Privacy policy

This Policy applies as between you, the User of this Web Site and STAY the owner and provider of this Web Site. This Policy applies to our use of any and all Data collected by us in relation to your use of the Web Site and any Services or Systems therein.

1. Definitions and Interpretation


BASIC INFORMATION 

Data Controller

Mobail Apps, S.L. (hereinafter referred to as "Stay")

B85879831

Calle Bravo Murillo 377, 8ºFloor, 28020, Madrid

gdpr@stay-app.com

Purposes of the processing of personal data

  1. Manage and maintain the commercial relationship.

  2. Respond to requests for information. 

  3. Send satisfaction surveys to students.

Retention periods: The data will be kept during the contractual relationship, as long as the deletion is not requested by the data subject and as long as they are necessary for the fulfillment of a legal obligation. Once the contractual relationship has ended, the data will be kept blocked for the period of limitation of the applicable legal actions. 

Origin

-Facilitated by the user.

Legal Basis

Execution of the contract between the parties or application of pre-contractual measures.

-Compliance with STAY's legal obligations.

-Legitimate interest of STAY.

Assignment recipients

There will be no transfers, except to Public Administrations when it is necessary to comply with a legal obligation, or, where appropriate, to the State Security Forces and Corps or Judges and Courts. 

Rights of data subjects

Place of exercise: either by e-mail: gdpr@stay-app.com, or at Stay's registered office: Calle Bravo Murillo 377, 8ºPlanta, 28020, Madrid.

We inform you that you can exercise your rights of access, rectification, deletion, limitation of processing, opposition, data portability or not to be subject to a decision based solely on automated processing, as well as to withdraw the consent given. 

If you believe that your personal data has not been processed in accordance with the law, you can file a complaint with the Spanish Data Protection Agency: www.aepd.es.

More information can be found in the full Privacy Policy in this document.














  1. Who is the data controller?


Mobail Apps, S.L. (hereinafter, "Stay") is responsible for the processing of personal data in Stay Academy for all users who participate in the courses independently and not associated with the procurement of services by Stay customers.


With respect to users who are employees or representatives of Stay's customers, Stay will act as a data processor on behalf of its customers.


Stay is a company domiciled at Calle Bravo Murillo, 377, 8ºPlanta, 28020, Madrid, and its Tax ID number is B85879831.


At Stay we are committed to the fundamental right to the protection of your personal data and this privacy policy is intended to inform you of your rights under the General Data Protection Regulation ("GDPR").


We inform you that Stay has a Data Protection Officer in accordance with the RGPD, at your disposal for any questions or concerns regarding the processing of your data, and that you can contact through gdpr@stay-app.com.



  1. What information do we process?


  1. The data you provide us directly:


We collect information about you when you contact us through the channels we have set up for this purpose, such as registering for courses through the forms provided on the website


When you contact us through these channels, we will ask for your information: name, email, password, department and if you are a Stay customer user.


All fields marked with an asterisk (*) in the forms you find in the mentioned channels must be completed, so that the omission of any of them could lead to the impossibility of providing the requested services.


It is essential that you protect your passwords, and the access codes you generate at all times. You will be responsible for your personal account, so you agree to make diligent use of such information, not to make it available to third parties, and to inform us promptly of its loss or theft.


To ensure that the information provided is always updated and contains no errors, you must inform Stay as soon as possible of any changes to your personal data by sending an email to gdpr@stay-app.com.


Likewise, by clicking on the "I accept" button (or equivalent) incorporated in the forms, you declare that the information and data you have provided in them are accurate and truthful.


  1. Data obtained indirectly:


When you browse, different cookies and other tracking devices may be installed on your device, as explained in our Cookies Policy: https://education.stay-app.com/cookies



  1. What is the origin of the data? 


We consider that all data processed by Stay have been freely provided by you. 


If the personal data provided belong to a third party, you guarantee that you have informed them of this Privacy Policy and have obtained their authorization to provide the data to Stay for the purposes indicated above. Likewise, you guarantee that the data provided are accurate and up to date, and you are responsible for any damage or loss, direct or indirect, that may be caused because of a breach of this obligation. 



  1. For what purpose and on what legal basis do we process the data?


Stay is responsible for the processing of personal data for the following purposes and in accordance with the following legal bases:


  • Based on the management of the contractual or pre-contractual relationship:


  1. Manage the acquisition of products in Stay Academy, attend to any type of incident or request derived from the same, and carry out the formalities related to the issuance of certificates. 

