LEGAL

Privacy policy

How we process your personal data

Última actualización: April 14, 2026

1. Data controller

The controller of your personal data is Kore Logic SL (CIF B90463662), with registered office at Plaza Magdalena, 9. Planta 3. 41001 Sevilla, Spain. You may contact our Data Protection Officer at dpo@iot.cards.

2. What data we collect

  • Identification and contact data: name, email, company, phone number, country — when you fill in a form or open a support ticket.
  • Commercial data: information about your IoT project, estimated number of devices, countries of deployment.
  • Technical data: IP address, browser, device, and navigation data collected via cookies (see the cookies policy).
  • Service data: for customers, SIM identifiers (ICCID, IMSI), usage records (CDRs), approximate geolocation, and invoicing data.

3. Purposes and legal basis

  • To respond to your enquiries — legal basis: your consent and pre-contractual measures (art. 6.1.a and 6.1.b GDPR).
  • To provide and invoice the contracted services — legal basis: performance of a contract (art. 6.1.b GDPR).
  • To comply with our legal obligations (tax, accounting, regulatory reporting) — legal basis: legal obligation (art. 6.1.c GDPR).
  • To send you commercial communications about similar products and services — legal basis: legitimate interest or your consent.
  • To analyse and improve the Website via cookies — legal basis: your consent.

4. Retention periods

Personal data is retained for as long as the commercial relationship is active and, after it ends, for the legal limitation periods applicable in each case (typically 5 years for contracts, 6 years for tax records).

5. Recipients and international transfers

Your data may be shared with technology providers that act as data processors on our behalf, including hosting providers, CRM tools, analytics platforms and our IoT connectivity partners (Telefónica Tech, Wireless Logic and melita.io) when strictly necessary to provide the service. Any international transfer outside the European Economic Area is carried out under the European Commission's Standard Contractual Clauses or an equivalent guarantee.

6. Your rights

You may exercise your rights of access, rectification, erasure, objection, restriction, and portability, as well as withdraw your consent at any time, by writing to dpo@iot.cards. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

7. Security

We apply appropriate technical and organisational measures to protect your data against unauthorised access, alteration, or destruction, including encryption in transit and at rest, strict access controls, and regular audits.