Privace Policy

At MIXIE we take privacy very seriously. Therefore, we want you to know that your personal data will be treated in accordance with the requirements and guarantees set out in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and in the Spanish regulations that develop it.

This Privacy Policy contains information on how we collect and process the personal data of people who create an account on our Platform and/or mobile application “Mixie Digital” and use our services. Through this Privacy Policy we want to help you clearly understand what kind of information we collect, what we use it for and what your rights are.

Capitalized terms in this Privacy Policy have the meaning ascribed to them in the Terms and Conditions that govern your use of our Platform and Services. You can consult our Terms and Conditions here.

Who is responsible for the processing of your data?

The entity responsible for the processing of your personal data is MIXIE DIGITAL, S.L. (“MIXIE” or “we” or “us”), a Spanish company with registered office at Calle Puio 12 – 3C, 20009 Donostia-San Sebastián (Spain), and with C.I.F. B01658152. If you have any questions, you can contact us at privacy@mixiedigital.com.

What personal data do we process?

As you will understand, in order to make use of our Platform and our Services or to be able to answer your queries, it is necessary that we request and process certain personal information. Generally, this information is provided to us by you when you create an account with MIXIE through our App or Platform or when you contact us with a query.

The personal data that we will request from you are those that in each case are necessary for us to provide you with our Services and/or allow you to use the functionalities enabled on our Platform. We will not ask you for personal data that are not adequate or relevant and we will indicate those that are mandatory.

Below, we show you some examples of the type of data we process:

  • Account information. To make use of our Services and/or access our Platform, you need to create an account by completing a registration form. To do so, we need you to provide us with certain personal information. The data we ask you for is different depending on whether you are a Visitor or whether you are creating an account on behalf of an Organizer, Company or Exhibitor. In the case of Visitors, the data consists of: first name, last name, position, company, industry, city, province/state, country, professional telephone number and e-mail address. In the case of companies (Organizer, Company or Exhibitor), we will only ask you for a name/surname, e-mail address and contact telephone number (in addition to the identification and fiscal data of the company in whose name you are creating the account: name or company name, industry, VAT number and complete address). In this second case, we only ask for your data as a contact person and interlocutor of the company in whose name you are creating the account.

Depending on the case, the registration and account creation process may be done directly on our App or Platform or through a third-party platform on which our Services may be available (for example, a trade show Organizer that has enabled our services on its own platform). In this case, the account will be created in MIXIE from the data associated with your account on such third-party platform (so that you do not have to enter the data manually again). In case we have enabled this system, you can also register and create an account with us through your LinkedIn user account, without the need to create a specific password on our Platform. In this case, we will obtain the email address and professional data associated with your account/profile on that platform. You should note that the data that such platform may share with us by linking your account with our Platform will depend on the configuration of your account on such platform and its privacy policies, which we recommend you to review.

By accessing our Services through a third-party platform, you understand and agree that the data provided for the creation of your account on the third-party platform will be used to register you as a User of our Platform. In any case, we may occasionally ask you to complete certain data that may be incomplete in your user account through which you access our Services and/or, for security reasons, we may require you to validate your e-mail and/or complete the registration process directly on our Platform so that you can access certain features (for example, to edit/consult data associated with your account), creating a specific password to access your account with us.

When you access our Services from a third party platform, which is independent from our Platform, you agree and should be aware that: (i) MIXIE is only responsible for the personal data provided by you to create an account on our Platform; (ii) that the processing of your personal data by such third party to whom you have provided your data will be governed by such third party’s own privacy policy; and (iii) that MIXIE is not responsible in any case for the treatment that such third parties outside MIXIE make with respect to the data that the User directly provides to such third parties (including the Organizers and Exhibitors, for example) as a result of the use or contracting of their services, applications or products or as a result of the direct relationships that the User enters into or maintains with such entities outside MIXIE.

  • Interaction data. This is the information we process as a result of the interactions you have with us (for example, when you contact us to make an inquiry or request assistance) or as a result of the use of our Services (for example, when you access Mixie Points). In these cases, along with the content of your inquiry or request, the personal information we process will typically consist of your name, your email address and sometimes your phone number (i.e., the information we need to deal with your inquiries through our support channels or to contact you to resolve any issues you bring to our attention). It also includes information that is collected in our systems when you use our Services or our Platform (for example, when you access a Mixie Point, the Promotional Content you view/download/share and the date/time you do so are associated with your user account).

