Privacy Policy

Last updated: January 16, 2026

Awayter is committed to protecting user privacy and processing personal data in accordance with Regulation (EU) 2016/679, General Data Protection Regulation (GDPR) and Organic Law 3/2018, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD).

1. Data Controller

Responsible: AWAYTER, S.L.
Address: C/ Perot Rocaguinarda, 4, 08500, Vic (Barcelona)
Email: hello@awayter.com

2. Personal data processed

The personal data that Awayter may process includes, among others:

• Identification and contact information (name, email, company, telephone).
• Data provided through contact forms or demo requests.
• Browsing data (IP address, cookies and similar technical data).

3. Purpose of the treatment

Personal data will be processed for the following purposes:

• To handle requests for information, contact, or demonstrations of products and services.
• Manage the registration and use of the private demonstration area, with access via credentials.
• Manage business and professional relationships in a B2B environment.
• Send newsletters and commercial communications related to Awayter’s products, services and news, by electronic means, when there is express consent.
• Manage Awayter’s technological applications and platforms that, even though they are aimed at professional clients (B2B), may involve the processing of personal data of end users (B2C), guaranteeing in all cases the confidentiality and security of said data.
• To improve the user experience, security and proper functioning of the Website and associated platforms.

4. Legal basis for processing

The legal basis for processing personal data is:

• User consent, especially for sending newsletters and commercial communications.
• The execution of a contract or the application of pre-contractual measures, in particular for access to the private area of ​​the demo.
• Compliance with applicable legal obligations.
• Awayter’s legitimate interest in developing its technological activity and continuously improving its services, without undermining the rights and freedoms of the interested parties.

5. Data retention

Personal data will be kept while there is a relationship with the user and, subsequently, for the legally required periods for compliance with legal obligations or the handling of possible liabilities.

6. Data recipients

Personal data will not be transferred to third parties, except when legally required or when necessary for the proper provision of Awayter’s services.

In particular, the data may be processed by technology and infrastructure providers (hosting services, cloud, communication and analytics tools), who will act as data processors, under contracts that guarantee compliance with the GDPR and the confidentiality of the information.

7. User Rights

The user may exercise the following rights:

• Access
• Rectification
• Erasure (right to be forgotten)
• Opposition
• Limitation of treatment
• Data portability

To do so, you must send an application to hello@awayter.com, attaching a copy of a valid identification document.

Likewise, the user may withdraw at any time the consent given for the sending of commercial communications.

The user also has the right to file a complaint with the Spanish Data Protection Agency (AEPD) through its website: www.aepd.es.

8. Security measures

Without prejudice to the measures applied by Awayter, the user is responsible for maintaining the confidentiality of their access credentials to the private area of ​​the demo and for taking the necessary measures to prevent unauthorized access to their account.

Awayter applies appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR.

These measures include, among others:

• Access control and authentication using individual credentials.
• Encryption of information in transit and, where appropriate, at rest.
• Monitoring systems, event logging and unauthorized access detection.
• Segmentation of environments (production, testing and demos).
• Regular backups and incident recovery plans.
• Internal procedures for managing security breaches.

9. Security and confidentiality of end-user (B2C) data

The technological solutions and platforms developed by Awayter are aimed at business-to-business (B2B) clients. However, these solutions may involve the processing of personal data of end users (B2C) who interact with Awayter’s client applications, devices, or services.

In these cases, Awayter undertakes to:

• To process the personal data of end users exclusively in accordance with the instructions of the client who owns the service, when acting as the data processor.
• Maintain the strictest confidentiality regarding the information processed, even after the termination of the contractual relationship.
• Apply security measures aligned with good practices and recognized frameworks in the field of information security, such as ISO/IEC 27001, the National Security Scheme (ENS) and NIST recommendations.
• Implement controls aimed at protecting the confidentiality, integrity, availability, and resilience of systems and data.
• Limit access to personal data only to authorized personnel who are properly trained in data protection and information security.
• To assist its clients in complying with their data protection obligations, where legally required and in accordance with applicable contractual agreements.

Under no circumstances will Awayter use the personal data of end users for its own purposes other than the proper provision of the contracted service, nor will it communicate them to unauthorized third parties, except when legally required.

References to security standards and frameworks are understood as guiding principles of good practices, without constituting an absolute guarantee or an obligation of certification, and are applied in proportion to the nature, scope and risks associated with the processing carried out.

10. Links to third-party websites

The Website may contain links to third-party websites. Awayter is not responsible for the privacy practices or content of those websites. Users are advised to review the privacy policies of those sites before providing them with personal data.

11. Data retention and deletion

Personal data will be kept for the time necessary to fulfill the purposes for which it was collected and to address possible legal liabilities.

When the user requests the deletion of their data, Awayter will proceed to its deletion, blocking or anonymization, as appropriate, unless there is a legal obligation to retain it.

12. Changes to the Privacy Policy

Awayter reserves the right to modify this Privacy Policy at any time. Any changes will be published on the Website and indicated by the corresponding update date.

Users are advised to periodically review this policy to stay informed about how their personal data is protected.