Privacy Policy — Statria
Last updated: 09/07/2025
Controller: JPRL Core Technologie S.L. ("Statria"), C/ General Álvarez de Castro 41, Piso 1 Oficina 10, 28010, Madrid, España. NIF B22918510.
Contact: contacto@statria.com
Data Controller
JPRL Core Technologie S.L. (hereinafter, "Statria"), with registered office at C/ General Álvarez de Castro 41, Piso 1 Oficina 10, 28010, Madrid, España, NIF B22918510. Contact email: contacto@statria.com. Statria is the commercial brand of the services described on this site. We do not currently have a designated Data Protection Officer (DPO).
This document summarizes how we process your personal data when you use our website, application, and forms (the "Service"). If you have questions, write to us at contacto@statria.com.
1) What data we process
- Account and profile: name, surname, email, password (hashed), company, position, country, phone/WhatsApp.
- Operational service data: projects, tests, equipment, results, and reports generated by you/your organization.
- Communications: messages and attachments sent through the contact form or email; notification preferences.
- Billing and subscriptions: payment/invoice data (e.g., company/tax ID and billing contact details).
- Technical/usage logs: IP, device identifiers, browser/OS, activity, logs, performance data, security events.
- Cookies and similar technologies: see our Cookie Policy.
- Recruitment/collaborations (if applicable): CV, portfolio, and professional data you submit.
Sources: data is provided by the user/customer themselves, generated through use of the Service, or obtained from integrated third parties (e.g., authentication, email, captcha), in accordance with their terms.
2) Purposes and legal bases (Art. 6 GDPR)
| Purpose | Legal basis |
|---|---|
| Provide the Service (registration, login, dashboards, report generation, sending transactional emails). | Contract performance. |
| Handle inquiries, demos, and support (contact form, email). | Legitimate interest and/or pre-contractual measures. |
| Security, fraud prevention, service quality, maintenance, and logs. | Legitimate interest and legal compliance. |
| Billing, accounting, and tax obligations. | Legal compliance. |
| Moderate B2B marketing (product news) and satisfaction surveys. | Legitimate interest (with opt-out) or consent, depending on channel. |
| Basic usage and performance analytics (if enabled). | Consent (cookies/ID in your browser). |
| reCAPTCHA to protect forms against bots/abuse. | Legitimate interest in service security. |
You can withdraw consent at any time without retroactive effect.
3) Recipients (processors and third parties)
We engage service providers who act as data processors to operate the Service, under contract and appropriate safeguards:
- Hosting/infrastructure: [provider/country or EU].
- Transactional email: Brevo (Sendinblue), EU.
- Corporate SMTP email: Zoho Mail, EU.
- Captcha/form security: Google reCAPTCHA Enterprise (international transfers; see section 4).
- Analytics/monitoring (optional): [e.g., Plausible/Matomo/other], if enabled.
We may disclose data to authorities or courts when legally required, and to advisors/consultants under confidentiality duty.
4) International transfers
Brevo and Zoho host in the EU/EEA.
Google reCAPTCHA may involve transfers outside the EEA (e.g., USA). Standard Contractual Clauses and additional security measures apply. Use of reCAPTCHA is subject to Google's Privacy Policy and Terms.
Request our updated list of sub-processors at contacto@statria.com.
5) Retention periods
- Account/Service: as long as the contractual relationship lasts. After cancellation, we block/delete within a reasonable period (e.g., 30–90 days), except for legal obligations (e.g., billing: 5–6 years in Spain).
- Support/contact: 12–24 months.
- Security logs: 6–12 months (depending on criticality).
- Cookies/analytics: as per cookie table.
6) Data subject rights
You may exercise: access, rectification, deletion, objection, restriction of processing, portability, and not to be subject to automated decisions.
Send your request to contacto@statria.com indicating the right you wish to exercise. Attach proof of identity if necessary.
If not satisfied, you may file a complaint with AEPD (www.aepd.es).
7) Security
We apply reasonable technical and organizational measures: TLS/HTTPS, encryption in transit, access controls, backups, and logging of administrative activity. No system is 100% foolproof; we will notify incidents as required by law.
8) Minors
Our services are intended for students, adults, and businesses. We do not knowingly collect data from minors under 14 years old (per applicable law).
9) Cookies
We use first-party and third-party cookies for technical, preference, and (with consent) analytical or performance purposes. Details and management in the Cookie Policy.
10) Changes
We may update this policy to reflect legal or technical changes. We will publish the "Last updated" date and, if the change is substantial, will endeavor to notify you.
11) Contact
JPRL Core Technologie S.L. — contacto@statria.com
C/ General Álvarez de Castro 41, Piso 1 Oficina 10, 28010, Madrid, España.