Privacy Policy

This Privacy Policy contains information about how BESEIF SOLUTIONS S.L. processes the personal data of users who use the services available on the website www.letsprow.com ('Platform') and aims to help you understand clearly and simply what type of information we collect, how we use it, how we protect it and what your rights are.

The data controller of your personal data is BESEIF SOLUTIONS S.L. (hereinafter, 'Prow' or 'we'), with VAT number ESB75167189 and address at C/ Elisabete Maiztegi 7, bajo A, 20014 San Sebastián (Spain). You can contact us at any time by writing to hello@letsprow.com. When you use Prow as a client, understood as the organization that contracts the service and/or the persons authorized by it to use the Platform, we process the data you provide us to manage your account, offer you access to the Platform and provide support. In this context, we act as data controllers. When you configure automations ('Workflows') that involve processing third-party data, we act as data processors, in accordance with Article 28 of Regulation (EU) 2016/679 (GDPR) and you are the data controller.

At Prow, we process your personal data solely for the purposes necessary to offer you our process automation service in a secure, efficient and personalized manner. Under no circumstances will we use your information for purposes unrelated to the service you have contracted.

Specifically, we use your data to:

• - Manage your account and provide you access to the Platform: So you can register, log in securely, configure your automations, check your history or modify your account information.
• - Provide technical support and personalized assistance: When you contact us about any incident or inquiry, we use your contact data to respond appropriately and help you as quickly as possible.
• - Issue invoices and manage payment for the service: We process your fiscal and banking information to handle payments and send you the corresponding invoices.
• - Ensure the security and proper functioning of the Platform: We analyze access logs, activity and technical data (such as IP address or system usage) to prevent errors, detect abnormal behaviors or abuses and improve the reliability of our services.
• - Analyze Platform usage for improvement purposes: We may study in aggregate and anonymously how Prow's functionalities are used to introduce improvements or adjust the experience to our clients real needs.
• - Properly process your automations: In the workflows you configure, we process the information you enter or transmit solely to technically execute the programmed tasks. We do not access the content beyond what is necessary to ensure everything works as you expect.
• - Send you important communications about your account or the service: Such as notifications about technical changes, maintenance or updates relevant to Platform use.
• - Send you commercial information: If you subscribe to our newsletter or accept receiving communications, we will use your email to keep you informed about news, improvements and content related to Prow. You can unsubscribe at any time.

We process your personal data based on the contractual relationship established when you register and use Prow's services, which allows us to manage your account, provide support, execute your automations and carry out invoicing. Additionally, some processing is based on our legitimate interest in ensuring Platform security, improving the service and maintaining operational communication with you. In cases where you voluntarily subscribe to our commercial communications, data processing is based on the consent you have given us, which you can revoke at any time.

At Prow, we process the personal data you provide when registering, using our services or communicating with us.

- When you register on the Platform, we request your name, surname, email address, phone number, company name, as well as the fiscal and banking information necessary for billing the service.

• - When you use Prow, we process technical information such as your IP address, access logs, device type and activity within the Platform to ensure proper operation, detect errors and improve security.
• - In the Workflows you configure, we process the data you decide to input or transmit between connected applications. These may include texts, identifiers, dates, emails, names or any other type of content. Although we technically store them as text strings, if they contain information that identifies a natural person, they are considered personal data under the GDPR.
• - If you contact us, for example, via contact forms or email, we will process the data you provide (such as your name and email) exclusively to respond to your inquiries or incidents.
• - If you subscribe to our newsletter or accept receiving communications, we will use your email to send you news, updates or relevant information about Prow. You can unsubscribe at any time.

In all cases, we process only the data strictly necessary for each purpose and in accordance with this Privacy Policy and the General Data Protection Regulation (GDPR).

In some cases, when creating your workflows or automations in Prow, you may decide to process information of third parties, such as users of your application, customers of your online store or subscribers to your newsletter. In these cases, you act as the data controller of those data and Prow as processor, following only your instructions. This means you must ensure you have a legal basis to process those data, whether it is consent from the data subject, a contractual obligation or any other legitimate cause provided for in the GDPR. Prow does not use this information for its own purposes nor shares it with third parties. We recommend you review what personal data you include in your workflows and always apply the principle of minimization: use only the data necessary for the specific purpose you are automating. If the data you manage are especially sensitive (such as information about health, sexual orientation, religious or ideological beliefs), it is essential to have a solid legal basis and adopt enhanced security measures. To protect both clients and data subjects, we reserve the right to suspend workflows or accounts that process data without sufficient legal basis, breach our Terms of Use or may imply misuse of the service.

