Privacy Policy

Data controller

The data controller for personal data collected through this platform is:

Important: This policy applies only to data processed by RaX as a SaaS platform. End customer data is processed by each user company under their own responsibility.

Personal data we collect

During registration and service use

• First and last name
• Email address
• Contact phone
• Company data (name, tax ID, address)
• Position or role in the company
• Password (stored encrypted)

During platform use

• Access logs and platform activity
• User configurations and preferences
• Billing and payment data (processed by Stripe)
• Technical support communications
• Uploaded files (logos, documents, images)

Automatic technical data

• IP address and connection data
• Browser type and version
• Operating system
• Pages visited and time spent
• Technical and analytics cookies (see cookie policy)

Processing purposes

We process your personal data for the following purposes:

Service provision

• User account management and authentication
• Provision of RaX platform services
• Technical support and customer service
• Payment processing and billing
• Service communications (updates, maintenance)

Legal obligation compliance

• Keeping accounting and tax records
• Tax obligation compliance
• Response to judicial or administrative requirements
• Fraud prevention and illegal activities

Service improvement

• Usage analysis to improve the platform
• Development of new features
• Performance and availability measurement
• Anonymous statistical studies

Legal basis for processing

Data processing is based on:

• Contract execution: to provide contracted services
• Legitimate interest: to improve service and prevent fraud
• Legal obligation: to comply with tax and legal requirements
• Consent: for promotional communications (when applicable)

Retention period

We will retain your personal data for:

• Account data: while you maintain the account active
• Billing data: 6 years from issuance (legal obligation)
• Access logs: maximum 12 months
• Support data: up to 3 years after resolution
• Marketing data: until you withdraw consent

Data origin

We obtain personal data from the following sources:

• Directly from the user during registration
• Through platform use
• From authorized third parties (integrations)
• Publicly accessible sources (for business verification)

Data recipients

We may share your data with:

Service providers

• Stripe: payment processing
• Google Cloud/AWS: hosting and storage
• Email providers: service notifications
• Analytics tools: service improvement
• Technical support providers

Public authorities

When required by law, we will share data with tax, judicial or administrative authorities.

Commercial partners

With your express consent, we may share data with partners to offer additional services.

Important: We never sell or transfer personal data for commercial purposes without consent.

International transfers

Some of our providers are located outside the European Economic Area.

In these cases, we guarantee an adequate level of protection through:

• European Commission standard contractual clauses
• European Commission adequacy decisions
• Certifications like Privacy Shield (when applicable)
• Additional technical and organizational measures

Security measures

We implement technical and organizational measures to protect your data:

• Data encryption in transit and at rest
• Multi-factor authentication available
• Access based on least privilege principle
• Regular security audits
• Staff training in data protection
• Incident response plans

Your rights

As a data subject, you have the right to:

• Access: obtain information about your processed data
• Rectification: correct inaccurate or incomplete data
• Erasure: request deletion of your data
• Restriction: restrict certain processing
• Portability: receive your data in structured format
• Objection: object to certain processing
• Withdrawal of consent: when processing is based on consent

To exercise your rights, contact us at info@raxmobility.com

Cookies and similar technologies

We use cookies to improve your experience. See our Cookie Policy.

Minors

RaX is aimed at companies and professionals. We do not intentionally collect data from minors under 16 years old. If we detect minor data, we will delete it immediately.

Modifications to this policy

We may update this policy to reflect changes in our practices or applicable regulations.

We will notify you of significant changes by email or notice on the platform.

Continued use of the service after notification constitutes acceptance of the changes.

Supervisory authority

You have the right to file a complaint with the supervisory authority: