top of page


Date last updated: 14/Jul/2023

1. Introduction and GDPR Compliance

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation - GDPR), Bouncer Digital S.L., informs the users of the application: "BOUNCER" (hereinafter, the Application), about the processing of personal data, which they have voluntarily provided during the process of registration, access, and use of the service.


Bouncer Digital S.L., with CIF/NIF nº: B72926405 and address for notification purposes at: C/ Fernando Vi, 5º 2, C.P. 28004 - Madrid (Madrid) and registered in the Mercantile Registry of Madrid Volume 35.857, Folio 24, Section 8, Page M-644237, registration 1st, (hereinafter, the Data Controller), is the entity responsible for the processing of the data provided by the customers of the Application (hereinafter, the User/s).

2. Data Collection


2.1 Personal Information

To proceed with the registration, access and subsequent use of the Application, the User must provide -on a voluntary basis-, personal data essentially, identification, contact, images, and biometric data, which will be incorporated into automated media owned by Bouncer Digital S.L.

2.2 Collection and Usage of Facial Data

We collect biometric facial data in the form of 3D Face Maps solely for the purpose of identity verification as part of our Know Your Customer (KYC) process. This data allows us to confirm that the individual accessing the account is indeed the authorized user. The data is encrypted and securely stored, and is not used for any other purposes within our app.

3. Purpose of Data Processing

The collection, storage, modification, structuring and, where appropriate, elimination of the data provided by the Users, will constitute processing operations carried out by the Responsible, in order to ensure the proper functioning of the Application, maintain the relationship of service provision with the User, and for the management, administration, information, provision, and improvement of the service.

4. Legitimacy


The treatment of the User's data is carried out with the following legal bases that legitimize it:

  • The acceptance of the service of verification of data of legal age through the matching of biometric data and ID, a service offered by the Application to its customers, whose terms and conditions will be made available to the User in any case, in advance, for their express acceptance.

  • The free, specific, informed and unequivocal consent of the User, making this privacy policy available to him/her, which he/she must accept by means of a statement or a clear affirmative action, such as checking a box provided for this purpose.

  • In the event that the User does not provide Bouncer Digital S.L. their data, or does so erroneously or incompletely, it will not be possible to proceed with the use of the Application.

5. Conservation, Storage and Security of Personal Data

5.1 Conservation of Personal Data

The personal data provided by the User will be kept in the systems and databases of the Data Controller, as long as the User continues to use the Application, and provided that he/she does not request its deletion, for the legally established period and these will be kept with all those security measures necessary to ensure security, integrity, and confidentiality.

5.2 Storage and Security of Facial Data

Facial data is securely stored on our encrypted database, safeguarded by a combination of asymmetric RSA encryption and randomized AES-256 encryption. The data is not accessible to human operators as the processing is fully automated. We adhere to industry-standard security practices, including the regular rotation of encryption keys, to protect user data.

5.3 Other Storage and Security Provisions

In order to purge the possible responsibilities derived from the treatment, the data will be kept for a minimum period of five years.

6. Recipients and Data Retention

6.1 Retention and Deletion of Facial Data

We retain the collected 3D Face Map for the duration of the user's account activity as it is integral to the ongoing functionality of the account. If a user elects to delete their account, we comply by erasing all user-generated data, including the 3D Face Map. This process reflects our dedication to user privacy and control over personal information.

6.2 Other Recipients and Data Retention Provisions

The data will not be communicated to any third party outside Bouncer Digital S.L., except under legal obligation or in any case, upon request of the User's consent.


Bouncer Digital S.L., retains for a maximum period of 12 months the information necessary to identify the origin of the hosted data and the time at which the service was initiated.


The Data Controller takes the necessary measures to ensure the security, integrity, and confidentiality of the data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

7. Exercise of rights 

Bouncer Digital S.L., informs the User that he/she has the rights of access, rectification, limitation, deletion, opposition and portability, which may be exercised by request to the email:

Likewise, the User has the right to revoke the consent initially given, and to file claims of rights before the Spanish Data Protection Agency (AEPD).


In application of the LSSI (Law of Services of the Information Society), Bouncer Digital S.L., will not send advertising or promotional communications by email or other means of electronic communication equivalent that had not been previously requested or expressly authorized by the recipients thereof.

In the case of users with whom there is a previous contractual, legal or service relationship, the Data Controller is authorized to send commercial communications concerning products or services of the Data Controller that are similar to those that were initially contracted with the customer.

In the event that the User wishes to unsubscribe from receiving the aforementioned communications, he/she may do so by sending an e-mail to the following e-mail address:

bottom of page