Bigdata.com

Privacy Policy

Last updated on 17.06.2025

1. Introduction

Please carefully read this Privacy Policy, which is intended for users of the website Bigdata.com (hereinafter, the “Website”) and the Bigdata.com APP (hereinafter, the “APP”), prepared pursuant to Articles 13 and 14 of the General Data Protection Regulation No. 2016/679 (hereinafter, “GDPR”), where we provide you with details regarding the processing of your personal data.

This Privacy Policy applies to the Website, the APP and any other product, software, or service that hyperlinks to this Statement (collectively, our “Services”). It does not generally apply to individuals whose personal information forms part of the content included within our products, although you can find further information on that topic here. By navigating the Website and the APP, the user declares to be at least 14 years old pursuant to Article 8 of GDPR and Article 7 of the Ley Orgánica de Protección de Datos y garantía de los derechos digitales no. 3/2018 (hereinafter, “LOPDGDD”).

We are committed to protecting personal data by maintaining high standards of information security. To this end, we have implemented an Information Security Management System (hereinafter, “ISMS”) certified to ISO/IEC 27001, demonstrating our adherence to stringent requirements regarding security, availability, confidentiality, and data integrity. These certifications reflect our ongoing commitment to processing personal data securely and in compliance with applicable data protection laws.

2. Who is the data controller?

The data controller is RavePack International S.L.U. (hereinafter, the “Controller”, “Company”, “we” or “us”), with registered office in Centro Negocios Oasis, Local 8, Ctra Nacional 340, KM 176, Marbella, Malaga - 29602, Spain. The Controller can be contacted at the email address: legal@bigdata.com.

3. Who is the data protection officer?

The Controller has appointed a data protection officer (“DPO”), who can be reached for any information regarding the processing of personal data, at the email address: privacy@bigdata.com.

4. What kind of data will we process?

We collect your personal information as follow:

Account setup and administration

When you create an account on the APP, we collect certain personal data necessary to provide you with access to and use of our Services, in accordance with Article 6(1)(b) of the GDPR (performance of a contract). The data collected may include your full name, address, job title, company name, phone number, email address, account login credentials, payment card details, tax information, and transaction history (collectively referred to as "Account Information").

Usage personal information

When you use our Services, we may collect certain usage and technical data necessary for the operation, security, and maintenance of our systems. This processing is based on our legitimate interests in ensuring the functionality and improvement of our Services (Art. 6(1)(f) GDPR). This information may include:

  • Operational status and diagnostic data (e.g. software errors, bugs, crash reports);
  • Authentication logs and access records;
  • Performance metrics and usage analytics;
  • IP address and geographic location of access;
  • Browser type, device identifiers, and other technical details.

We may also collect aggregated and anonymized data related to how features are used, in order to analyze service performance and identify the most accessed or valued functionalities. Such data does not identify individuals and is used exclusively for service optimization and statistical purposes.

User Files

We may collect personal data when you contact us, submit feedback, or upload content to our Services. This may include documents, files, data, or other information you voluntarily provide through our Services. The legal basis for this processing is the performance of a contract (Art. 6(1)(b) GDPR).

Social media information

Our Services maintain an active presence on various social media platforms. When you interact with our content we may collect personal data either directly from you or receive it indirectly through the social media platforms, in accordance with the respective platform’s data-sharing policies. Please refer to the privacy policies of the respective platforms (e.g., LinkedIn, X. etc.) to understand how your data is handled by them.

Technical and device information

When you access the Website/APP, we automatically collect certain technical data transmitted by your browser or device. This includes your IP address, browser type and settings, date and time of access, operating system, device type, and unique identifiers. This processing is necessary to ensure the security, functionality, and performance of the Website/APP, and is based on our legitimate interest pursuant to Article 6(1)(f) GDPR.

