ZENNIO KEY PRIVACY POLICY

Introduction

Zennio Avance y Tecnología S.L. ("Zennio" or “we/us”) is committed to protecting the privacy of all users (“You/r”, the “User”) of our App Services (“App Services”). This Privacy Policy explains our practices regarding the use of personal data collected and processed through the App “Zennio Key” and is part of our Terms of Service.

1. DATA CONTROLLER

The entity responsible for your data is Zennio Avance y Tecnología S.L., with Tax Number B45586724, domiciled in Río Jarama, 132. Nave P-8.11, 45007, Toledo, España. All communications regarding the processing of your personal data shall be directed to info@zennio.com.

2. PERSONAL DATA WE COLLECT ABOUT YOU AND HOW WE USE IT

For our App Services, we collect the following data as Data Controller:

Data collected	Legitimate basis collected	Purpose
Connecting Data. In order to connect your device to our App, we collect and process your device ID, location, IP, device description, connection code, screen use, connections with other device and user accounts, and device configuration. We use this information to analyse overall trends and to help improve the service. This information is not shared with third parties without your permission.	Legitimate Interest for our business, in conducting and managing our business to give you the best service/product and the best and most secure experience. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interest, and we do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).	Improve our Service and the User experience.

2.3 Data accuracy

It is important that the personal data we have about you is accurate and current. You are responsible for the accuracy of the information you provide to Us, and you are expected to update the information you provide to us.

2.4 Data use

General. We use your personal data to:

• Create your profile.
• Detect and solve errors.
• Provide our App Services, access control.
• Perform an internal analysis of operations and users to improve our service according to the preferences of the Users using the app. This analysis is anonymous.
• Comply with the legal, administrative, or judicial obligations to which we are subject.

3. PERSONAL DATA WE PROCESS ABOUT YOU AND HOW WE USE IT

For our App Services, we process the following data as Data Processor:

When You use the App Services, we may also process personal data for which Hotels are responsible as Data Controller, (i.e., we acting as Data Processor). In this case, You should visit your Hotel own`s Privacy Policy to understand what personal data they collect, the legal basis and purposes and retention period.

4. DATA DISCLOSURE

We process your personal data confidentially in accordance with the applicable legislation. Unless stated otherwise, your personal data will not be provided to third parties.

Specifically, we disclose your data as follows:

• We can give access to your personal data to our service providers under contracts for the provision of services in favour of the company. Among the others, Amazon Web Services which servers are located in Ireland. We require that all third parties respect the security of your personal data and treat them in accordance with the law. We do not allow our external service providers to use your personal data for their own purposes and we only allow them to process your personal data for specific purposes and in accordance with our instructions.
• We can make the personal data available to any company interested in buying or buying the Company or a part of your business and, consequently, give access to any national or international auditors to carry out their "due diligence".
• We can make the data available to the authorities to investigate suspicions of fraud, harassment or other violations of any law, rule or regulation, or the policies of the website.

5. DATA RETENTION

We only keep your personal data for as long as it is necessary to fulfil the purposes for which we have collected them, even to comply with legal, accounting or information requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, if we can achieve those purposes through other means and the applicable legal requirements.

6. INTERNATIONAL TRANSFERS (THIRD PARTY SERVICE PROVIDERS)

We do not use third-party technology services located in jurisdictions that generally do not provide adequate safeguards in relation to the processing of personal data.

7. SECURITY MEASURES

We implement security measures and personal data protection schemes as required by law to maintain the confidentiality and integrity of your data and protection against unauthorised access, modification, or destruction.

8. YOUR RIGHTS

You have rights under data protection laws in relation to your personal data. Specifically, you have the right to access, correct, request erasure, object to processing, request portability and restrict processing and for any processing that is based on your consent, you may withdraw that consent.

You also have the right to make any complaint to the competent authority, in this case the Spanish Data Protection Agency (AEPD), C/. Jorge Juan, 6, 28001 Madrid, Spain, but please contact us first. The aforementioned rights may be effective by contacting us at info@zennio.com.

9. GENERAL

We reserve the right to amend the terms of this Privacy Policy and will notify you by providing a clear notice of these changes by email or on our Website, and in this Privacy Policy. If you continue to use our Services after such update, you will be deemed to accept the new terms. If you do not accept the update, please terminate your account, or notify us and we will terminate your Account and remove any of your personal data (except as required to be maintained for legal purposes), and you will not be able to continue to use our Services.

Unless a specific local regulation sets forth to the contrary, the Privacy Policy is governed by the laws of Spain.

Version 1: November 23^th 2021