Privacy Policy

Management of Contact Data for Clients and Potential Clients

Introduction

At Air Flows Data Platform, S.L., we are committed to protecting the privacy and trust of our clients and potential clients. This

policy details how we collect, use, store, protect, disclose, and manage your personal information (also known as personal data).

Our goal is to ensure maximum transparency and security in the handling of your information, strictly complying with current data

protection legislation, including the General Data Protection Regulation (GDPR) in the European Union, the Organic Law on

Personal Data Protection and guarantee of digital rights (LOPD GDD) in Spain, and other applicable regulations.

This policy applies to the processing of your personal information in connection with the use of our websites and applications that

link to this Privacy Policy (collectively, the "Sites" and individually, "Websites" or "Applications"), our products and services (the

"Services"), and in the normal course of our business activities, such as in relation to our events, sales, and marketing activities

(collectively, with Sites and Services, "Services"). It also contains information about your privacy choices and rights.

We recommend you read this Privacy Policy in its entirety to ensure you are fully informed. However, if you only wish to access a

particular section of this Privacy Policy, you can click on the links below:

1. Scope of the Policy

2. Personal Information We Collect

3. Purposes and Legal Bases for Data Processing

4. How We Collect Data

5. Data Recipients and International Transfers

6. Data Retention Period

7. Security Measures

8. Your Privacy Choices and Rights

9. Additional Important Information

10. Changes to the Privacy Policy

11. How to Contact Us

Scope of the Policy

This Privacy Policy is applicable to the personal information we collect, use, and process in connection with:

• ​ Our Websites and Applications: Any website, mobile application, software, or other digital services that we own and

that link to this policy.

• ​ Our Services (products and services): This includes information processed when you contract or use our products and

services.

• ​ Our Regular Business Activities: This covers information collected in the context of events, trade shows, sales activities,

marketing initiatives, webinars, and any other interaction we have with you as a client or potential client.

Exclusions: This Privacy Policy does not apply to:

• ​ Data that our clients and their authorized users upload, submit, or make available to our platform services (if applicable)

and other data we process on their behalf, as the processing of such information is governed by the specific agreement

with the client.

• ​ Any product, service, website, or content offered by third parties or that has its own privacy policy.
• ​ Personal information we collect and process in connection with our recruitment activities (if applicable), which would

be covered by a separate privacy policy for candidates.

Personal Information We Collect

We collect various types of personal information from or about you. This may include information you provide to us directly,

information we collect automatically, and information we receive from other sources.

Information You Provide to Us

When you use our Services or interact with us, we may collect the following information:

• ​ Identifiers: Full name, title, position, email address, phone number (landline and/or mobile), postal address, country.
• ​ Professional/employment information: Company name, industry, company size, position, role.
• ​ Account information: If you create an account on our Services, we collect your authentication information used to

access the Services.

• ​ Customer service and other interaction information: We collect information when you interact and communicate with

us, for example, when you request information about our Services, interact with our sales or customer support team,

complete a survey, provide feedback, post comments, register for an event, or participate in marketing activities. We

may keep a record of your communications with us and other information you disclose during the course of

communications (which may be stored as an audio file or transcript).

• ​ Commercial information: We maintain records of your purchase history and past transactions with us.
• ​ Financial information: We collect information about your designated payment method(s), which may be collected by

our third-party payment and billing service providers.

• ​ Information posted in public forums: Certain features of our Services allow you to post content publicly or visible to

other users, such as through community forums or public forums. Any information you openly post in this manner will

be available for viewing and use by other users of these Services, as well as by Air Flows Data Platform, S.L., and

potentially accessible through third-party search engines. Therefore, be careful when using these features and do not

provide personal information that you do not want to be made available in this way.

• ​ Other data: Any other information you voluntarily provide to us in the context of our business relationship, inquiries, or

interactions.

Information We Collect Automatically

We use standard automatic data collection tools, such as cookies, web beacons, tracking pixels, tags, and similar tools, to collect

information about internet and device activity, as well as how people use our Sites and interact with our emails.

For example, when you visit our Sites, we (or an authorized third party) may collect certain information from you or your device.

