De la Terreta | Comunidad local

Last updated: May 10, 2026

1. Data controller

The data controller for personal data processed through De la Terreta is [NOMBRE DEL TITULAR]. For any privacy request or data protection rights exercise, you can contact us at [EMAIL DE CONTACTO].

2. Data collected and purposes

We process personal data required to provide the service and ensure secure platform operation. Main categories and purposes:

Registration and account: email, username, password hash, language, profile and preference settings, for account creation, access management, and personalisation.
Planazos: punctual geolocation data for attendance verification at event check-in. De la Terreta does not perform continuous location tracking.
Tokens: internal transaction history (earn/spend/adjustment) to manage balances, prevent fraud, and provide auditability.
Chat and community content: messages and user-published content to operate community interaction spaces and moderation workflows.
Technical and security data: session IPs, operational logs, and error traces to maintain platform security, stability, and incident diagnostics.

3. Legal bases for processing

Processing is based on one or more legal grounds under GDPR and LOPDGDD:

Performance of a contract: to provide account, planazos, tokens, store, chat, and other core service features.
Legitimate interests: fraud prevention, service security, abuse detection, platform monitoring, and technical log management.
Consent: where required by law (for example, certain optional settings or technologies managed through cookies/preferences).

4. Data retention

We keep personal data while your account remains active and for as long as necessary to provide the service. When an account is deleted, we apply deletion or pseudonymisation processes, without prejudice to data that must be retained for minimum legal periods (for legal obligations, dispute resolution, and security records, where applicable).

5. User rights

You may exercise your rights of access, rectification, erasure, portability, restriction, and objection by contacting [EMAIL DE CONTACTO]. We may request reasonable proof of identity before processing your request.

You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) if you consider that your rights have been infringed.

6. Disclosure to third parties

We do not sell personal data or disclose it to third parties for independent commercial purposes. We may share data only with essential technical providers (hosting, infrastructure, database, analytics/monitoring, or equivalent) acting as data processors under appropriate contractual terms.

7. International transfers

If any technical provider processes data outside the EEA, we apply appropriate GDPR safeguards, such as Standard Contractual Clauses or equivalent mechanisms recognised by applicable law.

8. Security measures

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, alteration, loss, or unlawful disclosure. In case of a personal data breach, we will manage and notify it according to GDPR obligations and applicable rules.

9. Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or product changes. The current version is always available on this page with its effective date. Where required, relevant changes will be communicated through appropriate channels.

10. Contact and complaints

For questions about privacy or to exercise your rights, contact [EMAIL DE CONTACTO]. You may also submit a complaint to the AEPD at www.aepd.es.