  2. Manage your registration as a user on our website, as well as allow your access to the student area. 


  • Based on STAY's compliance with legal obligations:


  1. Allow users to exercise their data protection rights.

  2. Comply with the regulations applicable to STAY.


  • Based on the existence of a legitimate interest on the part of STAY:


  1. Keep you informed about STAY's products and services, related to those previously contracted and that may be of interest to you. 

  2. Conduct periodic reviews of our services and carry out satisfaction surveys to evaluate and improve the quality of the service we provide. 

  3. Conduct internal reviews and, if necessary, contact the customer if fraud or identity theft is detected or there are reasonable suspicions of fraud or identity theft.


However, if you do not want your data to be processed for these purposes, you can object at any time by contacting us at gdpr@stay-app.com as indicated in the Exercise of Rights section of this Privacy Policy.


  1. To whom is the data communicated?


We do not transfer your data to third parties beyond the necessary communications to public administrations or justice for the fulfillment of the legal obligations that apply to us. 


However, if it is necessary to carry out any transfer, we will inform you beforehand and it will always be carried out on the basis of a legal basis that legitimizes the processing.


Service providers with access to data: we use suppliers who may also process your data, but they would do so on our behalf and on our account to fulfill the purposes indicated above in this document, i.e. never for their own purposes. This is the detail of the categories of providers :


  • Administrative services. 

  • Advertising and communication services. 

  • Services of legal activities. 

  • Printing and enveloping services. 

  • Archiving, custody, storage and digitalization services.

  • Document removal and destruction services.

  • Back office services. 

  • Other business support activities.

  • Companies providing IT services:

    • Technology platform services. 

    • Hosting services. 

    • Data processing services. 

    • Architectural and engineering services. 

    • Backup services. 

    • Business continuity services.

    •  Electronic custody services. 

    • IT consulting services. 

    • Security and cybersecurity services. 


We have signed specific contracts with all of them in accordance with the regulations.


In the case of using suppliers located in countries outside the European Union, we ensure that personal data is transferred in compliance with the law (signature of European Commission Standard Contractual Clauses; use of certifications approved by the European Commission; adoption of binding corporate standards, or any of the exceptions provided for in the regulations). 


  1. Exercise of your rights.


We inform you that you may exercise the following rights:


  1. Right of access to your personal data to know which data are processed and the processing operations.


  1. Right to rectify any inaccurate personal data.


  1. Right to suppression of your personal data.


  1. The right to request the limitation of the processing of your data when the accuracy, legality, or necessity of the data processing is doubtful, in which case, we may retain your data for the exercise or defense of claims.


  1. Right to object to automated decision making, including profiling. 


  1. Right to object to the processing of your personal data when the legal basis that enables us to process it, according to paragraph 4 above, is the legitimate interest of STAY.


  1. Right to data portability.


  1. Right to revoke the consent given.


You may exercise your rights free of charge in any of the following ways:


  1. By sending an e-mail to gdpr@stay-app.com indicating the right you wish to exercise.

  2. By sending a written request to Calle Bravo Murillo, 377, 8ºPlanta, 28020, Madrid, indicating the right you wish to exercise. 

  3. In addition, you can stop receiving commercial communications by clicking on the "Unsubscribe" section at the bottom of the email where you receive our commercial communications. 


If there is any doubt about your identity, we may ask you for additional information to verify that it is really you.


We inform you that you have the right to file a complaint with the Spanish Data Protection Agency if you consider that we have not treated your data in accordance with the personal data protection legislation at www.agpd.com.


We also inform you that you can prevent your data from being used to send you commercial communications from companies operating in Spain by registering in the Robinson List (www.listarobinson.es)


  1. Time period for the conservation of your data.


We will keep your personal data for the duration of the contractual relationship, and once it is terminated, we will keep it blocked for the period of limitation of the legal actions that may be applicable. The data will then be destroyed. 

Otherwise, if there is no contract, we will inform you of the retention period of the processing in particular at the time of collecting your personal data.


  1. Security and confidentiality.


In order to prevent unauthorized access or disclosure of personal data, we have taken appropriate security measures to safeguard your information.