This may include information about your computer or device (such as operating system, device identifier, browser language, and

Internet Protocol (IP) address), and information about your activities on our Sites (how you arrived at our Sites, access times, the

links you click, browsing behavior, clicks and cursor movements, and other statistical information). We use this information to help

us understand how you are using our Sites and how we can better provide you with the Sites. We may also use web beacons and

pixels in our emails. For example, we may place a pixel in our emails that notifies us when you click on a link in the email. We use

these technologies to improve our communications. We may also use your IP address to derive your general location information.

When you use our Services, we automatically collect certain information about how you are using them ("Usage Data"). While

most Usage Data is not personal information, it may include information about your account (such as user ID, email address, or

Internet Protocol (IP) address) and information about your computer or device (such as browser type and operating system). It may

also include information about your activities in connection with the Services, such as the pages or features you access or use, the

time spent on those pages or features, the search terms entered, the commands executed, information about the types and size of

files analyzed through the Services, and other statistical information related to your use of these services. We collect Usage Data to

provide, support, and operate the Services, for network and information security, to better understand how our Services are used,

and to improve our products and services in general.

We may also use the information we collect automatically (e.g., IP address and unique device identifiers) to identify the same

unique individual across all Services and provide you with a more seamless and personalized experience.

The types of data collection tools we use may change over time as technology evolves. You can learn more about our use of

cookies and similar tools, as well as how to opt-out of certain data collections, by visiting our Cookie Policy.

Information We Receive from Other Sources

We may obtain information about you from third-party sources, including resellers, distributors, business partners, event sponsors,

security and fraud detection services, social media platforms, and publicly accessible sources. Examples of information we receive

from third parties include marketing and sales information (such as name, email address, phone number, and similar contact

information), and purchase, support, and other information about your interactions with our Sites and Services. We may combine

such information with the information we receive and collect from you.

Purposes and Legal Bases for Data Processing

We use your personal information to provide, maintain, improve, and update our Services. The purposes for which we collect and

process your personal information, along with the legal bases that legitimize it, are as follows:

To participate in these uses of your information, we may use tools such as large language models (LLMs) and other forms of

artificial intelligence in accordance with applicable law.

De-identified/Anonymized Information: We may de-identify or anonymize the information we collect so that it cannot reasonably

identify you or your device, or we may collect information that is already in de-identified or anonymized form. Except where

prohibited by applicable law, our use and disclosure of de-identified and anonymized information is not subject to any restrictions

under this Privacy Policy, and we may use and disclose it to others for any purpose, without limitation.

How We Collect Data

Contact data and other personal information may be collected through various channels:

• ​ Direct Interactions: When you communicate with us by phone, email, chat, in person (at fairs, events, meetings, etc.),

or by completing surveys and forms.

• ​ Our Websites and Applications: Through registration forms, newsletter subscriptions, demo requests, content

downloads, or the use of our online platforms and services.

• ​ Automatic Data Collection Technologies: Such as cookies, web beacons, tracking pixels, and similar tools, which collect

data about your browsing behavior and use of our Sites. For more details, see our Cookie Policy.

• ​ Social Networks: Through your interactions with our pages and posts on social media platforms, provided we have a

legitimate basis for processing such information.

• ​ Third-Party Sources: We may obtain information from business partners (resellers, distributors), event sponsors, fraud

and security detection services, and publicly accessible sources (such as business databases or public records), always in

accordance with applicable regulations.

Data Recipients and International Transfers

We do not share, sell, or rent your personal information to third parties for their own direct marketing purposes without your

explicit consent. However, we may disclose your personal information to third parties in the following ways:

• ​ Service Providers (Data Processors): To our service providers who assist us in providing the Services, such as billing,

payment processing, customer support, sales and marketing, data analysis, web hosting, email marketing platforms,

security services, etc. These providers act as data processors and are subject to strict contractual prohibitions on the

use of your information and confidentiality obligations. We also disclose information to service providers who assist us

in detecting and preventing fraud, security threats, or other illegal or malicious behavior.

• ​ Third-Party Partners and Sponsors: To external business partners, such as resellers, distributors, and/or referral

partners, who are involved in providing content, products, or services to our prospects or customers. We may also

collaborate with external partners who work with us to organize or sponsor an event for which you have registered to

allow them to contact you about the event or their services (but only when we have a legal basis to do so, such as your

consent where required by applicable law).

