Privacy Policy

Our privacy policy

At Verázial we inform you clearly and transparently about how we collect and process your personal data through our website and its subdomains (the Website), in accordance with the General Data Protection Regulation (GDPR) and Law 3/2018, on Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD). If you browse the Website or use the Platform, as a User you are interested in knowing these regulations.

Responsible for the treatment of your personal data

VERAZIAL LABS, S.L., with CIF no. ES- B42979377 with address at street Pedro Duque, edificio 9B acceso oeste. – Universidad Politécnica de Valencia – Camino de Vera s/n – 46022 Valencia (Spain), is responsible for the processing of your personal data, collected through the Website. You can contact us by sending an email to .

Processing of your personal data

When?What for?Legal basisWhat type of data?
When you access and browse the WebsiteImprove your browsing experience through cookies, which you can consult in our Cookies PolicyArt. 6.1.a) RGPD: Express consentIP address, Geographical location, Navigation data on our website.
When you contact us through the WebsiteAttend and resolve your queries and maintain pre-contractual relationshipsArt. 6.1.a) y b) RGPD:, Express consent, Execution of pre-contractual servicesName and surname, Email, Company.

Period of conservation of your personal data

We will keep the personal data that you have provided us for the time strictly necessary to fulfill each of the intended purposes. Specificly:

Your browsing data on the Website or on social networks

We will keep the data collected through the use of cookies for a period of one year. After one year, when you access the Website again, we will ask for your consent to the use of cookies again. For more information, you can consult our Cookies Policy.

Your contact details

We will keep your contact information to answer your questions about our Services until you become one of our Clients. If you do not finally become a Verázial Customer, we will delete the data you gave us.

We do not share your personal data

We do not share your personal data, except to comply with legal obligations, respond to requests from judicial or administrative authorities, as well as from the State Security Forces and Bodies, if they ask us to do so.

Your rights in relation to the processing of your personal data.

As a User of the Verázial website, you have the right to:

  • Request access to your personal data;
  • Request the rectification or deletion of your personal data;
  • Request the limitation of the processing of your personal data;
  • Oppose the processing of your personal data;
  • Request the portability of your personal data;
  • Revoke the consent you gave us at any time.

You can exercise your rights by sending an email to , or a letter by mail to the address of Verázial including as subject “Exercise of Rights”. You can also file a claim with the Spanish Data Protection Agency on its website

Our Contract of Person in charge of the treatment:

The Client will act as Responsible for the treatment and Verázial as Manager in accordance with the following obligations:

Obligations of the Manager:

      1. Treat the data in accordance with the instructions of the Responsible, comply with the current personal data protection regulations that may be applicable in each case and adopt all the appropriate security measures.
      2. Keep, in writing, a record of all categories of treatment activities carried out on behalf of the Responsible.
      3. Not to communicate the data to third parties, unless you have the express authorization of the Responsible, unless such communication is necessary for the execution of the Services, that there is a legal obligation or for reasons of public interest.
      4. Not to subcontract any of the services that are part of the object of this Contract, except those that refer to the use of auxiliary services necessary for the operation of the Service in charge. In the latter case, the subcontractor, who is also in charge of the treatment, is also obliged to comply with these obligations and the instructions issued by the Responsible Party. It is the responsibility of the Manager to regulate the new relationship, so that the sub-manager is subject to the same conditions (instructions, obligations, security measures, etc.) and with the same formal requirements as him, with regard to the proper processing of personal data. and the guarantee of the rights of the affected persons. In the event of non-compliance by the sub-manager, the Manager will continue to be fully responsible to the Manager in relation to compliance with the aforementioned obligations.
      5. Maintain the duty of secrecy regarding the personal data to which you have had access by virtue of this Contract, even after its object ends.
      6. Guarantee that the persons authorized to process personal data undertake, expressly and in writing, to respect confidentiality and comply with the corresponding security measures, of which they must be properly informed, as well as guarantee their necessary training in matters of Data Protection.
      7. Assist the Responsible in responding to the exercise of rights by the interested parties. When the affected persons exercise their rights before the Person in Charge, the latter must immediately notify the Responsible Party.
      8. It is the responsibility of the Responsible to facilitate the right to information at the time of data collection.
      9. The Person in Charge will notify the Responsible Party, within a maximum period of 24 hours, of the violations of the security of the personal data in his charge of which he is aware, together with all the relevant information for the documentation and communication of the incident.
      10. Offer the Responsible party sufficient and appropriate guarantees in order to correctly apply the technical and organizational measures that allow meeting the requirements of current Spanish regulations and the GDPR, including the appropriate security measures.
      11. Treat the information or data that are provided with the appropriate security conditions that are relevant in each case in accordance with article 32 of the RGPD. The person in charge undertakes to comply, at all times, with the appropriate security measures according to the corresponding level of risk.
      12. Delete or return, at the option of the Controller, all personal data once the provision of treatment services has ended, and delete all existing copies unless the conservation of said data is required by virtue of an imperative rule.
      13. Make available to the Controller all the information necessary to show compliance with the obligations contracted here.

Obligations of the Responsible:

    1. Indicate to the Person in Charge the technical and organizational security measures required to comply with the obligation set forth in number 11.
    2. Collaborate with the Person in Charge in those obligations that require such collaboration.
    3. Make known to the Manager the results of the impact assessment carried out in relation to the data processing by the Controller.

Date of last update: 17/07/2023