1. Data Protection

Dijit informs the Client that their data and, where applicable, the contact details of the Client's representatives, will be treated in accordance with the following conditions, complying with European data protection legislation.

The law governing data protection in the European Union is the General Data Protection Regulation (GDPR), which came into force on May 25, 2018. This regulation provides individuals with greater control over their personal data and requires companies to be transparent about how they collect, store and use this data.

Dijit's Data Protection Officer can be contacted via email legal@dijit.app (indicating "Data Protection Officer" in the subject line).

For the management of the contractual relationship: The personal data of the natural persons involved in the signing and execution of this Contract in the name and representation and/or on behalf of each party, will be processed under the responsibility of the other party. These data will be used only for the conclusion, development, maintenance and control of the Contract, to comply with applicable laws or for any other processing that the Client authorizes during the contracting procedure.

Dijit may access any Customer data that Customer enters into the Software solely for technical maintenance, security, or compliance monitoring purposes.

Dijit will retain the personal data of the Client or those of contact (representatives of the Client) provided by the Client to the extent that they are necessary and relevant for the management of the Contract.

Once the Software Use License ends, the data will be processed to continue providing any service that the Client has contracted and that must be provided beyond the validity period of the Use License (for example, custody and preservation of invoices). . In the event that the Client renounces said service or opposes the processing, the data will be blocked and will be kept solely and exclusively to cover possible liabilities arising from the processing during the statute of limitations thereof (normally 5 years).

Dijit informs the Client that it does not make decisions based solely on automated data processing, beyond those strictly necessary for the conclusion or execution of the Contract between Dijit and the Client.

2. Information about the Software and its Services

Dijit informs the Client that, as part of the execution of the Contract, it is necessary to keep the Client informed about updates and news of the Software, as well as the conditions

 applicable for their management. By accepting this Agreement, the Client consents to receive these communications, which may have a commercial or promotional nature. However, these communications will always be related to the Services previously contracted by the Client with Dijit.

These informative communications are essential for the execution of the Contract and are intrinsically linked to the contracting of the Service. It is not possible to separate them from the execution of the Contract. Once the contractual relationship has ended, the Client may choose not to receive these informative communications, either by terminating the Contract or by sending a written request to Dijit (info@dijit.app).

Furthermore, once the contractual relationship has ended, the Client will have the option to opt out of receiving these communications in each communication they receive.

The data required for the formalization of the Contract are necessary for its fulfillment. If the Client decides not to provide any of this data, the contract may not be completed. Dijit undertakes to treat this data with the utmost confidentiality and in accordance with applicable data protection laws.

3. Data Communication by Dijit

3.1 National Data Transfer by Dijit

Dijit will only communicate its clients' data to the Tax Administration or any other Public Administration when it is legally obliged to do so.

3.2. International Data Transfers by Dijit

Dijit informs the Client that it has contracted the hosting service with a data center located in the European Union. All information that customers enter into the Software is stored on the servers in this data center. This data center acts as the processor of the data for which Dijit is responsible. Dijit informs the Client that this data center complies with the standards of the Privacy Shield Framework approved by the EU and the US. The Client authorizes Dijit to provide this data center with the information stored in the Software for the sole purpose of providing the service contracted by the Client to Dijit.

4. User Rights

The Client and their representatives have the right to access their personal data, rectify it, request its deletion, oppose its processing, request the limitation of its processing, request the portability of its data, as well as not to be subject to automated individual decisions. To exercise these rights, the Client or their representatives may send a written request, attaching a copy of their DNI/NIE, to the contact address provided in this document or to legal@dijit.app.

If the Client or its representatives consider that any of their data protection rights have been violated, they may file a complaint with the data protection supervisory authority. However, Dijit and its data protection officer are at the Customer's disposal to resolve any problem related to data protection.


5. Dijit as Data Processor

Dijit, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection regulations, assumes the role of "processor" when processing personal data on behalf of the Client. This occurs when the Client uses the Software and incorporates personal data of third parties, for which the Client is responsible.

