Contact

PRIVACY POLICY 

Last updated: 5 September 2025

1. Controller

In accordance with the EU GDPR and Spain’s LOPDGDD, the data controller is:

  • Controller: NAPCORE Technologies S.L. (“NAPCORE”)
  • Tax ID: [●] 
  • Address: C/ Princesa, 31, 2nd Floor, Door 2, 28008, Madrid (Spain)
  • Contact email: info@knapcore.com
  • Website: www.knapcore.com

A Data Protection Officer (DPO) will be notified here if/when appointed.

2. Scope

This Policy explains why and how we collect personal data, what we do with it, with whom we share it, how we protect it, and your choices. It covers processing arising from your use of the Site and, in particular, from web forms.
When you submit a form, you will be asked to accept this Policy; we will keep a record of that acceptance.

3. Data we process and source

  • Identification and contact details: name, surname, email, phone, company/role (if applicable).
  • Message content you send us.
  • Technical/browsing data: IP address, device IDs, logs and, where applicable, cookies or similar tech (see our Cookie Policy).
  • Communication preferences (newsletter opt-ins/opt-outs).

Source: provided by the user; technical metadata generated by Site usage.

4. Purposes and legal bases

Purpose

Legal basis (Art. 6 GDPR)

Responding to enquiries submitted via “Contact us” or other forms; pre-contract interactions.

Legitimate interest to handle enquiries (Art. 6(1)(f)) and/or pre-contractual steps at the data subject’s request (Art. 6(1)(b)).

Sending marketing/commercial communications (e.g., subscriptions/newsletters), including by electronic means.

Consent (Art. 6(1)(a)). You may withdraw it at any time.

Legal compliance (tax, consumer, information security, etc.).

Legal obligation (Art. 6(1)(c)).

Site security and fraud prevention (access monitoring, logs, abuse detection).

Legitimate interest (Art. 6(1)(f)).

5. Retention

We keep data only as long as necessary for the stated purposes or as required by law. As a guideline:

  • Enquiries (contact): up to 6 months from last interaction where no further relationship follows.
  • Subscriptions/marketing: until you withdraw consent or object.
  • Legal obligations: for the relevant statutory limitation periods.
  • Technical/security logs: for reasonable periods to ensure Site security.
  • Cookies: as set out in the Cookie Policy.

6. Recipients and processors

We do not disclose your data to third parties except where legally required or to provide essential services via processors(e.g., hosting, IT maintenance/support, transactional email, form manager, CRM, analytics, anti-spam/captcha, and legal/advisory).
NAPCORE signs data processing agreements with all processors as required by Art. 28 GDPR.

An up-to-date list of processor categories is available on request at info@knapcore.com.

7. International transfers

Where any service provider is located outside the EEA, NAPCORE ensures an adequate level of protection or implements appropriate safeguards (e.g., EU Standard Contractual Clauses), along with supplementary measures and, where applicable, transfer impact assessments.

8. Your rights

You may exercise, at any time and free of charge:

  • Access to your data.
  • Rectification of inaccuracies.
  • Erasure where applicable.
  • Objection, particularly to direct marketing.
  • Restriction in the cases provided by law.
  • Portability of data you provided to us.
  • Withdrawal of consent at any time (without retroactive effect).

How: email info@knapcore.com (subject “GDPR Rights” and specify the right).
ID check: we may request additional information to verify your identity.
Timing: we will respond within 1 month, extendable by 2 months for complex requests.
Supervisory authority: you may lodge a complaint with the AEPD (www.aepd.es) if you believe your rights have been infringed.

9. Minors

We do not knowingly collect data from children under 14. If we become aware of a registration without valid parental/guardian consent, we will delete it.

10. Security

We implement appropriate technical and organisational measures to protect data against unauthorised access, loss, destruction or alteration (e.g., TLS in transit, access controls, activity logs, backups).

11. Automated decision-making

NAPCORE does not carry out automated decision-making producing legal or similarly significant effects on users, including profiling, beyond what is expressly stated (e.g., basic segmentation by subscription). If this changes, we will inform you in accordance with the law.

12. Changes to this Policy

We may update this Policy to reflect legal or technical changes. Please review it periodically. Where changes are material, we may notify you prominently.