Privacy Policy

ALTAFONTE NETWORK SL is firmly committed to complying with Data Protection, in accordance with the General Data Protection Regulation, of 27 April 2016.

Who is the data controller for processing of your data? 

Data controller: ALTAFONTE NETWORK S.L. (Hereinafter, CREANAUTA). 

Registered address: C/ HIERRO, 33 3º. 28045, MADRID. 

Value Added tax identification number (CIF): B86156965 

What is the purpose of processing your personal data? 

CREANAUTA shall process your data for the following purposes: 

• Create and manage your profile in the Portal as interested in the platform offered by CREANAUTA. The legal basis for the processing of your data is based on your express consent, as well as the pre-contractual relationship between CREANAUTA and you. 

• Management of the provision of the contracted service, legally based on the contractual relationship between CREANAUTA and you. 

• Sending information related to the contracted products and services, based on a legitimate interest of the person in charge. 

• Sending newsletters with information of your interest if you give your consent. 

What is the legitimacy for processing your data? 

The legal basis for processing your data is based on your express consent, in a pre-contractual or contractual relationship, as well as in the legitimate interest of the person in charge, in accordance with the provisions of Article 6.1.a), b) and f) of the Regulation (EU) 679/2016. 

How long will your data be stored? 

The data shall be stored for as long as necessary for the purpose of processing, provided that you do not revoke your consent or, once the legal data retention periods have ended. 

To which recipients will your data be communicated? 

The data collected may be transferred to international digital retail stores and other third parties to which we have contracted the promotion or marketing of CONTENTS, as well as financial institutions for the collection and payment management. In addition, we may share your personal information for the fulfilment of a legal obligation or if we have your express authorisation. Nor shall we use your personal data for a purpose other than that expressed in this privacy policy. Therefore, all data transfers carried out shall be done under the protection framework indicated by the Spanish Agency for Data Protection, or provided that it is expressly consented by you and to countries whose security and confidentiality are guaranteed. 

Will international data transfers be carried out? 

CREANAUTA does not plan to make international data transfers. If necessary, they will only be made to entities under the authorisation of the US-European Union Privacy Shield agreement (more information:, or to entities that have demonstrated that they comply with the level of protection and guarantees in accordance with the parameters and requirements stipulated in current legislation on data protection, such as the European Regulation, or when there is a legal authorisation to carry out the international transfer. 

And if accessed by a minor? 

In general, the WEBSITE shall not process personal information, with reliable knowledge, of those aged fourteen (14) years and under. 

If when undertaking control activities, the WEBSITE discovers the involuntary compilation of information regarding children under 14 years, it shall take the necessary measures that, as a service provider and data processor, it is required to undertake and thus be able to delete such information, as soon as possible, except in those cases that, due to applicable legislation, it is necessary to store. 

In accordance with the provisions of the European Data Protection Regulation, those over 14 years of age are entitled to grant their consent, except in those cases where the law requires the assistance of parents or guardians in the provision of such data. 

Will I receive notifications and commercial promotions? 

The WEBSITE does not perform SPAM practices, so it does not send commercial emails that have not been previously requested or authorised by you. Consequently, in each of the forms included in the WEBSITE, you have the possibility of giving your express consent to receive such information, regardless of the commercial information requested. 

What security measures will we apply? 

The WEBSITE guarantees the appropriate degree of protection, adopting the necessary technical and organisational measures to ensure security and that are legally necessary in order to avoid loss, deterioration, deviation or access to unauthorised third parties of personal data collected here, thus keeping your data confidential. For this, we apply security measures designed to protect your data, such as HTTPS. We monitor our systems regularly to detect possible vulnerabilities and attacks. However, we cannot guarantee the complete security of information that you send us if a leak occurs in any of our physical, technical or management security measures. 

What rights can you exercise? 

Once, as a User of the WEBSITE you have provided us with your personal data, current legislation allows you as data subject: 

• To request access to personal data concerning the data subject, being able to know if we are processing your personal data and accessing your personal data. 

• To request the rectification of data if inaccurate. 

• To request the deletion of your data insofar as they are no longer necessary for the purpose that was communicated, or if we no longer have the necessary legitimacy to continue with processing thereof. 

• To request the limitation of data processing, in some cases, whereby we may suspend processing temporarily or retain them beyond the established time period when you may need them. 

• To oppose the processing of the information provided, unless there are compelling legitimate reasons for the treatment to prevail. 

• To revoke consent for each specific purpose, without this affecting the legality of the processing based on the express consent. 

• To request the portability of the data, which will be provided in a structured, commonly used or mechanical reading format. 

• To file a claim with the Spanish Data Protection Agency or competent control authority, if you believe that we have not treated you correctly. 

How can you exercise your rights? 

We have forms for the exercise of your rights, which you can request by email or by postal mail. If you prefer, you can use the forms prepared by the Spanish Data Protection Agency or the competent authority. 

These forms must be signed electronically or be accompanied by a photocopy of valid Identity Card. 

• By sending an email to the address: 

• By posting a letter to the address: C/ HIERRO, 33 3º. 28045, MADRID. In the case of representation, you must attach a copy of the representative’s current Identity Card with your application. 

What is the time period to address the exercise of rights? 

We will inform you of the actions pursuant to your request within the period of one month, which may be extended for two more months in the case of particularly complex requests and we will notify you of such extension within the first month. 

If we reject your request, we shall inform you of this, providing a response within a period of one month from its presentation. 

Can changes occur to the privacy policy? 

The WEBSITE reserves the right to modify this policy to adapt it to new legislation or jurisprudence, as well as industry practices. In such cases, the Provider will announce on this page the changes introduced with reasonable notice prior to their implementation.