Legal

Privacy Policy

Last updated: June 2026

1. Data controller

The data controller for your personal data is Studio Muxa Tech, S.L. (CIF B16378309), located at Duque de Calabria 3, 10, 46005 Valencia, Valencia. You can contact us at info@muxatech.com.

2. Data we collect

We collect the following data depending on the type of user:

• Anonymous users: a unique session identifier randomly generated (does not allow identifying the person). No name, email, or personal data is collected. • Restaurant owners: name, email, phone, establishment address, and billing data managed through Stripe (we do not directly store credit card data). • Browsing data: pages visited, platform interactions, device type, and browser.

3. Purpose of processing

Your data is processed for the following purposes:

• Providing the restaurant discovery and promotion service. • Managing subscriptions, billing, and payments through Stripe. • Sending service-related communications (call alerts, activity notifications). • Improving the platform through aggregated usage analysis. • Complying with legal obligations.

4. Legal basis

The processing of your data is based on:

• Execution of the service contract (GDPR art. 6.1.b) for account and subscription management. • User consent (GDPR art. 6.1.a) for marketing communications and browsing analysis. • Legitimate interest (GDPR art. 6.1.f) for service improvement and fraud prevention. • Legal obligations (GDPR art. 6.1.c) for regulatory compliance.

5. Third-party data sharing

Your data may be shared with:

• Stripe (Stripe Payments Europe, Ltd.) — for payment processing. Stripe operates under strict security measures and complies with PCI DSS. More information at stripe.com/privacy. • Resend (Resend Inc.) — for sending transactional emails. More information at resend.com/legal/privacy-policy. • Supabase (Supabase Inc.) — as database infrastructure and authentication provider. More information at supabase.com/privacy.

We do not share data with third parties for advertising purposes or sell personal data under any circumstances.

6. User rights

In accordance with the GDPR and LOPDGDD, you have the right to:

• Access your personal data. • Rectify inaccurate data. • Request deletion of your data when no longer needed. • Limit processing in certain circumstances. • Port your data to another controller. • Object to processing based on legitimate interest.

To exercise your rights, send an email to info@muxatech.com indicating the right you wish to exercise. We will respond within a maximum of 30 days.

7. Data retention

We retain your personal data while you maintain an active account on the platform. After account cancellation, data will be retained for the legally required period for compliance with fiscal and accounting obligations (generally 5 years), and subsequently will be securely deleted.

8. Cookies

DimeSitio uses technical cookies necessary for platform operation (session storage). We do not use behavioral advertising cookies or third-party tracking cookies. You can configure your browser to reject cookies, although some platform functionalities may be affected.

9. Modifications

We reserve the right to modify this Privacy Policy. Changes will be notified through the platform or by email to registered users. We recommend periodically reviewing this page.

10. Contact

For any questions about privacy or exercising your rights, you can write to us at info@muxatech.com or visit our registered office: Duque de Calabria 3, 10, 46005 Valencia, Valencia.