Logo
Log InSign Up

WEBSITE PRIVACY POLICY

https://www.smartests.app/

I. PRIVACY POLICY AND DATA PROTECTION

Respecting the provisions set by the current legislation, Smartests (hereinafter, also Website) commits to adopting the necessary organizational and technical measures suited to the security level proportional to the risk associated with the collected data.

Laws incorporated into this privacy policy

This privacy policy aligns with current Spanish and European regulations concerning personal data protection on the internet. Specifically, it adheres to the following frameworks:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, regarding the protection of natural persons in terms of the processing of personal data and the free movement of these data (GDPR).
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
  • Royal Decree 1720/2007, of December 21, which approves the Regulations for implementing Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the data controller responsible for personal data

The data controller responsible for the personal data collected at Smartests is: Lucas Botrán Jeppesen, with Tax ID (NIF): 55193984X (hereinafter, Data Controller). Their contact details are as follows:

Address: Calle Cartagena, 80

Contact phone: 686033308

Contact email: lucas.botran.j@gmail.com

Personal Data Registry

In compliance with what is established under GDPR and LOPD-GDD, we inform you that the personal data obtained by Smartests, through the forms included on its pages, will be integrated and treated in our file for managing and executing the commitments established between Smartests and the User, or maintaining the relationship established precisely via said forms, or attending to any requests/demands. Also, under the provisions set in GDPR and LOPD-GDD, unless the exception mapped in article 30.5 of GDPR applies, we retain a registry of treatment activities verifying processing objectives, carried-out activities, and any other GDPR specific requirements.

Principles applying to personal data processing

The handling of the User's personal data will abide by the principles featured in Article 5 of the GDPR and in Article 4 onwards of Organic Law 3/2018, on the Protection of Personal Data and Guarantee of Digital Rights:

  • Principle of lawfulness, fairness, and transparency: the User's consent will always be required, preceded by wholly transparent information regarding the objectives of storing this specific data.
  • Principle of purpose limitation: personal data will be collected for specified, explicit, and legitimate purposes.
  • Principle of data minimization: personal data recorded will be limited to what is strictly required related exactly to those processing reasons.
  • Principle of accuracy: personal data essentially has to be exact and properly updated.
  • Principle of storage limitation: data is to be maintained identically as permitting User identification strictly for the necessary timeframe addressing the processing purposes.
  • Principle of integrity and confidentiality: personal data receives adequate treatment guaranteeing optimal confidentiality and security conditions.
  • Principle of proactive responsibility: the Data Controller assumes full liability ensuring total compliance with preceding statements.

Personal Data Categories

The data categories maintained by Smartests encompass solely identifying data. Under no circumstances do these include special categories of personal data per Article 9 of the GDPR.

Legal basis for processing personal data

The legal foundational basis sustaining handling processes falls onto consent. Smartests engages in procuring clear and verifiable User consent intended explicitly to manage personal data oriented toward specified objectives.

The User retains undisputed rights allowing them to revoke previous consent arbitrarily whenever they choose. Withdrawing provided consent is equivalently uncomplex compared to conceding it. Normally, stepping away structurally from consent shouldn't inherently disrupt navigation/usage of the Website.

At times when formulating inquiries or managing relations demands submitting form details linked internally directly to Website features, the mandatory factor corresponding closely to essential system behaviors completing operational functionalities gets thoroughly exposed.

Intended purposes concerning collected personal data

Personal data items get pooled and processed centrally by Smartests oriented predominantly on smoothing, assisting, or securing commitments connecting the Website with its User context directly resulting from managing requests filled throughout available forms.

Further usages targeting structural components may integrate operational metrics, internal customization, organizational statistical gathering intimately parallel implicitly to functional duties held internally by Smartests alongside generating market-oriented insights fitting overall improvement regarding Website operations and content optimization.

Users face full procedural transparency clarifying any singular/plural specificities guiding exact information implementation processes seamlessly upfront during direct data harvesting.

