Cerrar

Privacy

Last Updated 22/04/2026

This Privacy Policy provides information on how SITUM TECHNOLOGIES, S.L. (“SITUM”) processes personal data in connection with the services it provides (the “Services”), in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”) and applicable Spanish data protection laws.

– Our “Web sites”

– Our “APPs”:

  • Situm Mapping Tool
  • Situm Mapping Tool – No gyro
  • Situm MRM
  • Situm Wayfinding

– Also:

  • APIs REST
  • SDKs móviles
  • Budgets and commercial information.

1. Data controller

SITUM TECHNOLOGIES, S.L. (hereinafter “SITUM”, or “Data Controller”), with registered address at Rúa do Restollal, número 32, Edificio Paxonal, Planta 4, Oficina 401, 15702 (Santiago de Compostela) and Tax Identification Number B70401229, acts as data controller in relation to the processing of personal data carried out in connection with the Services described in this Privacy Policy.

You can contact SITUM at the above postal address, or by email at situm@situm.com.

2. Personal data processed

Depending on the Services used, SITUM may process the following categories of personal data:

a) Data collected through APPS, SDKs and APIs:

  1. Device identifiers (including unique device identifiers)
  2. Device information (model, operating system, battery level)
  3. Network and connectivity data (including Wi-Fi, BLE signals and mobile network information)
  4. Location data
  5. Application and SDK identification data (name, version and package information)
  6. System-generated events and alarms

b) Data collected through Websites and web panels:

  1. Identification and contact data; such as name, surname, email address and phone number.
  2. Account credentials, including encrypted or hashed passwords.
  3. Technical data such as operating system, browser type and settings, and IP address.
  4. Usage data, including access logs and interaction with the Services.
  5. Cookies and similar technologies (as described in the Cookies Policy) (https://situm.com/es/cookies)

c) Data related to customer content and service use:

  1. Buildings cartography, included the location, dimensions, floor plans, points of interest, events and navigation routes.
  2. Information about user interactions with Situm Services, including device IP, accessed URLs, bug reports, system activity and exact time of access.
  3. Visual and branding elements (such as logos, styles and themes).

d) Workforce Tracking module (if enabled):

Where the User activates the “Workforce Tracking” module within the Situm Dashboard, SITUM may process the following additional data (https://situm.com/assets/docs/situm-masteragreement.pdf).

  1. Identification data of users: name and surname.
  2. Association between users and devices.
  3. Organizational data: company, role or profile within the platform.
  4. Work activity data, including shift start and end times.
  5. Operational data, such as patrols and compliance metrics.
  6. Alerts and incidents generated by users

3. Purpose and legal basis

SITUM processes personal data for the purposes described below, in accordance with the applicable legal bases under the GDPR. Where relevant, certain processing activities may involve the participation of service providers acting on behalf of SITUM, as further described in the “Data Processors and Service Providers” section.

a) APPS USERS, WEBS, WEBs AND EMAIL CONTACTS:

SITUM processes personal data provided by Users through its Apps, Websites, contact forms, user accounts or communications for the following purposes:

  • Provision of the Services; wich means the registration, access and use of the platform.
    • Management of requests and technical support.
    • Service-related communications.
    • Improvement of services, analytics and troubleshooting.
    • Commercial communications, where permitted.

Legal basis: The processing of personal data is based on the performance of a contract or pre-contractual measures, where necessary to provide the requested services or respond to user requests. In addition, SITUM may process personal data based on its legitimate interests, in particular to provide technical support, improve its services and ensure their proper functioning. Where required by applicable law, SITUM will request the User’s consent, for example in relation to the sending of commercial communications.

Users are informed of this Privacy Policy at the time of submitting their data through the corresponding forms. Where consent is required, it will be obtained through the appropriate mechanisms, such as ticking the relevant acceptance box.

b) SDKs Y APIs REST

SITUM provides SDKs and REST APIs that allow Users and customers to access and use functionalities of the platform, including retrieving location data, historical data and cartographic information.

The processing of personal data in this context is based on the performance of a contract or pre-contractual measures. SITUM also provides SDKs and APIs that enable third parties to integrate SITUM technology into their own applications. In such cases, SITUM acts as a data processor, processing personal data on behalf of the relevant data controller, in accordance with applicable data protection agreements. In this case, Each party shall be responsible for complying with its respective obligations under applicable data protection laws.

c) SOCIAL NETWORKS CONTACTS

SITUM may process personal data available through social media platforms when Users interact with its official profiles or contact SITUM through such channels. Puroposes:

  • Answer the queries or requests.
    • Manage service, reply to the request, or process a request.
    • Maintaining and managing SITUM’s presence on social media platforms.