  • Technical information. Whenever you access an application or website through the Internet, there is some technical data that is automatically created and recorded. The same happens when you use our Platform or App. Therefore, we may also automatically collect certain technical information when you access and/or use our Platform or App. This information may include technical data from your device or browser settings, such as IP address, type of device, browser or operating system you use, date/time of access to your account. This type of data is used primarily to administer and further the security of our computer systems, prevent unauthorized access to user accounts, ensure that our Platform functions properly, prevent fraudulent activities and manage potential technical incidents.

For what purposes do we process your data?

The purposes for which we will use your data will depend on the reason for which you have provided them in each case, the relationship you have with us and/or the services or functionality you use. Below, we show you the purposes for which we may use your data.

  • To give you access to the functionalities of our Platform, provide our Services and manage Mixie Points.

We use the account data to register you in our system, create and manage your account, allow you to access your account and make use of the associated functionalities, send you relevant notifications about your account and provide you with support and assistance when you need it. In the event that you are the contact person for an Organizer, Exhibitor or Company, we use your identification and contact details as the contact person and contact person to manage our relationship with the Organizer, Exhibitor or Company on whose behalf you create and use the account.

This purpose may include sending communications related to your user status, for example, for the following reasons:

  • To welcome you to the Platform.
  • To confirm and verify the email address with which you have registered on the Platform.
  • To recover your password.
  • To answer your queries and manage the services you have used through the Platform.
  • To inform you of changes to the Platform.
  • To teach you how to use the Platform correctly.
  • To send you a questionnaire to know your opinion and invite you to comment on your experience with our Platform.
  • To inform you how you can contact us if you need help.
  • To send you confirmations when you sign up for any of our paid services.

We also use the account data and interaction data generated from your use of our Platform to provide our Services properly and to enable you to use the features related to Mixie Points.

Mixie Points are primarily intended to streamline and facilitate the interaction between the Exhibitors/Companies that enable them and the Visitors who are interested in their products/news by accessing the Mixie Points enabled at their booths at Fairs or Private Exhibitions. Therefore, as an essential part of the service provided by MIXIE to its Users, when a Visitor scans a QR code enabled in a Mixie Point, we process your personal data to allow you to access the contents enabled by the respective Exhibitor or Company in the corresponding Mixie Point that you are voluntarily accessing by scanning the code. We share your data with the Exhibitor or Company with whose Mixie Point you have interacted, so that the latter can (i) know which Visitors have shown interest in consulting the Promotional Content that the Exhibitor or Company has made available; (ii) to contact the Visitor afterwards (given the interest that the Visitor has shown in knowing its products and novelties) in order to know its opinion about them and, if necessary, send additional information and/or initiate potential professional or commercial relationships, provided that the Visitor is interested in it. Likewise, we may also share the data of the Visitors who interact with the Mixie Points set up in a Fair with the Organizer so that it can evaluate the interest shown by the Visitors in the different Mixie Points set up in the Fair and be able to know their opinion about the organization and issues related to the Fair. The personal data that we share are those that the Visitor himself has provided when creating his account (identification and professional contact data), the Mixie Point with which he has interacted and the date of access to the Mixie Point.

  • To answer queries and provide assistance.

We use the information you provide when you contact us in order to respond to your inquiries, provide support and help you resolve issues appropriately. To do this, we may use your contact details and, where appropriate, we may need to use other information we have about you (your account details, technical information about your device or App/Platform usage data), if necessary to resolve technical issues affecting your account or our App/Platform.

  • To keep you informed about our news and services or about third party products or services.

Provided that you have authorized us to do so when registering and according to your preferences, we may use your contact information to keep you informed by e-mail about news, updates and new products and services that we believe may be of interest to you within the scope of our activity, as well as (provided that you have expressly consented) to send you commercial communications relating to Organizers, Exhibitors or Companies. You may stop receiving this type of communications at any time by clicking on the unsubscribe option that you will find in all our communications or by sending us an e-mail expressing your opposition.

  • To further the security of our systems, diagnose and resolve technical incidents, and analyze the use of our Platform and Services.

