Privacy Policy


Data Protection

Dijit hereby informs you that the Client's data and, where appropriate, the contact details of the Client's representatives will be processed in the following terms.

You can contact the Dijit Data Protection delegate by email (indicating in the subject "Delegate of data protection"). 

To manage the contractual relationship: The personal data of the natural persons involved in the signing and execution of this Contract in the name and representation and/or on behalf of each party, will be processed under the responsibility of the other party (and, where appropriate, will be included in the files of their respective ownership), only for the celebration, development and maintenance and control of the Contract, to carry out what the applicable laws protect or impose or for any other treatment that the Client authorizes during the contracting procedure.

Dijit may access any Customer data that Customer enters into the Software solely for technical maintenance, security, or compliance monitoring purposes.

 Dijit will keep the personal data of the Client or those of contact (representatives of the Client) provided by the Client to the extent that they are necessary and pertinent for the management of the Contract.

Once the Software Use License has ended, the data will be processed for the purpose of continuing to provide any services that, if applicable, the Client has contracted and that must be provided beyond the validity period of the Use License (eg custody and conservation of invoices). In the event that the Client renounces said service or opposes the treatment, the data will be blocked and will be kept solely and exclusively for the attention of possible responsibilities arising from the treatment during the limitation period of these (normally 5 years).

 Dijit informs you that it does not carry out decisions based solely on automated data processing, beyond those strictly necessary, where appropriate, for the conclusion or performance of the Contract between dijit and the Client.


About the information of the software and its services: Dijit informs the Client that, for the proper execution of the Contract, Dijit must periodically inform its Clients of the news in its Software, as well as the different applicable conditions for its management, the Client consenting at the time of contracting the reception, by different means, of these communications, even if they could be considered to be of a commercial or promotional nature. In any case, the communications sent by Dijit will be related to the Services previously contracted by the Client with Dijit. 

These informative communications are necessary for the execution of the Contract and are strictly linked to the contracting of the service, and it is not possible to separate them from the contractual execution. Once the relationship has ended, the Client may oppose the receipt of these informative communications, being able to do so at the end of the Contract or by writing to Dijit (

In addition, once the relationship has ended, the user will have, in any case, the opportunity to do so in each communication they receive. 

The data required for the formalization of the contract are necessary for its fulfillment. If you do not want to provide any of the data, contracting may not be possible.


Data communication from Dijit

Dijit will only communicate its clients' data to the Tax Administration or to any other Public Administration to the extent that it is obliged, by Law, to carry out said communication.


Data communications internationally from Dijit

Dijit informs the Client that he has contracted the hosting service with a data center, and that all the information that our clients incorporate in the data storage center or cloud is located on the servers of said data center in the Union Union, this entity meeting the status of data processor for which Dijit is responsible. In any case, Dijit informs the Client that it is a certified company that complies with the standards of the Privacy Shield Framework approved by the EU and the US. The Client authorizes Dijit to provide said data center with the information contained in in the cloud for the sole purpose of providing the service that the Client has contracted to Dijit.


user rights

The Client and their representatives have the right to exercise their rights by sending a document that identifies them (attaching a copy of their DNI/NIE) to: the address that appears in the Contact Information (of this document) to

In the event that, at any time, the Client or their representatives consider that any of their rights in terms of data protection has been violated, they may file a claim with the control authority in terms of data protection (Spanish Agency for the Protection of Data). In any case, Dijit and, in particular, its data protection officer will make itself available.


Responsibility of the contracting parties when providing personal data for the formalization of the Contract

Each of the parties undertakes that, prior to providing the other party with any personal data of any natural person involved in the execution of this Contract, they will have informed said natural person of the content of the provisions of the previous section and complied with any other requirements that may be applicable for the correct communication of your personal data to the receiving party, without the receiving party having to take any additional action against said affected party in terms of information or consent.

The Client shall be responsible for ensuring that, for the purposes of entering into and executing this Contract, only professional data of natural persons acting as representatives or selected users of the Client are provided to Dijit. Prior to providing the data to Dijit, the Client will inform these natural persons of the content of this clause and will adopt any other measures that are necessary so that Dijit is not forced to take any direct action with said person in terms of information. or consent.