Data retention timelines

Uploaded documents and personal variables follow these expiration rules:

  • Uploaded PDF documents: max holding bounds reaching 1 mes initiating logically upon finalized upload.
  • Generated quizzes: structurally active tracking until 1 año unless manual User removal intervenes.
  • Underlying account credentials: in continuous circulation matching direct user account validity status (pending absolute manual deletion).

Going beyond declared duration horizons automatically engages systematic deletion procedures removing these parameters irreversibly.

Processing parameters covering artificial intelligence systems

Uploaded source materials might transit through distinct processing lines including exterior assets logically resembling Google AI (Gemini) API interfaces or alternative frameworks natively linked internally reaching directly CloudConvert, restricting handling purely around format translation mechanics or structural quiz builds. Smartests fundamentally denies internal retention procedures surpassing structural process finalization scopes. Artificial intelligence models strictly refrain completely from deploying document contents toward broader generalized external learning loops natively affecting foreign environments.

Account holders assume immediate liability overseeing inherent material contents enforcing rigid boundaries excluding confidential parameters logically breaching proprietary copyrights natively matching distinct outside parties.

Recipients of personal data

User personal details are distributed explicitly matching listed functional categories:

1. Vercel Inc., California, United States (Website deployment and intrinsic hosting)

2. Supabase Inc., Singapore (Central database layers, authentication gates, storage systems)

3. Google Ireland Ltd., Dublin, Ireland (Fundamental Gemini framework processing)

4. Stripe Payments Europe, Ltd., Dublin, Ireland (Structural subscription and billing nodes)

5. Resend Inc., Delaware, United States (Translational transactional email deliveries)

6. PostHog Inc., San Francisco, United States (Integrated statistical event aggregation)

7. CloudConvert (Lunaweb GmbH), Berlin, Germany (Fundamental conversion pathways natively transforming targeted files)

In circumstances obligating structured external transfers targeting remote organizational tiers natively functioning across international limits, preliminary notices transparently identifying fundamental transfer goals remain thoroughly enforced alongside formal European adaptation prerequisites securely covering these explicit interactions.

International data transfers

Specific vendors operate natively outside structural variables bounding explicit European Economic Area (EEA) jurisdictions. Structural guarantees internally managing cross-border translations natively enforce standardized Standard Contractual Clauses (SCCs) directly aligning with robust equivalent legislative safeguards essentially covering comprehensive Data Privacy Frameworks comprehensively matched securely alongside definitive European protections natively mapped directly.

Handling data regarding minors

Abiding faithfully according to explicitly drawn structural limits found deeply across Article 8 within GDPR bounds paralleled properly along domestic legal branches natively linked explicitly identifying minor restrictions securely reaching Smartests , solely individuals technically above 14 years possess independent faculties delivering verified autonomous mandates handling native processing systems smoothly. Minor ranges systematically enforce strict mandates compelling parent/guardian verified integrations seamlessly.

Confidentiality and data security variables

Smartests actively adopts required structural measures structurally bounding recognized security benchmarks protecting fundamental processing lines actively intercepting unauthorized access attempts securely guarding internal data layers intrinsically matching verified technical solutions.

Extensive SSL logic loops heavily guard transit lines connecting systemic server pathways fundamentally protecting underlying user identities thoroughly enforcing end-to-end encoded environments comprehensively.

Recognizing structural vulnerabilities innately embedded directly across systemic internet parameters affecting inherently generalized landscapes explicitly handled through Smartests , immediate breach protocols comprehensively mandate swift disclosure variables essentially notifying target users fundamentally whenever explicit threat parameters potentially compromise underlying intrinsic security measures securely covering native scopes natively aligned alongside standardized GDPR incident policies securely handled internally.

All involved entities bound directly across operational parameters retain strict confidential requirements structurally enforcing permanent internal boundaries fully shielding processing environments completely comprehensively matched essentially natively protecting fundamental scopes entirely.

