Privacy Policy

Last updated: March 2026

1. Data Controller

The data controller responsible for your personal data is Opinafy, contactable at hola@opinafy.com. We are committed to protecting your privacy and handling your personal information in compliance with the General Data Protection Regulation (GDPR) and Spanish data protection laws (LOPDGDD).

2. Data We Collect

We may collect the following personal data:

  • Account data: Name, email address, and password when you register.
  • Payment data: Payment information processed securely through Stripe. We do not store your card details.
  • Usage data: Information about how you use our platform (pages visited, features used).
  • Testimonial data: Content submitted by your customers through collection forms.
  • Contact data: Name, email, and message content when you contact us.
  • Technical data: IP address, browser type, device information, and cookies.

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To provide and maintain our services.
  • To process payments and manage subscriptions.
  • To communicate with you about your account or support requests.
  • To send service-related notifications.
  • To improve our platform and user experience.
  • To comply with legal obligations.

4. Legal Basis

We process your data based on the following legal grounds:

  • Contract performance: Processing necessary to provide you with our services.
  • Legitimate interest: To improve our services and ensure security.
  • Consent: For analytics cookies and marketing communications.
  • Legal obligation: To comply with applicable laws.

5. Data Sharing

We may share your data with the following third parties:

  • Supabase: Database and authentication provider.
  • Stripe: Payment processing.
  • Vercel: Hosting provider.
  • Resend: Email delivery service.
  • Google Analytics: Website usage analytics (with your consent).

We do not sell your personal data to third parties.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. If you close your account, we will delete your personal data within 30 days, except where retention is required by law.

7. Your Rights

Under GDPR, you have the following rights:

  • Right of access: Request a copy of your personal data.
  • Right to rectification: Correct inaccurate personal data.
  • Right to erasure: Request deletion of your personal data.
  • Right to restriction: Restrict the processing of your data.
  • Right to data portability: Receive your data in a structured format.
  • Right to object: Object to data processing based on legitimate interest.
  • Right to withdraw consent: Withdraw consent at any time.

To exercise any of these rights, please contact us at hola@opinafy.com.

8. International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes SSL encryption, secure authentication, and regular security reviews.

10. Contact

If you have any questions about this privacy policy or wish to exercise your rights, please contact us at:

Email: hola@opinafy.com

You also have the right to file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.