In this case, the processing is based on SITUM’s legitimate interest in managing its presence on social media and communicating with Users through these channels. Users are informed that SITUM has limited control over the data processed through social media platforms. Such platforms act as independent data controllers and process personal data in accordance with their own privacy policies. Users can manage their data, privacy settings and any requests related to their personal data directly through the corresponding social media platform.

d) JOB SEEKERS / INTERNSHIPS

SITUM processes personal data provided by candidates through the “Careers” section or via email (jobs@situm.com), including identification and contact data, as well as information contained in their CVs, for the following purposes:

  • Organization of recruitment processes.
    • Evaluating applications and organising interviews.

Processing is based on pre-contractual measures at the request of the data subject. Personal data will be retained for a maximum period of one year from receipt. After this period, data will be securely deleted, unless the candidate submits an updated application.

e) NEWSLETTER:

SITUM offers the possibility to subscribe to the SITUM Newsletter. The purpose of the treatment is to send the Newsletter and commercial communications by electronic means. Processing is based on the User’s explicit consent, provided by subscribing to the newsletter and, where applicable, by ticking the corresponding acceptance box. Personal data will be processed for as long as the User remains subscribed to the newsletter. Users may withdraw their consent at any time by using the unsubscribe link included in each communication. Users may also exercise their rights in accordance with the GDPR, as described in the relevant section of this Privacy Policy.

F) WEBINARS AND ONLINE EVENTS:

If the User chooses to participate in a Webinar hosted by SITUM, we will process the data previously provided by the User (email, name and surname) for the purposes of managing registration, attendance and follow-up. The legal basis for this processing is the User’s consent, expressed through the registration request.

4. Rights of the User

The GDPR recognizes that the User has several rights, which SITUM as Data Controller is obliged to guarantee the following rights:

  • Right of access: to obtain confirmation as to whether personal data concerning them is being processed, and, where that is the case, access to such data.
  • Right to rectification: to request the correction of inaccurate or incomplete personal data.
  • Right to erasure: to request the deletion of personal data where, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  • Right to restriction of processing: to request the limitation of the processing of personal data in certain circumstances.
  • Right to data portability: to receive personal data in a structured, commonly used and machine-readable format, and to transmit it to another controller where applicable.
  • Right to object: to object to the processing of personal data in certain circumstances, in particular where processing is based on legitimate interests.
  • Right to withdraw consent: where processing is based on consent, Users may withdraw their consent at any time without affecting the lawfulness of processing carried out prior to such withdrawal.
  • Right to lodge a complaint: to file a complaint with the competent supervisory authority, in particular the Spanish Data Protection Agency.

To exercise these rights, Users may contact SITUM at dpo@situm.com or at the postal address indicated above. SITUM may request additional information to verify the identity of the requester where necessary.

SITUM will respond to requests within one month from receipt. This period may be extended by two additional months where necessary, taking into account the complexity and number of requests. In such cases, the User will be informed accordingly.

5. Processing of third party data

As a general rule, the Data Controller will only process the data provided by by the data subject. Where Users provide personal data relating to third parties, they must ensure that such data has been obtained lawfully and that the relevant data subjects have been informed, where required, in accordance with applicable data protection laws. Users are responsible for ensuring that any third-party data they provide complies with applicable data protection requirements.

6. Data of Minors

SITUM will not process data from minors under 14 years of age. Therefore, the User must refrain from providing them if he or she is under that age or, if applicable, from providing data from third parties under that age. SITUM denies any liability due to failure to comply with this requirement by the User.

7. Commercial communications by electronic means

Where Users provide their explicit consent, for example by ticking the corresponding checkbox, SITUM may send commercial communications to the email address provided. The purposes of this particular processing are as follows:

  • Management the requested service.
  • Information by electronic means related to the application.
  • Commercial or events information.
  • Perform analysis and improvements in the delivery of emails, in order to improve commercial strategy.

Processing is based on the User’s consent. Personal data will be processed for these purposes until the User withdraws their consent. Users may unsubscribe at any time by using the link included in each communication.

