Privacy policy
Last updated: 12 April 2026
Last updated: April 12, 2026
1. Data controller
[COMPANY NAME], with registered address at [ADDRESS] and Tax ID [TAX ID], hereinafter SinKash, is the controller of the personal data collected through the website and platform.
Contact: [PRIVACY EMAIL]
2. Data we collect
Depending on the purpose, we collect the following data:
Contact form and commercial enquiries:
- Full name
- Email address
- Message or enquiry submitted
Platform registration and use (organisers):
- Full name of the account holder
- Email address and password (stored in encrypted form)
- Organisation or event name
- Billing information
Event attendee data (processed under instructions): Attendee data (name, assigned NFC card, consumptions) is entered and managed by the event organiser. In this case, SinKash acts as a data processor and only processes such data following the organiser’s instructions, who is the data controller.
3. Purpose and legal basis
| Purpose | Legal basis |
|---|---|
| Responding to enquiries and information requests | Legitimate interest / consent of the data subject |
| Managing platform access and use | Performance of a contract |
| Billing and legal compliance | Legal obligation |
| Sending commercial communications about SinKash | Explicit consent |
4. Retention period
Data will be retained for as long as necessary for the purpose for which it was collected:
- Contact data: until the enquiry is resolved or, where a contractual relationship exists, for the duration of the contract and subsequent legal periods (minimum 5 years for commercial and tax obligations).
- Account data: for the duration of the contract and applicable limitation periods.
- Attendee data: as agreed with the organiser, and in no case beyond legally required periods.
5. Recipients
SinKash will not transfer your data to third parties unless legally required. To provide the service, we use technology providers who act as data processors under the guarantees required by the GDPR:
- Cloud infrastructure providers (servers and storage)
- Communication and support tools
6. International transfers
If any provider is located outside the European Economic Area, we will ensure that adequate safeguards are in place (standard contractual clauses approved by the European Commission or other equivalent mechanisms).
7. Your rights
Under the General Data Protection Regulation (GDPR) and applicable national legislation, you may exercise the following rights:
- Access: find out what data we process about you
- Rectification: correct inaccurate or incomplete data
- Erasure: request deletion of your data when no longer necessary
- Objection: object to processing based on legitimate interest
- Restriction: request that we restrict the processing of your data
- Portability: receive your data in a structured and commonly used format
To exercise your rights, write to us at [PRIVACY EMAIL] stating your request and attaching a copy of your identity document.
You also have the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if you consider that the processing of your data is not appropriate.
8. Cookies
This website may use technical cookies necessary for its operation. We do not use tracking or advertising cookies without your prior consent.
9. Security
SinKash applies appropriate technical and organisational measures to protect your data against unauthorised access, loss, or alteration, including password encryption, restricted data access, and use of secure connections (HTTPS).
10. Changes to this policy
We may update this policy to reflect changes in legislation or our services. We will notify you of any significant changes through the website or by email.