I. PRIVACY POLICY AND DATA PROTECTION

In compliance with the current legislation, neurabBlu AI (hereinafter also referred to as the Website) undertakes to adopt the necessary technical and organizational measures appropriate to the level of security and the risk of the collected data.

Laws incorporated into this privacy policy

This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the Internet. Specifically, it complies with the following legal frameworks:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
• Organic Law 3/2018 of 5 December 2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
• Royal Decree 1720/2007 of 21 December 2007, approving the Regulation for the development of Organic Law 15/1999 of 13 December 1999 on the Protection of Personal Data (RDLOPD).
• Law 34/2002 of 11 July 2002 on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the data controller

The controller of the personal data collected on neurabBlu AI is: NEURABLU AI S.L., holder of tax ID (CIF): B22825418, registered in: Mercantile Registry of Málaga, whose representative is: (hereinafter, the Data Controller). Contact details:

Address: Calle Guzman el Bueno 10, 29018 Málaga

Contact phone: +34 951 774 406

Email: support@neurablu.ai

Registration of personal data

In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected by neurabBlu AI through the forms on its pages will be incorporated and processed in our database in order to facilitate, manage, and fulfil the commitments established between neurabBlu AI and the User, or to maintain the relationship established through such forms, or to respond to requests or inquiries. Likewise, according to the GDPR and the LOPD-GDD, unless exempted under Article 30.5 of the GDPR, a record of processing activities is maintained, specifying the purposes, categories, and other details established in the Regulation.

Principles applicable to personal data processing

The processing of the User’s personal data shall be subject to the following principles set out in Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018:

• Lawfulness, fairness, and transparency: Consent will always be required following full and transparent information about the purposes for which data are collected.
• Purpose limitation: Personal data shall be collected for specific, explicit, and legitimate purposes.
• Data minimization: Only data strictly necessary for the purposes will be collected.
• Accuracy: Personal data must be accurate and kept up to date.
• Storage limitation: Data will be kept only as long as necessary to fulfil processing purposes.
• Integrity and confidentiality: Data will be processed securely and confidentially.
• Accountability: The Controller shall be responsible for compliance with all the above principles.

Categories of personal data

The categories of data processed by neurabBlu AI are limited to identifying data only. No special categories of personal data, as defined in Article 9 of the GDPR, are processed.

The categories of data processed by neurabBlu AI include both identifying data and special categories of personal data within the meaning of Article 9 of the GDPR.

Legal basis for data processing

The legal basis for processing personal data is consent. neurabBlu AI undertakes to obtain the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes.

The User has the right to withdraw consent at any time. Withdrawal of consent shall be as easy as granting it. As a general rule, withdrawal of consent shall not affect the lawful use of the Website.

When the User must or may provide their data via forms to make inquiries, request information, or for reasons related to the Website’s content, it will be indicated if completion of any field is mandatory as such data are essential for the proper management of the request.

Purposes of personal data processing

Personal data are collected and managed by neurabBlu AI for the purpose of facilitating, expediting, and fulfilling the commitments established between the Website and the User, or maintaining the relationship established through the forms filled out by the User, or to respond to a request or inquiry.

Likewise, data may be used for commercial, personalization, operational, and statistical purposes, and for activities related to the corporate purpose of neurabBlu AI, as well as for data extraction, storage, and marketing studies to adapt content offered to the User and improve the quality, functionality, and navigation of the Website.

When personal data are obtained, the User will be informed of the specific purpose(s) for which the data will be processed — i.e., how the collected information will be used.

Personal data retention periods

Personal data will only be retained for the minimum period necessary for the purposes of their processing, and, in any case, only for the following duration: none, or until the User requests their deletion.

When personal data are obtained, the User will be informed about the period for which the data will be stored, or, when that is not possible, the criteria used to determine this period.

Recipients of personal data

The User’s personal data will not be shared with third parties.

In any case, at the time of data collection, the User will be informed of the recipients or categories of recipients of their personal data.

The User’s personal data will be shared with the following recipients or categories of recipients:

If the Data Controller intends to transfer personal data to a third country or international organization, the User will be informed at the time of data collection of the third country or organization and of the existence or absence of an adequacy decision by the European Commission.

Personal data of minors

In accordance with Articles 8 of the GDPR and 7 of the Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights, only individuals over the age of 14 may lawfully consent to the processing of their personal data by neurabBlu AI. In the case of minors under 14 years of age, parental or guardian consent will be required, and processing will only be considered lawful to the extent that such consent has been granted.

Confidentiality and security of personal data

neurabBlu AI undertakes to adopt the necessary technical and organizational measures appropriate to the level of security and the risk of the collected data, ensuring the protection of personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

The Website uses an SSL (Secure Socket Layer) certificate, ensuring that personal data are transmitted securely and confidentially, as all data exchanges between the server and the User are fully encrypted.