8. Security measures we apply

SITUM has adopted an optimal level of information security, adopting the appropriate technical and organizational measures according to the state of technology to avoid the loss, misuse, alteration, unauthorized access or subtraction of Personal Data.

9. Communication to third parties

SITUM does not disclose personal data to third parties, except where necessary in the following cases:

  • Compliance with legal obligations
  • Requests from courts or competent authorities
  • Financial institutions, where necessary for the management of payments related to the services provided

SITUM may also share personal data with data processors or subprocessors acting on its behalf, to the extent necessary for the provision of the Services. Such providers are engaged under written agreements in accordance with Article 28 of the GDPR, ensuring an appropriate level of data protection. An updated list of subprocessors involved in the provision of the Services is available in Annex II of SITUM’s Master Subscription Agreement.

10. Data Processors and service providers

To provide our Services and run our day-to-day business, SITUM relies on a limited number of trusted providers that may process personal data on our behalf under written agreements compliant with Article 28 GDPR. The updated list of Sub-processors used for the provision of the Services is available in Annex II of our Master Subscription Agreement (https://situm.com/assets/docs/situm-masteragreement.pdf).

In addition, SITUM relies on certain service providers to support its internal operations. These providers may process personal data as data processors on behalf of SITUM, to the extent necessary for the provision of their services. These providers fall into the following categories:

  • Corporate email and productivity tools
  • Customer relationship management (CRM) and commercial communication platforms
  • Marketing, analytics and digital advertising providers
  • Customer support platforms
  • Project management and internal documentation tools
  • Design and technical processing tools (including graphic and CAD software)
  • AI-assisted productivity tools
  • Communication tools
  • Hosting and infrastructure providers
  • Website maintenance and development services
  • Social media platforms

All such providers also act as data processors under written agreements in accordance with Article 28 of the GDPR. Where these providers process personal data outside the European Economic Area, SITUM ensures that appropriate safeguards are in place in accordance with applicable data protection laws.

For further information regarding the service providers involved in the processing of personal data, Users may contact SITUM at dpo@situm.com

11. International Transfer of Personal Data.

Personal data about you may be transferred and processed on servers or computers located outside of the European Economic Area In such cases, SITUM ensures that appropriate safeguardsin place in accordance with applicable data protection laws, including the use of Standard Contractual Clauses approved by the European Commission or other legally recognised mechanisms.

12. Cookies

The Web uses Cookies, if you wish to know more about them, you can do so by accessing our Cookies Policy (https://situm.com/en/cookies).

13. Data retention

Personal data will be retained for as long as necessary to fulfil the purposes for which it was collected, including the provision of the Services and compliance with legal obligations. Where personal data is no longer required, it will be deleted or anonymised, unless retention is necessary for the establishment, exercise or defence of legal claims. Data may also be retained for the periods required by applicable law.

Situm informs you that, as a service provider of data hosting and in accordance to 34/2002 Law, from 11th july, of Information Society Services and E-commerce (LSSI), will retain for a maximum period of 12 months the essential information to identify the origin of the storage data and the starting date of the service provided. This retention aims to compliance with legal obligations which may arisen from the relationship with the User.

14. Modification and updates

SITUM may update this Privacy Policy from time to time to reflect changes in its processing activities or to comply with legal requirements. Where required, Users will be informed through appropriate means. We encourage Users to review this Privacy Policy periodically.

Subscribe to our newsletter

BASIC INFORMATION ON DATA PROTECTION

Data controller: SITUM TECHNOLOGIES, S.L.
Contact: Data controller: situm@situm.es
Responsible for protection: dpo@situm.es
Purpose and legal basis: To manage the sending of SITUM newsletters only with consent.
Legitimation: Express consent of the interested party.
Recipients: The data will not be passed on to third parties with the exception of legal obligations.
Retention period: As long as the interested party remains subscribed to the newsletter (a link to unsubscribe will be available in each newsletter sent by Situm).
Rights: The interested party may at any time revoke their consent, as well as exercise their rights of opposition, access, conservation, rectification, limitation, deletion of data and not be subject to a decision based only on automated data processing, by writing to SITUM at the addresses indicated.
Additional Information: You can consult additional and detailed information on Data Protection in our privacy policy.

Please, download your copy here

Thank you for downloading our whitepaper. Please do not hesitate to contact us if you would like to know more about how our solutions can help your business. Download whitepaper


Close window