Tracking Data

We use cookies, web beacons, pixels, and similar technologies to analyze how users interact with the Website/APP, enhance user experience, and deliver personalized content and advertising. To improve data accuracy, certain analytics scripts may be loaded via our own proxy servers, enabling functionality even when ad blockers are active. In accordance with Article 6(1)(a) GDPR, no tracking data will be collected or processed unless you have provided valid consent through our cookie management tools. For details regarding the processing of personal data connected to the operation of cookies installed on the Website/APP, please refer to the Cookie Policy available here.

5. Why are personal data processed and what is the legal basis for processing?

We process personal information for these service and business-related purposes.

Account setup and Customer support

  • Description: We use personal information such as your name, email address, phone number, and information about your device to set up and administer your account, provide technical and customer support and training, verify your identity, and send important account, subscription, and Service information.
  • Retention Period: Personal data are retained until the possible deletion of the account, and for a maximum of 12 months after account closure, unless a longer period is required for legal or contractual reasons.
  • Legal Basis: Performance of a contract to which the data subject is a party Article 6(1)(b) GDPR.

Legal obligations

  • Description: We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to prevent fraud, criminal activity, or misuse of Bigdata.com, (d) to enforce our terms and conditions; and (e) to protect our rights, privacy, safety, or property, or those of other persons.
  • Retention Period: Personal data is retained for a maximum period of 10 years, unless the applicable law provides otherwise.
  • Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR), and Legitimate interest (e.g. fraud prevention, enforcement of legal rights) (Article 6(1)(f) GDPR).

Direct Marketing

  • Description: We may process your personal data in order to send you newsletters, promotional communications, and updates about our products, services, events, and industry-related insights. For existing customers with whom we have an established contractual relationship, these communications will relate exclusively to services similar to those previously acquired, and aim to inform the client about product improvements, new service offerings, or relevant updates that may enhance the value and effectiveness of the services you already use. For new customers, marketing communications will only be sent based on your explicit consent, obtained through clear and specific checkboxes. You may unsubscribe at any time by following the link provided in each communication or by contacting us directly at legal@bigdata.com.
  • Retention Period: For customers whose data processing is based on Legitimate Interests, personal data will be retained only as long as necessary to fulfill the purpose of the processing and will be deleted or anonymized after no more than 12 months from your last interaction, unless otherwise required by law. For customers who have provided explicit consent, personal data will be retained until you withdraw your consent. In any case, data will not be kept for longer than 12 months from your last interaction (e.g., opening an email, clicking a link, or updating preferences). After this period, your data will be securely deleted or anonymized, unless further retention is required by applicable law.
  • Legal Basis: Legitimate interests for existing customers (data collected before May 2025), with appropriate safeguards such as the right to object (opt-out), pursuant to Article 6(1)(f) GDPR. A Legitimate Interests Assessment (LIA) has been conducted in compliance with Article 6(1)(f) GDPR, ensuring that appropriate safeguards are in place, including your right to object to the processing of your personal data at any time under Article 21 GDPR. Explicit consent for all new customers (data collected from June 2025 onwards), obtained via clear consent checkboxes, pursuant to Article 6(1)(a) GDPR and the requirements for valid consent under Article 7 GDPR. You may unsubscribe or withdraw your consent at any time by following the link provided in each communication or by contacting us directly.

Legal defense

  • Description: We process personal data to establish, exercise, or defend legal claims, and to manage disputes related to our services.
  • Retention Period: Personal data will be retained for the duration of the legal proceedings and for an additional period of 10 years thereafter, in accordance with applicable laws and regulations.
  • Legal Basis: Legitimate interest (e.g. fraud prevention, enforcement of legal rights) (Article 6(1)(f) GDPR).

Payments Management

  • Description: We process personal data to manage and execute payments related to our services or products, through the APP. This includes billing, invoicing, processing refunds, and managing payment-related communication with users or clients. The data processed may include identification and contact details, payment method information (e.g. IBAN, credit card, billing address), and transaction history.
  • Retention Period: Personal data will be retained for as long as necessary to fulfill the payment purpose and to comply with applicable financial and tax regulations. Specifically, payment and invoicing data is retained for a period of 10 years, in accordance with applicable accounting and tax laws.
  • Legal Basis: Performance of a contract (Article 6(1)(b) GDPR).

