Last Updated: February 20, 2026
Privacy Policy
This Privacy Policy explains how NARRATIO AI SOLUTIONS, S.L. (“Narratio”, “we”, “us”) collects and processes personal data when you visit our website, contact us, or use our services (SaaS and API). It is written to align with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and applicable EU/EEA privacy rules.
1. Introduction
Welcome to Narratio ("we," "our," "us"). Your privacy is important to us. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit our website [https://www.narratioai.es/] (the "Website"). By using the Website, you agree to the terms outlined in this Privacy Policy.
2. Information We Collect
A) Data you provide to us
Identity and contact details: name, surname, email, phone, company, job title.
Account and authentication data (if you create an account): username, role, access permissions, API credentials (keys/tokens), and related identifiers.
Communications: messages you send us (support requests, forms, emails), meeting notes, and attachments you choose to share.
B) Data collected automatically (website and service)
Usage and device data: IP address, approximate location (city/region), device type, browser, operating system, pages viewed, referral URLs, timestamps, and interactions.
Service logs and security data: access logs, authentication events, error logs, rate-limit events, and audit logs.
C) Customer Content (when you use the Service)
Depending on how the customer configures Narratio, Customer Content may include personal data inside documents, text, PDFs, images, tables, links, and other inputs submitted to the Service
3. How We Use Your Information
We only process personal data when we have a lawful basis under GDPR. Common purposes and bases include:
A) Provide and operate the Service (SaaS + API)
Purpose: account creation, authentication, authorization, service delivery, verification workflows, traceability logs, and customer administration.
Legal basis: performance of a contract (Art. 6(1)(b)) and/or legitimate interests (Art. 6(1)(f)).
B) Customer support and communications
Purpose: respond to requests, troubleshoot issues, provide onboarding, and communicate operational updates.
Legal basis: contract (Art. 6(1)(b)) and/or legitimate interests (Art. 6(1)(f)).
C) Security, fraud prevention, and abuse monitoring
Purpose: protect accounts, prevent misuse, enforce rate limits, detect suspicious activity, and maintain system integrity.
Legal basis: legitimate interests (Art. 6(1)(f)) and, where applicable, legal obligation (Art. 6(1)(c)).
D) Website analytics and performance (cookies/trackers)
Purpose: understand website performance, improve UX, and measure traffic.
Legal basis: consent for non-essential cookies/trackers (Art. 6(1)(a)) and/or legitimate interests for strictly necessary functionality (Art. 6(1)(f)). See Section 9.
E) Marketing (B2B)
Purpose: send product updates, newsletters, invitations, and relevant communications.
Legal basis: consent where required (Art. 6(1)(a)) or legitimate interests for B2B communications where permitted by applicable law (Art. 6(1)(f)). You can opt out at any time.
F) Legal compliance
Purpose: comply with tax, accounting, lawful requests, and other legal obligations.
Legal basis: legal obligation (Art. 6(1)(c)).
4. Sharing and Disclosure
We may share personal data with:
Service providers (processors): hosting/infrastructure, analytics, email delivery, customer support tools, security monitoring, and payment/billing providers.
Professional advisors: legal, audit, and accounting, where necessary.
Authorities: where required by law or to protect rights, safety, and security.
Corporate transactions: in connection with a merger, acquisition, restructuring, or sale of assets (with appropriate safeguards).
We do not sell personal data.
5. Cookies and Tracking Technologies
We use cookies and similar technologies on the Site. Some are strictly necessary for the website to function; others (e.g., analytics) require consent depending on your jurisdiction and configuration.
You can manage cookie preferences via our cookie banner/settings.
6. Data Security
We apply appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, loss, or disclosure. No method of transmission or storage is 100% secure, but we design controls proportionate to the risks of processing.
7. Termination
We reserve the right to terminate or suspend access to our Website or services at any time if a user violates these Terms of Service.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
Opt out of marketing communications.
Access, correct, or delete your personal information.
Restrict or object to data processing.
Request data portability. To exercise these rights, contact us at [your email address].
9. Third-Party Links
Our Website may contain links to third-party sites. We are not responsible for their privacy practices and encourage you to review their policies.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date.