We may use the technical information generated by your use of our Platform and interaction data to help further the security of our systems, detect anomalous or potentially fraudulent usage patterns, diagnose and resolve technical issues, and perform maintenance. We may also use your account and interaction data to analyze and understand how our Platform and Services are used and, in this way, gather statistics that allow us to detect bugs, identify potential improvements, optimize their operation, develop new features and constantly improve our Services.

  • To comply with our legal obligations and to exercise or defend claims.

We may process and retain certain personal information (such as account and interaction data) to comply with the legal obligations to which we are subject in each case, as well as to maintain the necessary records for the exercise or defense of our rights against potential claims or requests that we may receive.

What is the legal basis for the processing of data?

When we collect and process your personal information, we do so because there is a legal basis that justifies and legitimizes the processing of the data. Therefore, our processing of your information will be based on one of the following reasons.

  • Because it is necessary to provide our services [art. 6.1.b) RGPD]. We need to process and share personal information as we have indicated in paragraph 1) and 2) of the previous section in order to provide our services and that Users can enjoy the functionalities of our Platform, as well as to answer queries and respond to requests we receive when Users voluntarily contact us. Otherwise, we could not adequately provide our Services in accordance with their purposes, or manage the relationship we have with you as a user of our Platform and our Services. In this regard, the way in which we share Visitors’ data with Organizers, Companies and/or Exhibitors is necessary to provide the Services related to Mixie Points. You should remember that our Services (particularly Mixie Points) are intended to digitally facilitate the interactions and contacts that have traditionally taken place through the exchange of business cards in the context of trade shows, conventions or trade visits to private company facilities or exhibitions.

Therefore, as a consubstantial part of such service, the use of Mixie Points necessarily entails the access of Organizers, Companies and/or Exhibitors, as appropriate, to the data of the Visitors who have interacted with their Mixie Points (given the explicit interest they have shown by being interested in their products and novelties) in order to know which Visitors have interacted with their Mixie Points and to be able to expand the information they have consulted and, where appropriate, initiate contacts or potential commercial or business relationships.

  • Because we have obtained your consent to do so [art. 6.1.a) RGPD]. The use of your data for the marketing purposes provided for in paragraph 3) of the previous section is based on the consent you give us by accepting the box specifically provided for this purpose during the registration process or through any action by which you actively request or authorize us to send you commercial communications. We will only send you commercial communications if you have marked that you wish to receive them and, in addition, you can stop receiving them at any time by clicking on the “unsubscribe” option that you will find in the e-mails we send you. When the processing of your data is based on your consent, you have the right to revoke it at any time by contacting us.

  • Because it is necessary to meet our legitimate interests [art. 6.1.f) GDPR]. Legitimate interest constitutes a legitimate basis provided that such interest in processing the data is within reasonable expectations based on the relationship you have with MIXIE as a user of our Services and our Platform. Therefore, in the cases provided for in paragraph 4) of the previous section, we consider that our interests in furthering the security of our systems, detecting anomalous usage patterns and avoiding misuse, diagnosing failures, performing maintenance work and analyzing how our Platform and Services are used to improve their performance and develop new functionalities, are legitimate, because this will allow us to be more efficient and help us to continue to maintain the highest levels of security and trust in the services we provide, adapting to the needs of our users and improving their experience in the use of our products and services. Likewise, with respect to what is indicated in paragraph 5), we have a legitimate interest in processing and retaining certain information that allows us to exercise the defense of our rights against potential claims or requirements. On the other hand, regarding the processing of your data for the purposes described in paragraph 3) of the previous section, in case you are our customer and you have contracted our Services at some point, we may process your data for such purposes (direct marketing about our own services) on the basis of our legitimate interest, since we have a reasonable interest in keeping our customers informed by e-mail about our news and services similar to those they have previously contracted from us. In any case, Users may reject at any time the reception of this type of communications by clicking on the option that they will find in all the communications that we send them by e-mail.

  • Because it is necessary to comply with legal obligations [art. 6.1.c) RGPD]. Sometimes the collection and processing of information may be justified because we need to do so in order to comply with legal obligations to which we are subject or to comply with certain regulations (e.g. tax and billing).

When and why is data shared?

If we share your data it will be because you have previously consented to it, because we are legally obliged to do so or because it is necessary to provide the Services in accordance with the purposes for which they are designed. If we share personal data, we will do so with the due guarantees and in compliance with current legislation, in the following cases.