However, since neurabBlu AI cannot guarantee the absolute invulnerability of the Internet nor the total absence of hackers or others who might fraudulently access personal data, the Data Controller undertakes to notify the User without undue delay of any data breach likely to result in a high risk to the rights and freedoms of natural persons. In accordance with Article 4 of the GDPR, a personal data breach means any security incident leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.

Personal data shall be treated as confidential by the Data Controller, who undertakes to ensure — by legal or contractual obligation — that confidentiality is respected by employees, partners, and anyone with access to the information.

Rights arising from the processing of personal data

The User has, over neurabBlu AI, and may therefore exercise against the Data Controller, the following rights recognized in the GDPR and in Organic Law 3/2018 of December 5 on the Protection of Personal Data and Guarantee of Digital Rights:

• Right of access: The User has the right to obtain confirmation as to whether neurabBlu AI is processing their personal data, and if so, to access specific information regarding their personal data and the processing carried out by neurabBlu AI, including the origin of the data and the recipients of any disclosures made or planned.
• Right to rectification: The User has the right to have inaccurate personal data corrected, or completed if incomplete, taking into account the purposes of the processing.
• Right to erasure ("right to be forgotten"): The User has the right, unless otherwise provided by current legislation, to obtain the erasure of their personal data when such data are no longer necessary for the purposes for which they were collected or processed; when the User withdraws consent and no other legal basis applies; when the User objects to the processing and no overriding legitimate grounds exist; when the data have been processed unlawfully; when data must be erased to comply with a legal obligation; or when personal data were obtained as a result of a direct offer of information society services to a minor under 14 years of age. In addition to deletion, the Data Controller shall, considering available technology and the cost of implementation, take reasonable steps to inform controllers processing the personal data of the User’s request to erase any links to or copies of those personal data.
• Right to restriction of processing: The User has the right to restrict processing of their personal data when contesting their accuracy, when processing is unlawful but the User opposes erasure, when the Controller no longer needs the data but the User requires them for legal claims, or when the User has objected to processing pending verification of legitimate grounds.
• Right to data portability: When processing is carried out by automated means, the User has the right to receive their personal data from the Controller in a structured, commonly used, and machine-readable format, and to transmit them to another controller. Whenever technically feasible, the Controller shall directly transmit the data to the new controller.
• Right to object: The User has the right to object to the processing of their personal data or to request that neurabBlu AI cease processing them.
• Right not to be subject to automated individual decision-making, including profiling: The User has the right not to be subject to a decision based solely on automated processing, including profiling, unless otherwise provided by law.

The User may therefore exercise their rights by submitting a written communication to the Data Controller with the reference “GDPR–www.neurablu.ai”, specifying:

• Full name of the User and a copy of their ID card or equivalent document. In cases where representation is accepted, identification of both the represented and the representative, along with proof of representation, is also required.
• The specific request detailing the reasons or information being requested.
• Address for notification purposes.
• Date and signature of the applicant.
• Any supporting document that justifies the request.

This request and any attached documentation may be sent to the following postal address and/or email:

Postal address: Calle Guzman el Bueno 10, 29018 Málaga

Email: support@neurablu.ai

Links to third-party websites

The Website may contain hyperlinks or links that provide access to third-party web pages that are independent of neurabBlu AI, and therefore are not operated by neurabBlu AI. The owners of such websites are responsible for their own data protection policies, files, and privacy practices.

Complaints before the supervisory authority

If the User believes that there is a problem or a breach of the applicable data protection regulations in the way their personal data are being processed, they have the right to effective judicial protection and to file a complaint before a supervisory authority, particularly in the Member State where they have their habitual residence, place of work, or where the alleged infringement took place. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (Agencia Española de Protección de Datos) — https://www.aepd.es/.

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

It is necessary that the User has read and agrees with the conditions regarding the protection of personal data contained in this Privacy Policy, and that they give their consent for the processing of their personal data so that the Data Controller may proceed in accordance with the form, time limits, and purposes indicated. Use of the Website implies acceptance of this Privacy Policy.

neurabBlu AI reserves the right to modify its Privacy Policy according to its own criteria, or due to legislative, jurisprudential, or doctrinal changes made by the Spanish Data Protection Agency. Any changes or updates to this Privacy Policy will not be explicitly communicated to the User. Users are therefore advised to check this page periodically in order to remain informed of the latest updates or modifications.

This Privacy Policy has been updated to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), and with Organic Law 3/2018 of 5 December 2018 on the Protection of Personal Data and Guarantee of Digital Rights.

This website privacy policy document was created using the free online privacy policy generator on 09/10/2025.