We keep your personal data only for the time necessary to provide our services and comply with applicable legal obligations. Data associated with your account (such as registration, billing or general activity data) are maintained while your account is active and, once the service is canceled, for the periods established by tax, accounting or other legal obligations, after which they will be deleted or blocked according to current legislation. Regarding data processed in your automations (such as inputs and outputs of blocks), they are stored by default for a maximum of 90 days. This period allows consulting previous executions, resolving incidents or repeating flows if necessary. You can delete this data manually at any time from your account and in any case, it is automatically and permanently deleted once the period expires. Additionally, we keep aggregated metrics and anonymized technical logs (such as number of executions, usage per block or volume of processed data) for statistical, operational and service improvement purposes. These data do not contain personal information nor allow identification of users, so they may be retained indefinitely.

We do not proactively access or analyze the content that flows between the blocks of your automations. We store the inputs and outputs of each block only to ensure that the flows execute correctly and that you can consult them within the defined retention period. We commit to treating this information securely, temporarily and always following your instructions. You can delete it at any time from your account or request early deletion. If you use our API (public or private), the requests and responses are subject to this same privacy policy. All information exchanged via the API is treated with the same level of security, confidentiality and access limitation as data processed through the web interface.

At Prow, we do not sell or trade your personal data. We only share information with third parties when strictly necessary to provide you our services. This includes, for example, technical infrastructure providers, storage, payment systems or support. All our providers act as data processors and are subject to contracts that guarantee compliance with the GDPR, as well as confidentiality and security of the data they may process on our behalf. In some cases, these providers may be located outside the European Economic Area (EEA). When this occurs, we ensure that appropriate safeguards are applied, such as standard contractual clauses approved by the European Commission or membership in international data protection frameworks offering a level of security equivalent to that required by European regulations. In any case, we limit access to your data strictly to what is necessary for providers to fulfill their function and supervise that processing is carried out according to our policies and applicable legislation.

At Prow, we apply technical and organizational measures designed to protect your data against unauthorized access, accidental loss, unwanted modifications or any misuse. These measures include encryption of communications via HTTPS, encryption of data both in transit and at rest, secure authentication, role-based access controls, continuous system monitoring and periodic security audits. We use cloud infrastructure services from leading providers that comply with high security standards at European and international levels. Additionally, our Platform is designed under security-by-design and security-by-default principles, enabling us to proactively adapt to new threats and vulnerabilities. We work continuously to strengthen the protection of your information and ensure that the data you entrust us with remains secure at all times.

As an authorized user of Prow on behalf of the organization, you are responsible for the truthfulness, accuracy and lawfulness of the personal data you provide when registering or using the Platform, including those you enter or process in your automations. In particular, you must ensure you have a valid legal basis to process any personal data belonging to third parties (such as customers, employees or end users) and that they have been previously informed as established in the GDPR. If you input third-party personal data into your flows, you confirm that you have obtained their consent or that there is another legal basis that justifies its processing. Prow will process that information only according to your instructions and solely to technically execute the automations you configure. By registering, you guarantee that you are of legal age and have legal capacity to contract. We reserve the right to suspend accounts that do not meet this requirement. Although Prow adopts technical and organizational measures to protect your data, it is your responsibility to maintain the confidentiality of your access credentials and protect your account and devices against unauthorized use by third parties.

As an authorized user of Prow on behalf of the organization, you have the right to access your personal data, request its rectification if inaccurate or ask for its deletion when it is no longer necessary for the purposes for which it was collected. You may also object to the processing of your data, request that we limit its use in certain cases or ask for the portability of the data you have provided us to transfer them to another provider when technically feasible. You can exercise these rights at any time free of charge by writing to hello@letsprow.com, clearly indicating which right you wish to exercise. In some cases, we may request additional information to verify your identity and ensure that only you (or an authorized person) can exercise these rights. If you have a user account, you can also manage some of your information directly from your personal area. If you consider that the processing of your data does not comply with applicable regulations, you have the right to file a complaint with the Spanish Data Protection Agency (www.aepd.es) or with the supervisory authority corresponding to your country of residence.

Yes. We use strictly necessary technical cookies to guarantee the basic operation and security of the Platform. These cookies do not require your consent. We may also use analytical cookies to better understand Platform usage and improve your experience, as well as advertising cookies to show relevant and personalized content. These cookies will only be activated if you give your prior consent. You can consult more details in our Cookies Policy.

Yes, this privacy policy may be updated to reflect legal, technical or functional changes in our services or in the way we process personal data. We will publish any modification on this same page and, if changes are significant, notify you by email or through a notice within the Platform. The most recent version of the policy will always be available at https://letsprow.com/en/privacy-policy. Continued use of Prow after the changes take effect will imply acceptance of the new policy.