Privacy Policy of NeexisRender S.L.
Last updated: April 2025

  1. Data Controller Identification

The data controller of personal data is NeexisRender S.L., with Tax ID (CIF) B75924027 and registered office at Calle Nueva 2, 2A, 20001 Donostia/San Sebastián, Gipuzkoa, Spain. Hereinafter we will refer to NeexisRender S.L. as “Neexis Render” or “the Company.”

Neexis Render acts in compliance with the applicable data-protection regulations. In particular, in accordance with EU Regulation 2016/679 of 27 April 2016 (General Data Protection Regulation, GDPR) and Organic Law 3/2018 of 5 December on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD), we provide the following clear information on how we process your personal data.

 

  1. Personal Data Collected

Neexis Render collects only the personal data necessary to provide and improve our services. The data we may request or generate when you use our platform include:

  • Identification data: name and email address. These data are collected when you create an account or register for our services. If you choose to register or log in via Google (or another external provider), we will obtain from that provider your name and associated email address for authentication purposes.
  • User content and images: any images or other files you upload to the platform, as well as images generated by our tools (e.g., AI image generator). Such content may constitute personal data if it allows you to be identified (for example, if images contain people or other personal information).
  • Usage data and electronic identifiers: technical information derived from your navigation of the application or website. This includes your device’s IP address, browser, operating system or device type, pages or sections visited, date and time of access, and other platform-usage data. We also use cookies and similar technologies that collect information on your interaction with our services (see the Cookies section below for details).
  • Payment data: information necessary to process your purchases or paid subscriptions. Neexis Render does not store your full payment-card details; such data are securely handled by our payment provider (Stripe). We may retain certain transaction data (e.g., amount, date, status, and, where applicable, the last four digits of your card) for billing, proof of payment, and fraud-prevention purposes.

 

  1. Purpose and Legal Basis for Processing

The personal data collected will be processed for specific, explicit and legitimate purposes, and will not be used in a manner incompatible with those purposes. Below we describe each purpose and the corresponding legal basis under the GDPR:

  • Provision of the service and account management.
    • Legal basis: Performance of a contract.
    • Use: Creating your user profile, enabling you to log in, generating and storing your images, and personalizing your experience.
  • Image and content processing.
    • Legal basis: Performance of a contract.
    • Use: Providing the core functionality of Neexis Render (e.g., processing your uploads, applying transformations, generating new content).
  • Payments and billing.
    • Legal bases: Performance of a contract, and compliance with legal obligations.
    • Use: Communicating payment data to Stripe to process payments, retaining proof of transactions for fiscal and accounting purposes.
  • User communications and support.
    • Legal bases: Performance of a contract and/or our legitimate interest.
    • Use: Sending service confirmations, important platform updates, support-ticket responses, or technical notifications.
  • Service improvement and analytics.
    • Legal basis: Our legitimate interest, and—where non-essential cookies are involved—your explicit consent.
    • Use: Aggregated statistical analysis of usage data (including cookie analytics) to optimize the platform’s performance, interface and security.
  • Marketing communications.
    • Legal basis: Your prior consent (or, for existing customers, possibly our legitimate interest under applicable digital-services law, while respecting your opt-out choices).
    • Use: Sending newsletters, product updates or promotions, with an unsubscribe link in every email and notification-settings controls in your account.
  • Security and fraud prevention.
    • Legal basis: Our legitimate interest.
    • Use: Monitoring IPs, device identifiers and activity logs to detect unauthorized access, malicious automation or policy violations.
  • Legal-obligation compliance.
    • Legal basis: Compliance with legal obligations.
    • Use: Retaining data to fulfill anti-fraud, tax, court or public-authority requirements.

Note: Should we later wish to process your personal data for any purpose not listed above, we will inform you in advance and, if required, obtain your consent.

 

  1. Third-Party Services Used

To provide our services efficiently and securely, Neexis Render relies on trusted third-party providers, acting either as data processors under our instructions or, in some cases, as joint controllers. The main services are:

  • Amazon Web Services (AWS): Cloud hosting and storage of user files (including uploaded and generated images). We choose EU-based data centers whenever possible and employ standard contractual clauses for transfers outside the EEA. For more details, see AWS’s Privacy Policy on their website.
  • Stripe (payment gateway): Secure payment processing. Payment-card data are transmitted directly to Stripe via encrypted connections; Neexis Render does not access full card numbers. Stripe complies with PCI-DSS and uses legal mechanisms to protect EU users’ data when transferring it internationally.
  • Google (authentication & analytics):
    • Google OAuth: Option to sign in with a Google account, granting us access to profile data you approve.
    • Google Analytics: Aggregated, anonymized usage statistics collected via cookies—only after your explicit consent.
  • Other providers: E-mail-delivery services, large-file storage, embedded modules, etc. We vet all vendors for GDPR compliance and ensure adequate safeguards for any transfers outside the EU.

