← Back to Home

Privacy Policy

Last Updated: December 28, 2024

1. Introduction

Satinesa ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our airport retail intelligence platform and website (collectively, the "Service").

As a European company, we adhere to the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, company name, job title, phone number
• Business Information: Airport details, retail space data, lease information, financial data (when uploaded to platform)
• Communication Data: Messages, inquiries, and feedback you send us
• Payment Information: Billing address and payment details (processed securely through third-party providers)

2.2 Automatically Collected Information

• Usage Data: Pages viewed, features used, time spent on platform, click patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies: Session cookies, preference cookies, analytics cookies (see Cookie Policy below)

2.3 AI-Generated Data

• Platform-generated reports, recommendations, and analytics based on your input data
• Predictive models and insights created from historical data

3. How We Use Your Information

We use collected information for the following purposes:

• Service Delivery: Provide access to platform features, AI analytics, and reporting tools
• AI Processing: Generate predictive models, ROI calculations, space recommendations, and automated reports
• Platform Improvement: Analyze usage patterns to enhance features and user experience
• Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance
• Communication: Send service updates, feature announcements, and relevant business information
• Security: Detect fraud, prevent abuse, and maintain platform security
• Legal Compliance: Meet regulatory requirements and respond to legal requests

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide our Service under our Terms of Service
• Legitimate Interests: Platform improvement, security, and business analytics
• Consent: Marketing communications (you can withdraw consent anytime)
• Legal Obligations: Compliance with applicable laws and regulations

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share information with:

5.1 Service Providers

• Cloud hosting providers (data stored in EU/EEA data centers)
• AI/ML processing services (OpenAI API, Azure AI)
• Payment processors (Stripe, PayPal)
• Analytics providers (privacy-compliant)
• Customer support tools

5.2 Business Partners

• Airport operators (only data relevant to your relationship with them)
• Authorized users within your organization

5.3 Legal Requirements

• When required by law, court order, or regulatory authority
• To protect our rights, property, or safety
• In connection with business transfers (mergers, acquisitions)

6. International Data Transfers

Your data is primarily stored in EU/EEA data centers. If data is transferred outside the EEA, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Other approved transfer mechanisms under GDPR

7. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing or other consent-based processing

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Retention

We retain your data for as long as:

• Your account is active
• Needed to provide our Service
• Required by law or for legitimate business purposes

Account data: Deleted within 90 days of account closure (unless legal retention required)
Analytics data: Anonymized and retained for up to 3 years
Legal/tax records: Retained per applicable regulations (typically 7-10 years)

9. Data Security

We implement industry-standard security measures:

• AES-256 encryption for data at rest
• TLS 1.3 encryption for data in transit
• Multi-factor authentication (MFA) available
• Regular security audits and penetration testing
• Access controls and role-based permissions
• SOC 2 Type II compliance (in progress)

While no system is 100% secure, we continuously monitor and improve our security practices.

10. Cookies and Tracking

We use cookies for:

• Essential Cookies: Required for platform functionality (cannot be disabled)
• Analytics Cookies: Understand usage patterns (opt-out available)
• Preference Cookies: Remember your settings

We do NOT use third-party advertising cookies. You can manage cookie preferences in your browser settings.

11. Third-Party Links

Our Service may contain links to external websites (e.g., airport websites, partner platforms). We are not responsible for their privacy practices. Please review their privacy policies separately.

12. Children's Privacy

Our Service is not intended for individuals under 18. We do not knowingly collect data from children. If you believe we have collected data from a minor, contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via email or platform notification.

14. Contact Us

For privacy-related questions or to exercise your rights:

• Email: [email protected]
• Data Protection Officer: [email protected]
• General Contact: Contact Form

15. Supervisory Authority

If you believe we hav