Legal
Privacy and Cookies Policy
1. Data Controller
The Data Controller of the data collected through this Website is Sttok Barcelona, S.L. (hereinafter, "Sttok") with registered office at Ausias Marc Street, No. 7, 3rd floor, contact email info@sttok.com
2. Purposes of Processing
The personal data provided to Sttok by the User will be used for:
• In cases of service contracting or product purchase: to enable the maintenance, development, and management of the business relationship formalized by the contracting of products and/or services through this Website. The data processed for this purpose will be retained while this business relationship is maintained and, once terminated, during the legally established retention periods and statute of limitations. The legal basis for carrying out this data processing is the execution of the contractual obligations assumed by the User and Sttok on the Website. For requests made by a User who does not maintain a contractual relationship with Sttok, the legal basis is the User's implicit consent in their request for Sttok to address it.
• In cases of information requests or contact: to address information requests and/or inquiries made by the User. The data processed for this purpose will be retained until the request is resolved and, once completed, during the legally established retention periods and statute of limitations. The legal basis for carrying out this data processing is the User's consent.
• To keep the User informed, including by electronic means, about Sttok's products, services, and news. The data processed for this purpose will be retained until the User withdraws their consent. The User may at any time expressly indicate whether or not they authorize such processing of their data. The legal basis for carrying out this data processing is the User's consent.
3. Recipients and Categories of Data Processors
The data may be communicated to Public Registries, for contract execution; Public Administrations for compliance with legal obligations; Banking Entities for managing collections and invoice payments; and to duly selected Data Processors. Additionally, Sttok may transfer personal data to Processors located outside the European Economic Area, in which case Sttok will have previously adopted appropriate data protection guarantees to carry out the international data transfer.
4. Exercise of Data Subject Rights
This privacy policy owned by Sttok informs the data subject that they may exercise at any time their rights of access, rectification, erasure, restriction, objection, or portability by email addressed to dpd@sttok.com or by writing to Sttok Barcelona, S.L. C/ Ausias Marc, 7, 3rd Floor, 08010-Barcelona. In processing whose legitimacy is based on consent, the User has the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. Sttok has appointed a Data Protection Officer whom you can contact through the previously mentioned contact channels, writing for their attention. The data subject shall have the right to file a complaint with the supervisory authority. We inform you that not providing the requested information may result in the impossibility of formalizing or fulfilling the purpose of the contract.
5. Sttok as Data Processor
Because Sttok is a platform where Users will provide third-party data for which Users are Data Controllers, Sttok adopts the position of Data Processor regarding such third-party data, as it has access to them to provide a service to the User. In this regard, Sttok, in relation to the personal data that the User may upload to the platform, whether through manual data entry or by uploading documents containing personal information, undertakes to:
• Process personal data only following documented instructions from the User, including with respect to personal data transfers, unless required to do so by Union or Member State law; in such case, the Provider will inform the User of that legal requirement prior to processing, unless such law prohibits this on important grounds of public interest.
• Ensure that persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
• Take all necessary measures in accordance with Article 32 of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter, "GDPR" or "Regulation").
• When the Processor engages another processor to carry out specific processing activities on behalf of the User, it will impose on that other processor, by contract, the same data protection obligations as stipulated in this Contract.
• Assist the User, taking into account the nature of the processing, through appropriate technical and organizational measures, whenever possible, so that they can fulfill their obligation to respond to requests for the exercise of data subjects' rights. The communication must be made immediately and in no case beyond the next working day after receiving the request, together with, where appropriate, any information that may be relevant to address the request.
• Help the User ensure compliance with the obligations established in Articles 32 to 36 of the Regulation, taking into account the nature of processing and the information available to the processor.
• Unless otherwise indicated by the User, delete all personal data once the provision of Services has ended, as well as delete existing copies, unless the retention of personal data is required by Union or Member State law.
• Make available to the User all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the Regulation. Immediately inform the User if, in the Processor's opinion, an instruction infringes the Regulation or other Union or Member State data protection provisions.
• Comply with any other obligation corresponding to it according to current data protection regulations.
• Notify the User of any personal data breach of which it becomes aware, together with all relevant information for documentation, resolution, and communication of the incident.
Cookies Policy
1. Use of cookies on the Website
This Website uses its own and third-party cookies in order to improve the services provided through it by processing the necessary data for this purpose.
2. What is a cookie?
This Website uses cookies and/or similar technologies that store and retrieve information when you browse. In general, these technologies can serve very diverse purposes, such as, for example, recognizing you as a user, obtaining information about your browsing habits, or personalizing the way content is displayed. The specific uses we make of these technologies are described below.
3. What cookies does this Website use and who uses them?
| Typology | Who manages them? | Activity period |
|---|---|---|
| Analysis or measurement: these are cookies that allow the person responsible for them to track and analyze the behavior of users of the websites to which they are linked, including quantifying the impacts of advertisements. The information collected through this type of cookies is used in the measurement of the activity of websites, applications or platforms, in order to introduce improvements based on the analysis of the usage data that users of the service make. | _ga – Google Analytics _ga_LWNDHYBY2N – Google Analytics mp_ba0860a57b27c67a154b377a60b956d9_ – Mixpanel | Persistent Persistent Persistent |
| Technical: these are cookies that allow the user to navigate through a web page, platform or application and use the different options or services that exist in it, including those that the publisher uses to allow the management and operation of the web page and enable its functions and services, such as, for example, controlling traffic and data communication, identifying the session, accessing restricted access parts, remembering the elements that make up an order, carrying out the purchase process of an order, managing payment, controlling fraud linked to the security of the service, carrying out the request for registration or participation in an event, counting visits for the purpose of billing licenses for the software with which the service works (website, platform or application), using security elements during navigation, storing content for the dissemination of videos or sound, enabling dynamic content (for example, loading animation of a text or image) or sharing content through social networks. | _lr_hb_-audwrk%2Fsttok – Own | Persistent |
| Also belonging to this category, due to their technical nature, are those cookies that allow the most efficient management possible of the advertising spaces that, as one more element of design or "layout" of the service offered to the user, the publisher has included in a web page, application or platform based on criteria such as the edited content, without collecting information from users for different purposes, such as customizing that advertising content or other content. | _lr_uf_-audwrk – Own _lr_tabs_-audwrk%2Fsttok – Own | Session Persistent |
4. How can I block or delete the cookies used by this Website?
The user can allow, block or delete cookies through the configuration panel made available to him. In addition, it should be noted that, if you accept third-party cookies, you can delete them from your browser options or from the system offered by the third party itself.
Blocking the installation of cookies does not prevent the effective use of the Website by the user
You can find out about transfers to third countries that, where applicable, the third parties identified in the table above make in their respective policies. In the case of Google it would be: https://www.google.com/about/company/user-consent-policy-help/ and in the case of Mixpanel it would be: https://mixpanel.com/legal/privacy-policy/
Talk to a corporate expert
Book 30 minutes and we'll show you Sttok applied to your company
No generic script. We'll show you how companies like Factorial, AXA, MyInvestor or PLD Space manage their captable, shareholder meetings and incentive plans with Sttok.