All third parties process personal data only according to our instructions and for the purposes described above. We regularly audit and require them to maintain robust security measures.

 

  1. Minors

Our services are intended for users aged 18 or older. Users aged 14–17 may register only with verifiable parental or guardian consent. We do not knowingly process data of children under 14; if unauthorized accounts are detected, we will promptly delete them upon discovery or notice.

 

  1. User Rights

Under the GDPR you have the following rights regarding your personal data held by Neexis Render:

  • Right of access: Obtain a copy of the data we hold about you and information on processing.
  • Right to rectification: Correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): Request deletion when data are no longer needed, consent is withdrawn or processing is unlawful.
  • Right to restriction: Temporarily suspend processing in certain circumstances.
  • Right to portability: Receive your data in a structured, common format and transmit it to another controller.
  • Right to object: Oppose processing based on our legitimate interest or direct marketing at any time.
  • Right to withdraw consent: Revoke consent for cookies or marketing without affecting past processing.
  • Right not to be subject to automated decisions: We do not use solely automated decision-making with legal or similarly significant effects. If that changes, you will be informed and can request human intervention.

To exercise any right, contact us at [email protected]. We may request identity verification and will respond free of charge within one month (extendable by one further month for complex cases). You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at https://www.aepd.es, although we encourage you to contact us first for an amicable resolution.

 

  1. Data Retention Periods
  • Active users: We retain account data, content and preferences while your account is active.
  • Deleted accounts: Upon deletion, most personal data are erased or anonymized, except those required by law (e.g., tax records kept 4–6 years, security logs up to 12 months).
  • Legal holds: Certain data may be retained longer for legal compliance or dispute resolution, then permanently deleted when no longer required.

 

  1. Security Measures

We implement appropriate technical and organizational safeguards to protect data against unauthorized access, alteration, loss or destruction, including:

  • SSL/TLS encryption for data in transit.
  • Access controls and strong authentication for systems containing personal data.
  • Encrypted/pseudonymized storage for sensitive information (e.g., hashed passwords).
  • Firewalls, IDS/IPS and proactive monitoring.
  • Encrypted backups stored securely off-site.
  • Staff training and internal privacy/security policies.

In the unlikely event of a data breach affecting your rights, we will notify authorities and affected users within the legally mandated timeframe.

 

  1. Third-Party Links

Our platform may contain links to external sites. When you leave Neexis Render, this Privacy Policy no longer applies. We recommend reviewing each third party’s privacy policy, as their practices may differ.

 

  1. Account Deletion Procedure

You may delete your account at any time by:

  1. Via the platform: Go to your profile settings and select “Delete account,” confirming with your password.
  2. By email: Send a request to [email protected] with your username or email. We may ask for identity verification before processing.

Once confirmed, your account will be deactivated and data deleted as outlined above. If you return within the legal hold period, reinstatement may be possible; otherwise, you must create a new account.

 

  1. Cookies

Cookies are small text files stored on your device to facilitate site functionality, remember preferences or collect usage statistics.

  • Necessary cookies: Essential for core functions (session management, language preferences).
  • Preference cookies: Remember your interface and regional settings.
  • Analytical cookies: Collect aggregated, anonymous usage data (e.g., via Google Analytics) only after your explicit consent.
  • Advertising cookies: Not currently used; any future use will require your consent.

On first visit, a cookie-banner lets you accept or reject non-essential cookies. You can change your preferences anytime via the banner or browser settings. Rejecting all cookies may impair certain features.

 

  1. Contact

For any questions or requests regarding this Privacy Policy or your personal data, please write to:

Email: [email protected]

Our data-protection team will respond as soon as possible within the legally required deadlines. Please include identifying information (e.g., your account email) to help us process your request securely.

 

Neexis Render S.L. is committed to protecting your privacy and will inform you of any significant changes to this policy through our usual channels. Thank you for trusting Neexis Render.