• ​ Legal Purposes: When authorized by law or we consider it necessary in good faith to comply with legal processes; when

necessary to protect and defend the rights or property of Air Flows Data Platform, S.L. or our Customers, including the

security of our Sites, products, and services; or when necessary to protect the personal safety, property, or other rights

of the public, Air Flows Data Platform, S.L. or our Customers.

• ​ With your Consent: When you instruct us to do so or when you have consented to the disclosure of your information to

third parties.

• ​ Business Transactions: We may engage in transactions with other companies that involve the sale of assets or parts of

our business. We may disclose your information as part of, or in anticipation of, such transactions. If a part or all of our

assets are transferred to a third party in connection with such transactions, your information may be among the

transferred assets, including in the course of activities prior to such transactions.

International Data Transfers

Air Flows Data Platform, S.L. may transfer your personal information to countries other than your country of residence. In

particular, we may transfer your personal information to [specify countries, e.g., the United States and other countries where our

affiliates, business partners, and service providers are located]. These countries may have data protection laws that are different

from the laws of the country where you reside.

Whenever we process your personal information, we take appropriate measures to ensure that it is protected in accordance with

this Privacy Policy and applicable data protection laws. The safeguards we use include:

• ​ Standard Contractual Clauses (SCCs): We implement the European Commission's Standard Contractual Clauses for

transfers of personal information from the European Economic Area (EEA) or Switzerland between us and our business

partners and service providers, and equivalent measures for transfers of personal information from the United Kingdom

and other global jurisdictions with similar transfer requirements.

• ​ Supplementary Measures: We use supplementary measures to ensure that your information is adequately protected.

Data Retention Period

We will retain your personal information for as long as necessary to fulfill the purposes for which it was collected, as well as to

address any potential liabilities that may arise from the processing.

The retention criteria are:

• ​ Clients: During the term of the contractual relationship and, subsequently, for the legally required periods for the

attention of responsibilities (e.g., 5 years for personal actions according to the Civil Code in Spain, or 6 years for

accounting documentation according to the Commercial Code).

• ​ Potential Clients (Leads): As long as the business interest is maintained and consent is not revoked, or until the data

subject exercises their right to erasure. We will periodically review the need to continue processing this data.

• ​ Marketing Purposes: Until the data subject revokes their consent or objects to the processing.
• ​ Compliance with Legal Obligations: The time required by law for each type of data (e.g., tax, accounting, anti-money

laundering regulations).

• ​ Security and Fraud Prevention: For a reasonable period for the detection and prevention of fraudulent or malicious

activities.

Once the retention period has ended, the data will be securely deleted or anonymized, unless there is a legal requirement to keep

it for longer.

Security Measures

We are committed to protecting your information. We implement a variety of technical, physical, and organizational security

measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These

measures include:

• ​ Data encryption: Both in transit (e.g., via SSL/TLS) and at rest (where possible and appropriate).
• ​ Access controls: Restricting access to data only to authorized personnel who need it to perform their duties, based on

the principle of least privilege.

• ​ Identity and authentication management: Use of strong passwords, multi-factor authentication, and centralized

identity management.

• ​ Backups: Performing regular and redundant backups to ensure data availability and integrity.
• ​ Intrusion monitoring and detection: Systems to detect and respond to potential security incidents.
• ​ Security audits: Periodic reviews and vulnerability assessments of our systems and processes.
• ​ Staff training: Continuous training of our staff on data protection, information security, and regulatory compliance.
• ​ Confidentiality agreements: With all staff and service providers who have access to personal information.

However, no security measure is perfect or impenetrable. As such, we cannot guarantee the absolute security of your information.

Your Privacy Choices and Rights

We offer you choices regarding the collection, use, and disclosure of your personal information, and we will respect the choices

you make in accordance with applicable law. Please note that if you choose not to provide us with certain personal information,

you may not be able to access certain features of the Sites or use the Services.

As a data subject, you have the following rights under the GDPR and the LOPD GDD:

• ​ Right of Access: Obtain confirmation as to whether or not we are processing your data and, if so, access it and obtain

information about said processing.