  1. Minors.


Minors under 18 years of age may not use the services available through our website without the prior authorization of their parents, guardians or legal representatives, who shall be solely responsible for all acts performed through the site by minors in their care, including the completion of the forms with the personal data of such minors and the marking, where appropriate, of the boxes that accompany them. In this sense, and to the extent that Stay does not have the capacity to control whether or not users are minors, it must be the parents and guardians who enable the necessary mechanisms to prevent them from accessing the website and / or provide personal data without their supervision, not admitting Stay any responsibility in this regard.



  1. Privacy policy update.


We make our best efforts to keep our privacy policy up to date. If we make changes, they will be clearly identifiable, and we will inform you by the means we have established with you (for example: we may communicate changes by email).


This privacy policy has been revised and posted as of 20 of september of 2024

2. Data Collected

Without limitation, any of the following Data may be collected:
  • 2.1 name;
  • 2.2 date of birth;
  • 2.3 job title & profession;
  • 2.4 contact information such as email addresses and telephone numbers;
  • 2.5 demographic information such as post code, preferences and interests;
  • 2.6 financial information such as credit / debit card numbers;
  • 2.7 IP address (automatically collected);
  • 2.8 web browser type and version (automatically collected);
  • 2.9 operating system (automatically collected);
  • 2.10 a list of URLS starting with a referring site, your activity on this Web Site, and the site you exit to (automatically collected); and
  • 2.11 Cookie information (see Clause 10 below).

3. Our Use of Data

  • 3.1 Any personal Data you submit will be retained by STAY for as long as you use the Services and Systems provided on the Web Site. Data that you may submit through any communications System that we may provide may be retained for a longer period of up to one year.
  • 3.2 Unless we are obliged or permitted by law to do so, and subject to Clause 4, your Data will not be disclosed to third parties. This includes our affiliates and / or other companies within our group.
  • 3.3 All personal Data is stored securely in accordance with the principles of the Data Protection Act 1998. For more details on security, see Clause 9 below.
  • 3.4 Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Web Site. Specifically, Data may be used by us for the following reasons:
  • 3.4.1 internal record keeping;
  • 3.4.2 improvement of our products / services;
  • 3.4.3 transmission by email of promotional materials that may be of interest to you;
  • 3.4.4 contact for market research purposes which may be done using email, telephone, fax or mail. Such information may be used to customise or update the Web Site.

4. Third Party Web Sites and Services

STAY may, from time to time, employ the services of other parties for dealing with matters that may include, but are not limited to, payment handling, delivery of purchased items, search engine facilities, advertising and marketing. The providers of such services do not have access to certain personal Data provided by Users of this Web Site. Any Data used by such parties is used only to the extent required by them to perform the services that STAY requests. Any use for other purposes is strictly prohibited. Furthermore, any Data that is processed by third parties must be processed within the terms of this Policy and in accordance with the Data Protection Act 1998.

5. Changes of Business Ownership and Control

  • 5.1 STAY may, from time to time, expand or reduce its business and this may involve the sale of certain divisions or the transfer of control of certain divisions to other parties. Data provided by Users will, where it is relevant to any division so transferred, be transferred along with that division and the new owner or newly controlling party will, under the terms of this Policy, be permitted to use the Data for the purposes for which it was supplied by you.
  • 5.2 In the event that any Data submitted by Users will be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted you will be given the choice to have your Data deleted or withheld from the new owner or controller.

6. Controlling Access to your Data

  • 6.1 Wherever you are required to submit Data, you will be given options to restrict our use of that Data. This may include the following:
  • 6.1.1 use of Data for direct marketing purposes; and
  • 6.1.2 sharing Data with third parties.

7. Your Right to Withhold Information

  • 7.1 You may access certain areas of the Web Site without providing any Data at all. However, to use all Services and Systems available on the Web Site you may be required to submit Account information or other Data.
  • 7.2 You may restrict your internet browser’s use of Cookies. For more information see Clause 10 below.

8. Accessing your own Data

  • 8.1 You may access your Account at any time to view or amend the Data. You may need to modify or update your Data if your circumstances change. Additional Data as to your marketing preferences may also be stored and you may change this at any time.
  • 8.2 You have the right to ask for a copy of your personal Data on payment of a small fee.

9. Security

Data security is of great importance to STAY and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected online.

10. Changes to this Policy

STAY reserves the right to change this Privacy Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Web Site and you are deemed to have accepted the terms of the Policy on your first use of the Web Site following the alterations.

11. Contacting Us

If there are any questions regarding this privacy policy you may contact us at