won’t be able to receive your digital footprint report. Please ensure all information provided is accurate and current.

So that your information is always up to date and does not contain errors, you must notify Youforget.me, as soon as possible, of the modifications and rectifications of your personal data that occur through the following email: dpd@youforget.me

4.-  Exercise of your personal data rights

We inform you that you can exercise the following rights:

* Right of access to your personal data to know which ones are being processed and the processing operations carried out with it.

* Right to rectification any inaccurate personal data.

* Right to erasure your personal data

* Right to restriction of  processing  your personal data , when the accuracy, legality or necessity of data processing is in doubt, in which case, we may keep the data for the exercise or defense of claims.

* Right to object the processing of your personal data,  when the legal basis that enables us to process it, of those indicated in the table included in section 5, is legitimate interest. Youforget.me will stop processing your data, unless it has a compelling legitimate interest or for the formulation, exercise or defense of claims.

* Right to data portability of your personal data, when the legal basis that enables us to process those indicated in the table included in section 5 is consent.

* Right to withdraw your consent at any time.

You can exercise your rights at any time and free of charge in the following ways:

  • By sending an email to dpd@youforget.me indicating the right you want to exercise and your identification data.
  • Addressing a written request to Youforget.me, Avda de la Borbolla, 41 (41013) Seville, indicating the right you wish to exercise and your identification data.

We would also like to inform you that you have the right to file a claim with the Spanish supervisor (Agencia Española de Protección de Datos) if you consider that an infringement of data protection legislation has been committed regarding the processing of your personal data.

5.- Detailed information on the treatments carried out by service:

5.1.- Purpose of the treatment

5.1.1.- Attend to queries sent through the demo request form

  • Legal basis: Legitimate interest of Youforget.me, SL to attend to the requests submitted to the company through its demo request form
  • Recipients: Your personal data will not be transferred to any third party nor will access be provided to any service provider in addition to what is indicated in section 2
  • General information: description of the information contained in the privacy policy
  • International transfers: See point 9 International data transfers
  • Conservation period: Until the resolution of the query or deletion request by the user
  • What data we share with data processor? Name and surnames and email address
  • What data do we obtain and keep? Name and surnames and email address

5.1.2.- Service provision of the Youforget.me application for the processing of administrative requests managed in professional offices and digital footprint service

  • Legal basis: contract for the provision of services for the processing of administrative requests and consent for the fingerprint service.
  • Recipients: Your personal data will not be transferred to any third party nor will access be provided to any service provider in addition to what is indicated in section 2. General information: description of the information contained in the privacy policy.
  • International transfers: See point 9 International data transfers
  • Storage period: Until consent is withdrawn or deletion request by the user
  • What data we share with data processor?
    • Name and surname
    • Email address
    • ID
    • Phone number
    • Facial photographs provided by the user if they consent to this service.
  • What data do we obtain and keep?

o From our clients (professional firms):

  • Name and surname
  • Email address
  • Phone number
  • Company name (legal persons)
  • Address
  • Service provision contracts
  • Tax identification number
  • Name and surnames of employees registered on the platform
  • Email address of employees that are registered on the platform

o Of the interested parties, through our clients (data controllers):

  • Name and surname
  • Email address
  • ID
  • Phone number
  • Address
  • Public data on the internet for the provision of fingerprint service (if contracted)
  • Family book (if necessary for service provision)
  • Biometric data: for the digital footprint service, photographs provided by the user if they consent to this service.

5.1.3.- Sending commercial information, offers and new products or services.

  • Legal basis: consent to send you our commercial information
  • Recipients: Your personal data will not be transferred to any third party nor will access be provided to any service provider in addition to what is indicated in section 2. General information: description of the information contained in the privacy policy.
  • International transfers: no international transfers of your personal data will be made
  • Storage period: Until consent is withdrawn or deletion request by the user.
  • What data do we obtain and keep? Name and surnames and email address.

6.- Security

Youforget.me has implemented and maintains the security levels required by the GDPR to protect the personal data of the interested parties against accidental loss and unauthorized access, treatment or disclosure, while also taking into account the state of the technology, the nature of the data stored and the risks to which they are exposed.

However, the transmission of information over the Internet is not completely secure. For this reason, Youforget.me, despite making its best efforts to protect the data of interested parties, cannot guarantee their security during transit to the website.

Therefore, all the information you provide will be sent at your own risk. Once your data is received, Youforget.me will use rigorous procedures and security features to prevent any unauthorized access.

7.- Confidentiality

The personal data that we may collect through the website or through the different communications that we maintain with you, will be treated confidentially, committing ourselves to keep secrecy regarding them in accordance with the provisions of the applicable legislation.