  • So that our suppliers can help us manage our business. Like any other company, MIXIE needs to use external suppliers to provide us with various services in the context of our business and business activities (e.g., IT hosting, marketing campaign management, support for our customer service channels, auditors, consultants, etc.). In order to provide their services to us, our suppliers may have limited access to certain business information, which may include personal data of our customers. In such cases, our suppliers process personal data on our behalf and under our instructions, solely for the purpose of providing their services to us and with appropriate contractual safeguards. If we use suppliers located outside the European Economic Area and the data may be subject to international transfer, we ensure that they are located in countries for which the European authorities have declared that they offer guarantees equivalent to those of the European Union or, where appropriate, we subscribe to the standard contractual clauses approved by the European Commission.

  • To facilitate the interaction between Visitors, Organizers, Companies and Exhibitors as a result of the use of Mixie Points. Mixie Points are a data transfer tool that, through a QR code provided by MIXIE that Exhibitors or Companies, as appropriate, print/place on their stands at Fairs or Private Exhibitions where they exhibit and promote their products/services/new products, allows Visitors scanning the code to access through the App/Platform to the Exhibitors’ and Companies’ Promotional Content. The main purpose of the Mixie Points is: (i) that Exhibitors and Companies can publish and make available digitally Promotional Contents related to the products, services or novelties they exhibit and promote, so that Visitors scanning the QR code can quickly and easily access the information they are interested in through the App (and, if applicable, download them, share them, etc. ); (ii) that the Fair Organizer can gather general statistics on the operation and results of the Fair, analyze how Visitors have interacted with the Mixie Points set up at the Fair, know which companies/products have caused the most interest and gather the opinion of Visitors; and (iii) that Exhibitors and Companies may know how Visitors interact with the Mixie Points set up in their stands or Private Exhibitions and may communicate with the Visitors who have interacted with their Mixie Points in order to know their opinion about the products, services and novelties they have consulted and, if necessary, contact them to send additional information or establish potential professional/commercial relations, if the Visitor is interested in it.

Therefore, Visitors understand and accept that, as an inherent part of their own purpose, the use of the Mixie Points (i.e. the act of scanning the QR code enabled in a Mixie Point and showing interest in consulting the promotional contents enabled therein) implies that the Company or Exhibitor with whose Mixie Point they interact (as well as the Organizer of the Fair) will have access to their identification and professional contact data, taking into account the interest shown by the Visitor in accessing the Promotional Content made available through the Mixie Point he/she voluntarily decides to access. Upon receipt of the data, the Organizers, Companies and/or Exhibitors, as appropriate, become responsible for the processing of the Visitor’s data and, consequently, it is the Organizers, Companies and/or Exhibitors and Exhibitors (and not MXIE) themselves who are exclusively responsible for the processing of the Visitor’s data beyond the purposes described above and who will be responsible for the processing of the Visitor’s data, as data controllers, to inform the Visitor of their respective privacy policies and, if necessary, to obtain the Visitor’s consent to the processing of his/her data, in accordance with the requirements set forth in the applicable regulations on personal data protection.

  • To comply with legal obligations or to participate in corporate operations. We may from time to time share certain information with competent authorities (judges and courts or public administrations) when necessary to comply with our legal obligations or to comply with official requests from public authorities or agencies in the exercise of their powers or for the exercise of or defense against legal claims. Also, where we may be involved in mergers, business restructurings, asset transfers or similar corporate transactions, we may share certain information where necessary and reasonable in the context of the successful completion of the transaction in accordance with our legitimate interests.

If at any time we intend to use your personal information for any purpose that is not necessary to provide our services to you or is not in our legitimate interests or in compliance with our legal obligations and requires your consent, we will inform you of this and ask you to take some action that unambiguously demonstrates your consent (for example, by activating a particular setting in your user account or clicking an opt-in notice).

How long will we keep the data?

We will process personal data for as long as we need to do so in order to fulfill the purposes for which you have provided it to us, as described in this Privacy Policy. Thereafter, we will only retain personal data to the extent that we need to do so in order to comply with our legal obligations (for example, for billing or tax purposes) or for the formulation, exercise or defense of claims arising from your contractual relationship with us or from the processing carried out. In these cases, we will retain the data only for these purposes until our legal obligations or liabilities expire.