• ​ Right to Rectification: Request the correction of inaccurate or incomplete data.
• ​ Right to Erasure (Right to be Forgotten): Request the deletion of your data when, among other reasons, it is no longer

necessary for the purposes for which it was collected, or if you withdraw your consent.

• ​ Right to Restriction of Processing: Request the suspension of the processing of your data in certain circumstances (for

example, while the accuracy of the data is being verified or if the processing is unlawful but you do not want it to be

erased).

• ​ Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format, and

transmit it to another controller, provided that the processing is based on consent or a contract and is carried out by

automated means.

• ​ Right to Object: Object to the processing of your data in certain circumstances, including direct marketing.
• ​ Right to Withdraw Consent: Withdraw the consent given at any time for the processing of your data. The withdrawal of

consent will not affect the lawfulness of the processing based on consent before its withdrawal.

• ​ Right not to be subject to automated individual decision-making: Including profiling that produces legal effects

concerning you or similarly significantly affects you, unless the decision is necessary for entering into, or performance

of, a contract, is authorized by law, or is based on your explicit consent.

• ​ Right to lodge a complaint: If you consider that the processing of your data infringes data protection regulations, you

can lodge a complaint with the Spanish Data Protection Agency (AEPD) (www.aepd.es) or the competent supervisory

authority in your country.

How to Exercise Your Rights

To exercise any of these rights, you can contact us through the channels indicated in section "11. How to Contact Us".

To process your request, we may require proof of your identity (e.g., a copy of your ID/passport) to verify that you are the data

subject. Any information you provide to us for verification purposes will only be used to process and maintain a record of your

request.

We will respond to requests we receive in accordance with applicable laws. Depending on the laws applicable to your request, if

you are not satisfied with our response, you may have the ability to appeal our response. If a right of appeal is applicable to you,

we will let you know in our response.

Opting out of marketing communications

We may periodically send you marketing communications that promote our products and services in accordance with your choices.

You can opt-out of receiving such communications, either by following the unsubscribe instructions in the communication you

receive or by sending an email to [Contact Email for Data Protection]. Please note that it may take us some time to process your

request in accordance with applicable law, and that we may still send you important service-related communications regarding our

products or services, such as communications about your subscription or account, service announcements, or security information.

Additional Important Information

Third-Party Services

Our Services may contain links to third-party websites, applications, services, or social networks (including co-branded websites or

products that are maintained by one of our business partners). We may also make available certain features that allow you to log in

to our Sites using third-party login credentials (such as LinkedIn, Facebook, Twitter, and Google+) or access third-party services

from our Services (such as GitHub). Any information you choose to submit to third-party services is not covered by this Privacy

Policy. We recommend that you read the terms of use and privacy notices of such third-party services before disclosing your

information with them to understand how your information may be collected and used.

Children's Data

The Sites and Services are not directed to children under the age of 18, and Air Flows Data Platform, S.L. does not knowingly collect

personal information from children under the age of 18. If we learn that we have collected personal information from children

under the age of 18, we will take steps to delete such information. If you are aware that a child has sent us such information,

please contact us using the details provided below.

Changes to the Privacy Policy

Air Flows Data Platform, S.L. may change this Privacy Policy from time to time. We will post any changes on this page and, if we

make substantial changes, we will provide a more prominent notice (for example, by adding a statement to the website's

homepage, providing a notice through the Services' login screen, or sending you an email). You can see the date the latest version

of this Privacy Policy was published below. If you do not agree with any changes to this Privacy Policy, you must stop using the

Services and deactivate your Air Flows Data Platform, S.L. account.

How to Contact Us

If you have any questions about our privacy practices or this Privacy Policy, please do not hesitate to contact us at:

Email: support@airflows.com

Phone: 673798972

Postal Address:

Carretera de Fuencarral, 56, Edif Neogreen

28108 Alcobendas (Madrid)

Spain

If you interact with Air Flows Data Platform, S.L. through or on behalf of your organization, then your personal information may

also be subject to your organization's privacy practices, and you should direct any questions to that organization.

Air Flows Data Platform, S.L. June 25, 2025