As data processor, Dijit undertakes to:

  • Process personal data only for the correct execution of the Service.
  • Do not transfer data outside the Union

European Union or to a country that the European Commission considers does not guarantee a sufficient level of protection.

  • Implement high security standards to offer a high level of protection to our services.
  • Promptly notify any data security breach.
  • Help the Client meet its regulatory obligations by providing appropriate documentation about our services.
  • Ensure that all persons authorized to process personal data within the organization have agreed to respect confidentiality.
  • Delete all personal data once the provision of services has ended, as well as existing copies, unless current regulations require the conservation of personal data. In this case, the data will be kept securely and only to address potential liabilities.

5.1. Security measures

Dijit understands the importance of implementing appropriate security measures and is committed to maintaining the highest security standards, taking into account the state of the art, software costs, and the nature, scope, context and purposes of the processing. , as well as the risks to the rights and freedoms of natural persons. Therefore, Dijit applies appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

(i) Guarantee the confidentiality, integrity, availability and permanent resilience of data processing systems and services.

(ii) Restore availability and access to personal data quickly in the event of a physical or technical incident.

(iii) Carry out regular verifications, evaluations and assessments of the effectiveness of the technical and organizational measures implemented to ensure the security of data processing.

5.2. Responsibility for Personal Data Stored in the Software

The Client is solely responsible for the personal data stored in the Software. This includes any third party data that the Client may incorporate. The Client undertakes to process this data in accordance with current regulations on data protection and to hold Dijit harmless from any breach in this regard.

Dijit does not access or use this data, unless necessary for the execution of the Service and within its technical limitations. Any data processing carried out by Dijit in relation to the Client's data will be carried out within the framework of the provision of services, previously accepted by the Client when contracting the Service. In what cases does Dijit access the data stored in the Software?

Dijit will only access Customer data in the following circumstances:

1) To guarantee the correct execution of the service and improve Customer service. In these cases, access to the Client's data is carried out under strict permissions and security measures. For example, when Customer contacts Dijit support, we may need to access Customer's account information or, at Customer's express request, data stored in the Software to identify and resolve problems or assist Customer in use of the Software.

2) To provide the service when data processing is necessary for the optimal functioning of the service. Some of the services offered by Dijit within the Software require the processing of certain Customer data. For example, the service that allows the movements of the Client's bank accounts to be incorporated into the Software requires the automated and confidential use of the Client's credentials. This use must be activated and authorized by the Client, who determines its scope.

5.3. Tracking technologies

The Client can always consult dijit's cookie policy through the Site



6. Limitation of Liability of Dijit

The Software is provided "as is" and "as available", without express or implied warranties on the part of Dijit, including, but not limited to, warranties of merchantability, fitness for a particular purpose, compatibility with any system, freedom from defects, interruptions or security.

Dijit's liability for damages caused to the Client is subject to the following limitations:

(i) In no case will it exceed the amount charged by Dijit to the Client in the month prior to the date on which the damage occurred.

(ii) It will not include indirect damages, loss of profits, damage to reputation, claims by third parties for infringement of intellectual or industrial property rights, damages suffered by third parties, or loss of data.

(iii) It must refer to a damage or loss notified to Dijit by the Client expressly and in writing within two (2) months following the date on which it occurred and never later than two (2) months following termination of the Contract for any reason.

(iv) In the event of a claim by a third party for infringement of intellectual and industrial property rights over the Software, Dijit will not pay any compensation to the Client. However, Dijit undertakes to guarantee the Customer's right to continue using the Software and/or to modify it.

7. Notifications

All communications related to this Agreement must be made in writing, either by postal mail or email, to the following addresses:

Dijit Labs, SL

Calle Ponzano 39, 2ºi

28003, Madrid (Spain)


Client: the postal and electronic address provided to Dijit during the contracting process.

Any change in the notification address must be communicated to the other party in writing at least five (5) business days in advance.

8. Applicable Law and Jurisdiction

These General Conditions will be governed and interpreted in accordance with European law. For any controversy that may arise in relation to this Contract, the parties agree to submit to the jurisdiction of the courts of the city of Madrid, waiving any other jurisdiction that may apply to them.

Last update: September 1, 2023