8.- Minors

Children under 14 years of age may not use the services available through the website. In this sense, and to the extent that Youforget.me does not have the capacity to control whether or not the interested parties are minors, it is warned that it must be the parents and guardians who enable the necessary mechanisms to prevent minors from accessing the website and/or provide personal data without their supervision. Youforget.me does not accept any responsibility in this regard.

9.- International data transfers

We may transfer your personal data to countries other than the country in which you reside. Youforget.me website servers are primarily located in UE. However, some of our third party suppliers and partners operate in several countries. While these countries may have different data protection laws to those in your country, you can be assured that Youforget.me takes reasonable steps to implement appropriate security measures to protect your personal data in those countries in accordance with this Privacy Policy.

For  the “digital footprint” service, Youforget.me carries out international transfers with the Republic of the Seychelles Islands, through the Pimeyes platform. The data object of said transfers are: biometric data of facial images.

When the digital footprint assistant is done through a privacy professional, the data controller expresses his consent to said international transfer of data in countries that do not comply with the adequacy agreement with the European Union, by signing the contract and your processing order.

Additionally, the consent of the end user is also given, if he requires this service. The end user always decides which data provide to us, not being mandatory to give all the types of data mentioned. 

Youforget.me carries out data transfers with the United States through Hubspot exclusively for our Marketing services. In this case, Youforget.me, requires that said recipient comply with measures designed to protect personal data and for that it is based on mechanisms approved by the EU such as the Standard Contractual Clauses (SCCs) (EU) 2021/914 of June 4.

Youforget use Apple services for its app. Personal data relating to individuals in the European Economic Area, the United Kingdom, and Switzerland is controlled by Apple Distribution International Limited in Ireland. Apple’s international transfer of personal data collected in the European Economic Area, the United Kingdom, and Switzerland is governed by (SCCs).

Youforget.me also use Google. Google also incorporates (SCCs) into contracts with customers of its business services, including Firebase, Google Workspace, Google Cloud Platform, Google Ads, and other ads and measurement products.

Standard contractual clauses (SCCs) are written commitments between parties that can be used as a ground for data transfers from the EU to third countries by providing appropriate data protection safeguards. SCCs have been approved by the European Commission and can’t be modified by the parties using them (you can see the SCCs adopted by the European Commission here, here, and here). Such clauses have also been approved for transfers of data to countries outside the UK and Switzerland.

10.- Updating of the privacy policy

This privacy policy is currently in effect and has been updated in December 2022.

Privacy policy of the E-WINK APP. 

1.- Identification and contact details of the data controller. 

E-wink app is owned by Youforget.me S.L., a company with address at Avenida Pablo Picasso, 74, (41940) in Tomares, Seville, which is responsible for the processing of personal data through this website (hereinafter “the website”). 

The purpose of this privacy policy is to provide information on the user’s rights under the General Data Protection Regulation (GDPR) and the Organic Law on Data Protection and Guarantees of Digital Rights. 

The protection of personal information, its security and confidentiality is of utmost importance to the Youforget.me team. Therefore, we recommend that you read this Privacy Policy carefully, as the information you provide through this app is protected under the terms of this Privacy Policy. Likewise, we remind you that the use of this app implies the acceptance of this Privacy Policy. 

If you have any questions about the processing of your personal data, please contact the Company at the following address: dpd@youforget.me. 

2.- General information: description of the information contained in the privacy policy. 

The operations, management and technical procedures that are carried out in an automated or non-automated manner and that enable the collection, storage, modification, transfer and other actions on personal data, are considered to be personal data processing. 

In this privacy policy you will find a table identifying the treatments carried out by Youforget.me. These tables will tell you about: 

  • The reasons for processing your personal data. 
  • The legal bases that allow the processing of data by Youforget.me for the indicated purpose. 
  • The possible transfer or communication of your data to third parties, as well as the reason for this communication. To this end, we inform you that we do not transfer your personal data, except when there is a legal obligation (Public Treasury, Judges and Courts, Security Forces and Corps, etc.) or we expressly indicate it in the table that appears below in the following point. 
  • On the other hand, those in charge of processing the company may have access to your personal data, that is, the service providers who, in order to carry out their functions, have to access your personal data. The service providers that access your personal data, in general, are dedicated to the information systems and technology sectors. The table below indicates, where appropriate, the sectors in which other potential service providers who may access your personal data are engaged. 

Technology 

Hosting 

Siteground 

Technology 

Fingerprint Reporting Service 

Lampire 

Technology 

Fingerprint Reporting Service 

Pimeyes 

Technology 

Infrastructure & Microservices 

Google – Firebase 

Technology 

Infrastructure & Microservices 

Apple 

Financial/Tax/Legal Consulting 

Financial, Tax & Legal Advisors 

Multiple Providers 

Marketing 

CRM & Digital Marketing Campaigns 

GetResponse/Clientify 

Technology 

Digital signature and verified ID 

Logalty 

Technology 

Fingerprint Service 

HaveIbeenpwned.com 

We inform you that you can request more detailed information regarding the recipients of your data by sending an email to the address: dpd@youforget.me. 

