Privacy Policy
Last updated: 02/07/2025
(This text is a courtesy translation. In the event of any discrepancy or conflict between the English and Spanish versions, the Spanish version shall prevail.)
Data Controller
- Owner: Tokey Technology S.L.
- Tax ID (CIF/NIF): B09873324
- Registered address: Calle Bailén 41, 28005 Madrid (Spain)
- Contact email: [email protected]
Personal Data We Process
- (a) Identification data: name, surname, email, company, billing details.
- (b) Credentials and API tokens voluntarily provided to connect with third‑party platforms.
- (c) Usage data: logs, IP address, device and browser information, cookies and similar technologies.
- (d) Content generated, uploaded or transmitted through the Agents, which may include personal data at the User's discretion.
Purposes and Legal Bases
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Provide, maintain and improve the service, including user support | Performance of a contract (Art. 6 (1)(b)) |
| Secure the platform, prevent fraud and abuse | Legitimate interest (Art. 6 (1)(f)) |
| Comply with legal obligations (tax, consumer, cybersecurity) | Legal obligation (Art. 6 (1)(c)) |
| Send informative or promotional communications | Consent (Art. 6 (1)(a)) – always revocable |
Data Retention
We retain personal data for the duration of the contractual relationship. Once the account is deleted, data are blocked and kept only for the periods required to comply with legal obligations (generally up to 6 years under Spanish commercial and tax law). Authentication tokens and logs older than 12 months are automatically purged, unless needed for security investigations.
Recipients and Processors
Your data may be accessed by:
- Cloud hosting, analytics and support providers located in the EU or covered by an adequacy decision.
- Third‑party Agents explicitly selected by the User (data shared under the User's instruction).
- Public authorities when legally required.
All providers are bound by data‑processing agreements in accordance with Art. 28 GDPR.
International Transfers
If data must be transferred outside the European Economic Area, we rely on (i) an adequacy decision of the European Commission, or (ii) Standard Contractual Clauses approved by the Commission, plus supplementary measures where necessary.
Data Subject Rights
Users may exercise their rights of access, rectification, erasure, restriction, data portability, and objection, as well as the right not to be subject to automated decision‑making producing legal effects, by emailing [email protected]. You also have the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es).
Security Measures
We implement encryption in transit and at rest, least‑privilege access controls, periodic security audits, and incident‑response protocols to protect personal data.
Automated Decision‑Making and Profiling
Outputs generated by the Agents are based on probabilistic models and user prompts. They do not constitute decisions with legal or similarly significant effects on individuals made solely by automated means.
Cookies and Similar Technologies
We use technical cookies necessary for the operation of the Website and, with consent, analytics cookies. Detailed information is available in the Cookie Policy.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Email: [email protected]