Dijit as treatment manager

Dijit undertakes to comply with the obligations arising from the General Data Protection Regulation (RGPD) and, in general, from the applicable regulations on data protection. This commitment makes it possible for Clients to also comply with a part of their regulatory obligations.

Dijit is considered to assume the status of "processor" when it processes personal data on behalf of the data controller. This is the case when the Client uses the Software and incorporates into this personal data of third parties for which the Client is responsible. Dijit will only process the data incorporated into the Software on the Customer's instructions and on Customer's behalf. 

As data processor, Dijit undertakes to process personal data for the sole purpose of the correct execution of the service and not to transmit your data outside the European Union or to a country that the European Commission considers does not guarantee a sufficient level of protection. Dijit commits to these effects, implement high security standards in order to offer a high level of protection to our services, notify without undue delay any breach of data security, help you comply with your regulatory obligations by offering you adequate documentation about our services and guarantees that all persons authorized to process your personal data within the organization have agreed to respect confidentiality.

At the choice of the person in charge (the Client) it is obliged to delete all personal data once the provision of services ends, as well as existing copies unless it requires the conservation of personal data in application of current regulations, in which case they will be kept duly blocked and for the sole purpose of dealing with possible responsibilities. 

Customer is responsible for retaining a copy of all information embedded in the Software prior to unsubscribing from the Service.


Security measures

Dijit is aware of the importance of adopting adequate security measures, being a priority for this entity the adoption of the highest security measures taking into account the technical state, the costs of the software, the nature, the scope, the context and the purposes of treatment, as well as the risks of variable probability and severity for the rights and freedoms of natural persons. 

For this reason, dijit applies appropriate technical and organizational measures to guarantee a level of security appropriate to the risk, which includes, among others:

(i) The ability to guarantee the confidentiality, integrity, availability and permanent resilience of treatment systems and services.

(ii) The ability to quickly restore availability and access to personal data in the event of a physical or technical incident.

(iii) A process of regular verification, evaluation and assessment of the effectiveness of the technical and organizational measures to guarantee the security of the treatment.


Who is responsible for the personal data Customer stores in the Software?

The data hosted by the Client when using the Software through the site belongs to the Client and the Client is solely responsible for the treatment of third-party data, committing to treat third-party data in accordance with current regulations on protection of data and keeping Dijit harmless from any breach in this matter.

Dijit does not access or use such data, except as necessary in the framework of the execution of the Service and within the technical limitations of the latter. All the treatments carried out by Dijit in relation to the Client's data will be made within the framework of the provision of services, duly accepted by the Client when contracting the Service in this Contract and in the Terms and Conditions of Use. 


In what cases does dijit access the data stored in the Software?

Dijit could only access this data in the following cases:

1) To guarantee the correct execution of the service and improve customer service when the latter contacts Dijit support. In this case, access to customer data is regulated by specific permissions and specific control and security measures.

When the Client contacts dijit support, depending on the type of query, Dijit may need to access: (i) the information provided by the Client to create the account (name, surname, telephone, etc.); or/and (ii) at the Client's express request, may access data stored by the Client in the Software in order to identify the source of a problem or assist the Client in the use of an application within the Software.

2) To provide the service as long as the data processing is necessary for the optimal functioning of the service used by the Client within the framework of the use and optimization of the Software, as well as the improvements to be implemented at a technological level for the optimal operation of the document management software, document management, cost management or purchase management and other Dijit services or products.

The use of some of the services offered by Dijit within the Software necessarily entails the processing of certain data of the Client or holder of the subscriptions. This is the case, for example, of the service that makes it possible to incorporate the movements of the Client's bank accounts or the holder of the subscription (in the case of advisors) in the Software, which necessarily entails the automated use (and in a confidential manner) by part of the Software and on behalf of the Client, of his credentials (use that must be activated and therefore authorized by the Client and whose scope is determined in any case by the Client).

The privacy policy of Dijit Labs, Dijit and complies with international and European data protection regulations (GDPR). In addition, Dijit intends to inform users through this document, and as many other informative documents as necessary, of their rights and obligations regarding the privacy of their data, as well as explain the reasons for storing and using the data. 


Last update: October 11, 2022