  • The existence of possible international data transfers. 
  • The term of conservation of the data you provide to us. We inform you that, subsequently, your data will remain blocked for the attention of judicial, administrative or tax claims, during the periods legally determined by each applicable regulation. 

3.- Necessary and updated information. 

The blank fields provided to you on forms on our website that contain asterisks are mandatory to fill in. Omitting one or more of these fields will leave us unable to provide our services to you, so you will not be able to receive your digital footprint report. Please ensure that all information provided is accurate and current. 

As a user, you accept and guarantee that the personal data you provide are true, being solely responsible for any damage, direct or indirect, that may be caused to Youforget.me as responsible for this website or to third parties, if you fill in any form with false data or that of third parties causing deception, damage or harm. 

To ensure that your information is always up-to-date and error-free, you must notify Youforget.me, as soon as possible, of any changes and rectifications to your personal data that may occur via the following e-mail address: dpd@youforget.me. 

4.- Exercising your personal data rights. 

We inform you that you can exercise the following rights: 

– Right of access to your personal data in order to know which data is being processed and the processing operations carried out with it. 

– Right to rectification any inaccurate personal data. 

– Right to erasure your personal data. 

– The right to restriction of processing your personal data, when the accuracy, legality or necessity of the processing of data is doubtful, in which case, we may keep the data for the exercise or defence of claims. 

– Right to object to the processing of your personal data, when the legal basis that enables us to process it, of those indicated in the table included in section 5, is legitimate interest. Youforget.me, will stop processing your data, unless it has a compelling legitimate interest or for the formulation, exercise or defense of claims. 

– Right to the portability of your personal data, when the legal basis that enables us to process it as indicated in the table included in section 5 is consent. 

– The right to revoke your consent at any time. 

You can exercise your rights at any time and free of charge in the following ways: 

  • By sending an email  to dpd@youforget.me indicating the right you wish to exercise and your identification data. 
  • Addressing a written request to Youforget.me, Avenida Pablo Picasso, 74, (41940) de Tomares, Seville, indicating the right you wish to exercise and your identification data. 

We would also like to inform you that you have the right to file a claim with the Spanish Data Protection Agency (Agencia Española de Protección de Datos) if you consider that an infringement of data protection legislation has been committed regarding the processing of your personal data. 

5.- Detailed information on the treatments carried out by service: 

We will not use your data for any purpose not stated in this privacy policy, nor will we send additional unsolicited information with your express consent. 

5.1.- Purpose of the treatment. 

5.1.1.- Attend to the queries sent through the demo request form. 

  • Legal basis: Legitimate interest of Youforget.me, SL to respond to the requests submitted to the company through its demo request form. 
  • Recipients: Your personal data will not be transferred to any third party and access will not be provided to any service provider other than as indicated in section 2. General Information: Description of the information contained in the privacy policy. 
  • International Transfers: See point 9 International Data Transfers. 
  • Retention period: Until the resolution of the query or request for deletion by the user. 
  • What data do we share with the data processor?  Name and surname and email address. 
  • What data do we collect and keep?  Name and surname and email address. 

5.1.2.- Provision of Youforget.me application services for the processing of administrative requests managed in professional offices and digital footprint service. 

  • Legal basis: Contract for the provision of services for the processing of administrative requests and consent for the fingerprinting service. 
  • Recipients: Your personal data will not be transferred to any third party and access will not be provided to any service provider other than as indicated in section 2. General Information: Description of the information contained in the privacy policy. 
  • International Transfers: See point 9 International Data Transfers. 
  • Storage period: Until consent is withdrawn or deletion is requested by the user. 
  • What data do we share with the data processor? 
  • Name and surname 
  • Email Address 
  • IDENTIFICATION 
  • Phone Number 
  • Facial photographs provided by the user if they consent to this service. 
  • What data do we collect and keep? 

o From our clients (professional firms): 

  • Name and surname 
  • Email Address 
  • Phone Number 
  • Company name (legal entities) 
  • Address 
  • Contracts for the provision of services 
  • Tax Identification Number 
  • Name and surname of employees registered on the platform 
  • Email address of employees who are registered on the platform 

o From the data subjects, through our clients (data controllers): 

  • Name and surname 
  • Email Address 
  • IDENTIFICATION 
  • Phone Number 
  • Address 
  • Public data on the internet for the provision of the fingerprint service (if contracted) 
  • Family book (if necessary for the provision of the service) 
  • Visual data: for the footprint service, photographs provided by the user if they consent to this service. 

5.1.3.- Sending commercial information, offers and new products or services. 

