Privacy Policy

Nite is a software solution marketed by TM DATA, S.L.L. This policy applies to the processing of personal data carried out through this informational and contact website.

1. Privacy and data protection policy

In compliance with applicable legislation, TM DATA undertakes to adopt the technical and organisational measures necessary, according to the level of security appropriate to the risk of the data collected.

Laws incorporated by this privacy policy

This policy is adapted to current Spanish and European regulations on the protection of personal data on the internet. In particular, it complies with the following rules:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
• Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).
• Royal Decree 1720/2007 of 21 December approving the implementing regulation of Organic Law 15/1999 of 13 December on the Protection of Personal Data (RDLOPD), insofar as it remains applicable.
• Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the data controller

The controller of the personal data collected through this site is: TM DATA, S.L.L., with tax ID B75768523, registered in the Commercial Register of Madrid (hereinafter, the Data Controller). Contact details:

• Address: Paseo de Ginebra 9, 28022, Madrid.
• Email: dpo@tmdata.es

Record of processing activities

In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected through the forms on this site will be incorporated and processed for the purpose of handling information requests, commercial contact related to Nite, and maintaining the relationship established. Unless the exception provided for in Article 30(5) of the GDPR applies, a record of processing activities is maintained in accordance with that regulation.

Principles applicable to the processing of personal data

The processing of the User's personal data will be subject to the following principles set out in Article 5 of the GDPR and in Article 4 et seq. of Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights:

• Principle of lawfulness, fairness and transparency: the User's consent will be required at all times, following fully transparent information about the purposes for which personal data are collected.
• Principle of purpose limitation: personal data will be collected for specified, explicit and legitimate purposes.
• Principle of data minimisation: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.
• Principle of accuracy: personal data must be accurate and kept up to date at all times.
• Principle of storage limitation: personal data will be kept only in a form that permits identification of the User for as long as necessary for the purposes of processing.
• Principle of integrity and confidentiality: personal data will be processed in a manner that ensures their security and confidentiality.
• Principle of accountability: the Data Controller will be responsible for ensuring that the above principles are complied with.

Categories of data

Mainly identifying and contact data (name, email, telephone, message) that you voluntarily provide are processed. Special categories of data within the meaning of Article 9 of the GDPR are not processed, unless you voluntarily include them in a message; in that case, you are asked not to provide unnecessary or specially protected data.

Legal basis

The legal basis for processing is, as applicable, the data subject's consent, the performance of pre-contractual or contractual measures at their request, or the legitimate interest in responding to enquiries. You may withdraw consent at any time when processing is based on it.

Purposes of processing

To manage enquiries and information requests about Nite, maintain commercial contact where appropriate, and, where applicable, improve service quality and the experience on the site, always in compliance with applicable regulations.

Retention periods

Data will be retained for as long as necessary to fulfil the purpose for which they were collected and, as an indicative reference, for the usual periods of commercial management and limitation of liability, unless a higher legal retention obligation applies. You may request erasure when appropriate under the law.

Recipients and processors

Data may be disclosed to providers acting as processors on behalf of TM DATA, with an appropriate contract or standard clauses, including:

• Formspree, Inc. (or the equivalent provider configured for the contact form): processing of web form submissions.
• Hosting and deployment provider for the site (e.g. cloud infrastructure): technical hosting.
• Where applicable, Google Ireland Limited or other analytics or similar tool providers, if incorporated in the future and consent is requested when necessary.

Data will not be transferred to third parties for their own commercial use distinct from that indicated without a legal basis permitting it and prior information.

International transfers

Some providers may be located outside the European Economic Area. In such cases, TM DATA will seek to base the transfer on an adequacy decision, approved standard contractual clauses, or another safeguard provided for in the GDPR, and will inform you when regulations so require.

Minors

In accordance with Article 8 of the GDPR and Article 7 of the LOPD-GDD, only persons aged 14 or over may give valid consent for the processing of their data in information society services; for minors under 14, consent from those exercising parental authority or guardianship is required.

Security

TM DATA adopts technical and organisational measures appropriate to the risk. However, absolute security on the Internet cannot be guaranteed; in the event of a breach entailing a high risk to your rights, you will be informed when required under the GDPR.

Rights of the data subject

You may exercise the rights of access, rectification, erasure, restriction, objection, portability and, where applicable, not to be subject to decisions based solely on automated processing, by sending a request to the Data Controller, with reference "RGPD-Nite", accompanied by a copy of your national ID or equivalent identification document when necessary, to:

• Postal address: Paseo de Ginebra 9, 28022, Madrid.
• Email: dpo@tmdata.es

You may also lodge a complaint with the Spanish Data Protection Agency (www.aepd.es).

Third-party links

This site may include links to third-party sites. TM DATA is not responsible for the privacy policies of such sites; we recommend that you read their legal texts.

2. Acceptance and changes

Use of this site implies that you have read this policy. TM DATA may amend it due to legislative or organisational changes; the current version will be published on this page. We recommend reviewing it periodically.

---

Last updated: February 2026.