Principles

At NewTecnia Solutions SLU, we keep only the most basic information about you. All data you store on our servers are encrypted and can only be decrypted by you logging into our systems.

NewTecnia Solutions SLU is a Spanish company located at C/Halcon 8 Las Rozas de Madrid, Madrid Spain 28232.

NewTecnia Solutions SLU complies with Spanish and EU privacy laws.

Non-Owners

If you are a non-owner member of a team, business, or family account, your use of any of our services, apps or APIs may be subject to your organization’s privacy policy or practices, if any. Non-owner members of an account transfer some of the rights described here to the account owners.

Information We Keep and How We Use It

We retain two kinds of user information to deliver our services: Secure Data and Service Data. Both are treated securely with respect for customer privacy and data confidentiality, but there are important technical and usage differences.

Secure Data

Secure Data is data that we are not capable of decrypting under any circumstance. It includes all information stored within vaults in any of our services, apps or APIs accounts. This data is encrypted using secure cryptographic keys that exist only in the possession and under the control of our customers. We have no way of accessing or providing decrypted Secure Data, and we never receive copies of unencrypted Secure Data.

Your Secure Data is your property. We claim no rights to it beyond those necessary to deliver services to you. You may add, modify, and delete Secure Data at your discretion. If you do not have a any of our services, apps or APIs account, you cannot provide us with Secure Data.

Service Data

We inevitably acquire Service Data about your usage of any of our services, apps or APIs, your account, and your payments through operating our services. We retain only enough Service Data to operate and maintain the services. This data is never used for any other purpose.

Service Data is kept confidential. It is visible to our staff and includes, but is not limited to, server logs, billing information, client IP addresses, number of vaults and number of items in vaults, company or family name, and email addresses. Service data includes the name you provide us for your profile and any image that you may upload as part of your profile.

We retain the right to hold and use Service Data to provide our services, troubleshoot problems, analyze the performance and demands on our services, and to provide our payment processors with the information they need to process payments.

Diagnostic Data (Optional)

Diagnostic Data is a type of Service Data which is not automatically collected or required for operation of our services.

In some cases we solicit diagnostic reports and other troubleshooting, bug, and crash reports from customers to help identify and solve problems with our products and services. This information is sent to us explicitly on a case by case basis, or by users who explicitly opt into our beta software programs or who otherwise explicitly choose to provide diagnostic data to us.

Diagnostic Data may contain sensitive information about your devices and operating environment as well as personally identifying information. Although there may be occasions when we ask for Diagnostic Data to assist you with a problem, you are never obligated to provide it.

Diagnostic data never includes decrypted Secure Data. We will never ask for your Master Password or Secret Key. Keeping Your Information Safe

We understand and accept our responsibility to protect Service Data and Secure Data. We use strict access control mechanisms, network isolation, and encryption to ensure that Secure and Service Data is only available to authorized personnel.

Data Processing Agreement (GDPR)

any of our services, apps or APIs.eu and any of our services, apps or APIs.ca fully comply with the GDPR, including the third country data transfer requirements. any of our services, apps or APIs.com complies with everything except for third country data transfer requirements. Data Location and Transfer any of our services, apps or APIs.eu

Our services and apps on https://pkhub.io is held on servers located within the United States. We maybe for technical purposes store/relocate/replicate data and or services to any of the of the data centers in any of the countries and regions provided by our Cloud providers.

Customer support system

Our customer support and email services are hosted primarily in the United States. Any information you choose send us through email or our customer support system may pass through and be stored on a variety of intermediate services.

Third-Party Data Processors

Your Secure and Service data are held by third party data processors, who provide us with hosting and other infrastructure services. The locations of these are described above. In many cases (but we cannot promise that this will always be the case) even Service data held by these entities is encrypted with keys held only by us.

Data needed to process payments is collected by our payment processor, Stripe, Inc., which conforms to a U.S.-E.U. Privacy Shield Framework. See https://stripe.com/privacy-shield-policy Contacting You

We may use your contact information to communicate with you about Service activity, provide support, and send you other information such as product updates and announcements. You may choose to stop receiving communications from us, except certain important notifications such as billing and account security alerts. Your Responsibilities for Protecting Your Data

Due to the nature of our design and the sensitivity of the information you entrust to us (even in encrypted form), it may not be possible for us to help you with certain customer service requests unless you are listed as an account owner and are communicating from your verified email address. In the event that you change your email address, is very important that you update your email on your any of our services, apps or APIs account(s) or you may eventually lose access.

Data Portability

You may export your any of our services, apps or APIs data at any time you wish during the life of your account. If you discontinue payment, your account will enter a frozen (read-only) state for a period of 3 months during which you may still retrieve and export your data.

Your Right to Have Your Data Erased

As we are merely custodians of your data, account owners have the right to instruct us to remove data permanently from our systems. To ensure that no one’s data is deleted without their consent, you must first delete your account through an authenticated session. After your account has been deleted, the account owner may contact us and ask for the data to be expunged. Once the request is authenticated, the data will be removed from our active systems within 72 hours.

Disaster recovery and data availability requirements mean that NewTecnia Solutions SLU has a legitimate interest in maintaining secure and immutable backups. Erasure requests will leave those backups untouched, and we will only remove data from backups if legally compelled to.

Cookies and Tracking

We do not engage in or support cross-service tracking.

We do set and use cookies (small text files placed on your device) on our own domains and subdomains to store settings that assist with identifying your account for sign-in. We also use third party analytics packages for our public pages that may set cookies on your computer. These are limited to our domains, and do not involve cross-service tracking.

Client applications, including web browsers, will store information about your account to assist with future sign-ins and keep some information available to you when you are not signed in. Users may remove all such information from their devices,

Consent for Underage Enrollment

Those under the age of 16 may not use the services without the consent or authorization of their parent or legal custodian. Family account organizers and team owners are responsible for that authorization when they add someone under the age of 16 to an account. Disclosure

We will comply with applicable law with respect to providing Service Data and encrypted Secure Data to law enforcement agencies. If permitted, we will notify you of such a request and whether or not we have complied. Your Secure Data remains encrypted with keys which we do not posses, and so we can only hand over Secure Data in encrypted form.

Breach Notification

If the confidentiality of customer data is breached, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the events without undue delay. At a bare minimum, we must inform the applicable supervisory authorities as required by law and regulation.

Updates to our Privacy Policy

At our discretion, we may make changes to this Policy and note the date of the last revision. You should check here frequently if you need to know of updates to our Privacy Policy. We maintain the right to send you email, informing you of substantive changes. Previous versions will be made available from this page.