  • Legal Basis: Consent to send you our commercial information. 
  • Recipients: Your personal data will not be transferred to any third party and access will not be provided to any service provider other than as indicated in section 2. General Information: Description of the information contained in the privacy policy. 
  • International Transfers: There will be no international transfers of your personal data. 
  • Storage period: Until consent is withdrawn or deletion is requested by the user. 
  • What data do we collect and keep? Name and surname and email address. 

5.1.4.- Privacy Bot. 

– Legal basis: The interested party’s own interest and the service provision contract for the processing of these requests. 

– Recipients: Your personal data will not be transferred to any third party nor access will be provided to any service provider other than what is indicated in section 2 General information: description of the information contained in the privacy policy, or as indicated in its privacy policy. 

– International transfers: No international data transfers are made. 

– Retention period: Until the account is deleted or the deletion of your data is requested. 

– What data do we collect and keep? First name, last name and email address. 

For the services provided through the Privacy Bot website, which is also owned by Youforget.me please consult its privacy policy at the following address.  

5.2.- Data Retention.  

Likewise, we inform you that your data will remain blocked for the attention of judicial, administrative or tax claims, during the periods resulting from the applicable legislation.   

In relation to the exercise of data protection rights that have been carried out through youforget.me and its services, the data will be blocked for a period of 5 years before being effectively deleted, in order to be able to use the information that is necessary in the event of claims or defense of rights.  both on the part of the user and on the part of Youforget.me. 

6.- Security. 

Youforget.me has implemented and maintains the levels of security required by the GDPR to protect the personal data of the interested parties against accidental loss and unauthorised access, processing or disclosure, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed. 

However, the transmission of information over the Internet is not completely secure. For this reason, Youforget.me, although it makes its best efforts to protect the data of interested parties, cannot guarantee the security of the data during transit to the website. 

Therefore, all information you provide is sent at your own risk. Once your data is received, Youforget.me will use rigorous procedures and security features to prevent any unauthorized access. 

In the event of a breach of the security of personal data, provided that it is not unlikely that such breach of security would constitute a risk to the rights and freedoms of natural persons, Youforget.me will notify the Spanish Data Protection Agency before 72 hours after the incident became known, describing the nature of the breach, the possible consequences that may result, and the measures taken or proposed to remedy the security breach; and, if possible, the categories and approximate number of data subjects and data affected shall be made known. 

In addition, interested parties will be notified, as soon as possible, when the personal data breach is likely to pose a high risk to the rights and freedoms of natural persons, describing the possible consequences that may result and the measures taken or proposed to remedy the security breach. 

7.- Confidentiality. 

The personal data that we may collect through the website or through the different communications that we maintain with you, will be treated confidentially, committing ourselves to keep secrecy regarding them in accordance with the provisions of the applicable legislation. 

8.- Minors. 

Children under the age of 14 may not use the services available through the Website. In this sense, and to the extent that Youforget.me does not have the capacity to control whether or not the interested parties are minors, it is warned that it must be the parents and guardians who enable the necessary mechanisms to prevent minors from accessing the website and/or providing personal data without their supervision. Youforget.me accepts no responsibility in this regard. 

9.- International Data Transfers. 

We may transfer your personal data to countries other than the country in which you reside. Youforget.me website servers are mainly located in the EU. However, some of our third-party suppliers and partners operate in multiple countries. While these countries may have different data protection laws than your country, you can rest assured that Youforget.me takes reasonable steps to implement appropriate security measures to protect your personal data in those countries in accordance with this Privacy Policy. 

For the “footprint” service, international transfers Youforget.me made with the Republic of the Seychelles, through the Pimeyes platform. The data subject to such transfers are: facial image data. This provider is not used for our footprinting service in education and therefore no international data transfers are made. 

To provide you with information about whether your email account has been exposed in a security breach, we refer to the email address you provide to us with IHaveBeenPwned, located in Australia. 

The user always decides what data they provide to us, and it is not mandatory to provide all the types of data mentioned. 

Personal data relating to individuals in the European Economic Area, the United Kingdom, and Switzerland is controlled by Apple Distribution International Limited in Ireland. Apple’s international transfer of personal data collected in the European Economic Area, the United Kingdom, and Switzerland is governed by the SCC. 

Youforget.me also uses Google. Google also incorporates (SCC) into customer contracts for its enterprise services, including Firebase, Google Workspace, Google Cloud Platform, Google Ads, and other ads and measurement products. 

Standard Contractual Clauses (SCCs) are written commitments between parties that can be used as a basis for data transfers from the EU to third countries by providing adequate data protection safeguards. SCCs have been approved by the European Commission and cannot be modified by parties using them (you can see the SCCs adopted by the European Commission here, here and here). These clauses have also been approved for data transfers to countries outside the UK and Switzerland. 

10.- Update of the privacy policy. 

This privacy policy is currently in effect and was updated in February 2024.