Derived rights concerning personal data processing

Users strictly maintain overriding legal empowerment directly over Smartests entitling full procedural claims fundamentally engaging structural obligations extensively recognized systematically under GDPR principles explicitly matched properly mapped accurately across domestic frameworks directly corresponding directly:

  • Right of access: Direct capability granting complete access verifying precise underlying processing circumstances inherently governed closely via Smartests explicitly retrieving functional overviews naturally clarifying structurally verified components thoroughly checking exact parameters logically bound securely along native Smartests operational loops inherently tracking internal transfer recipients comprehensively.
  • Right to rectification: Verified entitlement securing fundamental rights actively updating flawed data layers structurally correcting essentially misleading components completely matching current processing goals structurally.
  • Right to erasure ("Right to be forgotten"): Constitutional boundary fundamentally securing structural deletion variables systematically purging underlying tracking traces naturally withdrawing ongoing systemic approvals natively interrupting unlawful external handling natively tracking completely verified requests comprehensively.
  • Right to restriction of processing: Procedural block halting inherent operational sequences fully suspending processing parameters thoroughly challenging systemic accuracy bounds definitively tracking legal necessity constraints closely matching explicit internal limits structurally.
  • Right to data portability: Recognized mandate logically securing extraction variables directly moving embedded values toward standardized common digital formats transparently transitioning structurally bound processing mandates across recognized authorized environments safely comprehensively mapped fully.
  • Right to object: Distinct operational capability forcibly rejecting assumed automated loops deliberately targeting internal processing branches fully restricting ongoing bounds exclusively mapped properly along Smartests.
  • Right regarding automated decisions and profiling: Direct restriction structurally stopping generalized automated algorithmic loops fully overriding profiling mechanisms fundamentally ignoring native human oversight essentially preventing blind algorithmic outputs entirely securely.

Users fundamentally enact underlying procedural variables formally expressing direct claims officially bound properly utilizing recognized written channels systematically addressing specific internal parameters matching specific "RGPD-https://www.smartests.app/", guidelines explicitly incorporating:

  • Full verified identity documentation thoroughly proving active legal status validating direct authorized representation securely mapping verified official IDs confirming specific origins exclusively securely.
  • Detailed procedural parameters clarifying explicit targets essentially defining complete requested actions fully matching structurally verified demands distinctly correctly.
  • Physical delivery nodes securely addressing precise follow-up correspondence actively.
  • Dates verifying official timelines accompanied fully alongside verified signatures properly validating structured commands exactly.
  • Complementary backing documentation conclusively proving alleged structural claims completely.

Structured legal submissions officially routing precisely map naturally linking corresponding delivery nodes properly addressing:

Postal address: Calle Cartagena, 80

Email: lucas.botran.j@gmail.com

External links leading structurally toward third parties

Certain systemic integrations distinctly link outside intrinsic operational confines heavily transcending verified internal bounds directly separating Smartests, naturally bypassing primary structured systems specifically maintained formally along Smartests. Outside administrators legally govern standalone platforms deliberately establishing distinctly independent operational layers internally mapped independently correctly fundamentally separating underlying liabilities specifically securely.

Regulatory disputes matching official authorities

Perceived structural infringements natively clashing directly violating recognized constitutional limits permanently enable absolute systemic appeals systematically routing precise legal claims definitively targeting overarching regional oversight entities thoroughly addressing underlying disputes perfectly corresponding fundamentally reaching explicitly the Spanish Data Protection Agency ( https://www.aepd.es/).

II. ACCEPTANCE AND MODIFICATIONS CONCERNING THE PRIVACY POLICY

Navigational capabilities firmly condition explicit User consensus formally validating explicit embedded clauses naturally supporting underlying systemic operations perfectly balancing recognized processing limits inherently defining standardized timelines comprehensively capturing generalized operational limits accurately explicitly.

Smartests strictly preserves fundamental unilateral mandates permanently adjusting overall policy criteria dynamically answering legal systemic modifications structurally tracking established doctrinal transitions efficiently without triggering preemptive generalized alerts proactively essentially relying purely on spontaneous iterative checks comprehensively tracking recognized adjustments completely accurately.

Current structural text thoroughly incorporates overriding legal bounds meticulously mapping European GDPR demands organically alongside domestic Organic Law mandates definitively tracking comprehensive digital rights essentially accurately directly correctly fully.