Client Segmentation and Product analysis

  • Description: Through the APP, we process personal data based on our legitimate interest (Art. 6(1)(f) GDPR) solely to enhance the user experience and improve the performance of our Services. This includes the use of pseudonymized and aggregated data to personalize the interface, detect technical issues (e.g., crashes or malfunctions), and optimize user interactions.
  • Retention Period: Personal data are retained for the duration of the user’s interaction with the Service and up to 12 months after the last activity, unless an objection is raised earlier. Users may object to this processing at any time under Article 21 GDPR by contacting us at legal@bigdata.com.
  • Legal Basis: Legitimate Interest (Art. 6(1)(f) GDPR). A Legitimate Interests Assessment (LIA) has been conducted in accordance with the requirements of the GDPR and the guidance provided by the European Data Protection Board (EDPB), confirming that this processing is necessary, proportionate, and does not override the rights and freedoms of the data subjects.

6. With whom my personal data are shared?

The Data may be shared, for the purposes referred to in point 5 above, with the following Recipients:

  • subjects who typically act as data processors, such as: (i) companies in charge of the development and supply of IT applications, instrumental to the provision of services; (ii) subjects delegated to carry out technical maintenance activities; (iii) other companies of the Controller and/or distributors, involved in the maintenance and assistance activities provided by the Company to the user; (iv) persons, companies or professional firms that provide assistance and advice to Controller in accounting, administrative, legal, tax and financial matters.
  • subjects, bodies or authorities to whom it is mandatory to communicate the Data by virtue of the provisions of law or orders of the authorities, or to prevent and/or identify any fraudulent activities or abuses in the use of the Website/APP and the services offered by the Controller.
  • companies that provide services and/organize events in partnership with the Company.

7. Who is authorized to process the data?

The Data may be processed by the Company’s staff and operators appointed to pursue the aforementioned purposes, who have been expressly authorized for processing by the Controller, have received appropriate operating instructions and are bound by professional secrecy.

8. Where do we process personal data?

Personal data are processed at the headquarters of the Controller, as well as in the service that hosts the Platform. The Controller ensures that when using cloud providers established outside the EEA, the processing of personal data by these recipients is carried out in accordance with applicable law. Transfers shall be carried out by means of appropriate safeguards, such as adequacy decisions,standard contractual clauses approved by the European Commission or other safeguards provided for in the GDPR.

9. Which rights do data subjects have?

The User may exercise all the rights provided for by Articles 15-21 of EU Reg. no. 679/2016, at any time and without unjustified limitations, by contacting the Controller at legal@bigdata.com.Requests shall be filed free of charge and processed by the Controller within 30 days. Specifically,the User can:

  • Obtain confirmation that processing is underway (Art.15);
  • Obtain the rectification of inaccurate or incomplete data (Art. 16);
  • Obtain the deletion of data without undue delay (Art. 17);
  • Limit the processing to only part of the personal data (Art. 18);
  • Receive a copy of the personal data in the possession of the data controller, in a commonly used and machine-readable format; obtain unhindered transfer to another Controller (Art. 20);
  • Object to the processing of your personal data at any time. (Art. 21);
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use of a disclosure of your personal information, please submit to legal@bigdata.com.

10. Right to Object to Direct Marketing

In accordance with Article 21 of the GDPR, you have the right to object at any time to the processing of your personal data for direct marketing purposes. If you no longer wish to receive marketing communications from us, you may exercise your right to opt out by clicking the unsubscribe link provided in each communication or by contacting us directly at legal@bigdata.com. Upon receiving your request, we will promptly cease processing your data for direct marketing purposes.

11. How do we process personal data?

The processing is carried out using IT and/or manual tools designed to guarantee the appropriate security measures to prevent access, disclosure, loss, incorrect, unlawful or unauthorised use of the data.

12. Changes

The Controller reserves the right to modify and update the following Privacy Policy following any new provision of national or European law on the protection of personal data.

shape black right
shape black right