If you decide to close your user account with us (you can do so at any time from the personal area of your MIXIE account), we will cancel it within a reasonable period of time after verifying that there are no pending incidents or proceedings. Once your account is cancelled, we will stop processing your personal data and will only keep it for the purposes described in the previous paragraph until our legal obligations or responsibilities expire. We reserve the right to terminate your user account if it remains inactive for 12 months.

How do we protect data?

We take reasonable technical and organizational measures in accordance with industry standards to provide adequate protection and security of personal information from loss, misuse, unauthorized access or alteration. These security measures include diligent selection of our information storage providers, as well as a variety of other technical measures such as data encryption, the use of firewalls and access controls to our business information.

Although we strive to maintain the security of our systems, since no information system can be completely secure, you should be aware that no company can guarantee absolute security of your information. The security and protection of your personal information also depends on you. Therefore, it is the responsibility of each User to maintain the confidentiality and security of their passwords, account information and devices from unauthorized use by third parties.

What are your obligations?

When you complete the registration process or provide us with your data at any other time, you must provide us with lawful, truthful and updated data. MIXIE disclaims any liability for providing false, inaccurate or outdated information. You must refrain from providing us with personal data of third parties and, if you do so, you must previously and under your sole responsibility inform them of the points set out in this Privacy Policy and obtain their consent to do so. We will in no way be responsible for the possible consequences of your failure to do so.

What are your rights?

If we are processing your data, you may exercise your rights under current legislation at any time. These rights include the following possibilities:

Information. You have the right to be informed in a clear and transparent manner about how and for what purpose we use your personal information. For this reason, we offer you detailed and accurate information in this Privacy Policy.

Access and rectification. You have the right to request access to the personal information we hold about you, as well as the right to rectify your data if it is inaccurate or out of date. If you have a user account, you may do so from the personal area of your user account; otherwise, you may do so by contacting us.

Deletion. You may ask us to delete your personal information, for example, when it is no longer needed for the purposes for which it was collected, unless there is a legal obligation to retain it or there are no other legitimate reasons that require its retention.

Opposition. Under certain circumstances, you may object to our processing of your personal information for certain purposes or processing activities, even if we rely on a legitimate interest in doing so. In some cases and upon a case-by-case assessment, we may demonstrate that there are legitimate reasons that justify continuing to process your personal information.

Revoke your consent. When we use information on the basis of your consent, you may withdraw your consent at any time. For example, you can withdraw your consent to our use of your information for marketing purposes by clicking on the “unsubscribe” option found in all of our marketing communications. If you have a user account with us, you may also do so from the private area of your account. From that moment, we will stop sending you commercial communications. In any case, the lawfulness of the processing carried out up to that moment will not be affected.

Limitation. Under certain legally established circumstances, you may have the right to request that we limit the processing of your personal information, for example, when you question the accuracy of that information, in which case it may only be retained for the exercise or defense of claims.

Portability. You have the right to request the portability of your data for reuse. This right allows us to receive the personal data we have collected from you in a structured, commonly used, machine-readable format and, if technically feasible, to transmit it directly to another data controller that you specify.

To exercise your rights, you must send us a written communication to our postal or e-mail address, detailing your request and proving your identity by means of a copy of your ID card or equivalent official documentation. To do so, you can use the models and forms provided by the Spanish Data Protection Agency on its website www.aepd.es.

If you consider that we have not complied with the applicable regulations or have not attended to your rights, you have the right to file a complaint with the corresponding data protection authority (in Spain, the Spanish Data Protection Agency, www.aepd.es). In any case, we would appreciate it if you would first give us the opportunity to resolve any questions or complaints you may have.

Modifications

We may modify this Privacy Policy to adapt it to future regulatory changes, as a result of changes in the nature of our services or in case we change the way we treat personal information. In such an event, we will update the content of the Privacy Policy available on our website and, if the changes are significant, we will notify you of the changes more prominently by means of a notice on our website or by informing you by e-mail. In any case, if required by law, we will ask for your consent. The fact of continuing to actively use our services after we inform you of the changes will imply knowledge and acceptance of the modifications introduced. The processing of your data will be carried out in accordance with the current version of this Privacy Policy at all times.