Skip to content
    Informational translation. The binding version is the Spanish text below, governed by Spanish law. .

    § Privacy

    Last updated

    May 2026

    Privacy Policy

    Layer 1 – Application

    NaviLens Tech SL (NaviLens) will process your personal data for the purpose of providing the requested service, ensuring the proper functioning of the application, and managing your preferences and communications. You may exercise your rights of access, rectification, erasure and portability of your data, restriction of and objection to its processing, as well as not to be subject to decisions based solely on the automated processing of your data, where applicable, by writing to dpd@navilens.com.

    Measurement and advertising tools on the website

    In addition to the providers listed above, on www.navilens.com we use the following third-party tools, all of which are activated only after the user's prior consent via the cookie banner (except for strictly necessary ones). Technical details about the associated cookies, their duration and how to disable them are available in the Cookie Policy.

    • Google Analytics 4 (Google Ireland Ltd. / Google LLC, USA) — Web analytics. Legal basis: consent. International transfer covered by Standard Contractual Clauses and the EU-U.S. Data Privacy Framework.
    • Microsoft Clarity (Microsoft Ireland Operations Ltd. / Microsoft Corporation, USA) — Behavioural analytics (heatmaps and session replay, with sensitive content masking). Legal basis: consent. International transfer covered by Standard Contractual Clauses and the EU-U.S. Data Privacy Framework.
    • Google Ads / Google Marketing Platform (Google Ireland Ltd. / Google LLC, USA) — Ad campaign measurement and remarketing. Legal basis: consent. International transfer covered by Standard Contractual Clauses and the EU-U.S. Data Privacy Framework.
    • LinkedIn Insight Tag (LinkedIn Ireland Unlimited Company / LinkedIn Corporation, USA) — Campaign measurement and advertising audiences. Legal basis: consent. International transfer covered by Standard Contractual Clauses.
    • You may withdraw your consent at any time via the “Cookie preferences” link in the site footer or exercise your rights by writing to dpd@navilens.com.

    COPPA Notice

    This application may collect data from children under 13 residing in the United States only under the legal exception of support for internal operations (functionality and security). Any change affecting that exception will require verifiable parental consent in accordance with COPPA.

    We recommend that you read the privacy policy and the terms of use before providing us with your personal data.

    Layer 2

    NaviLens Tech SL (NaviLens) hereby informs you of its privacy policy applied to personal data. Use of the website does not require the user to provide any information regarding their identity, nor can it be associated by the company with a specific user. Should personal data be provided, such data will be collected and used in accordance with the limitations and rights set out in the applicable regulations.

    • Who is responsible for the processing of your data?
    • What type of data do we process?
    • For what purpose do we process your personal data?
    • What is the lawful basis for processing your data?
    • How long will we keep your data?
    • Will we share your data with third parties?
    • What are your rights when you provide us with your data?
    • Changes to the privacy policy.
    • Information about cookies.

    Who is responsible for the processing of your data?

    Data controller: NaviLens Tech SL (dba NaviLens)

    • Tax ID (CIF): B73351520
    • Postal address: Calle Central nº 10, Edificio Azor, Planta 4ª, 30100 Espinardo (Murcia), Spain
    • Email: info@navilens.com
    • Data Protection Officer: dpd@navilens.com

    What type of data do we process?

    NaviLens collects the following information:

    1. Data collected to provide the service

    • Content presentation preferences selected by the user (accessible route, pictograms, etc.)
    • Date and time when a marker has been read by a device
    • Identifier code of the marker read
    • App installation identifier (random identifier not related to the device)
    • User email if previously provided
    • Device brand and model and operating system version
    • Language configured in the app
    • App version
    • Network operator data

    2. Technical infrastructure data (internal operations)

    IP address: The IP address is recorded exclusively at the system infrastructure layer and is used only for:

    • Forensic analysis and internal security audit when legally required
    • Monitoring the functioning of the platform and detecting possible attacks or security anomalies
    • Updating security rules and protecting the integrity of the service

    It is not used for:

    • User behavior analysis
    • Individual user profiling or identification
    • Personalized or behavioral advertising

    Access to this information is restricted to technical system administrators only, and cannot be consulted, exported or used by application administrators or third parties.

    3. Device access permissions

    The application requests the following permissions:

    • Camera: required to read the marker. All image processing is performed on the device itself; this information is not sent to NaviLens servers or any third party.
    • Push notifications: in certain integrations.

    4. Contact data

    If you contact us to send queries, questions or suggestions, NaviLens will also access your identifying data (e.g.: first name, last name, language, country from which you interact with us, contact details, etc.).

    Important information

    Please remember that, when we ask you to fill in your personal data to give you access to a feature or service of the app, we will mark some fields as mandatory because they are data we need to provide the service or feature. Please note that, if you choose not to provide such data, you may not be able to complete your user registration or enjoy those services or features.

    For what purpose do we process your personal data?

    Depending on how you interact with our website, we will process your personal data for the following purposes:

    Handling requests or queries through the various means available on our website.

    We only process the personal data strictly necessary to manage or resolve your request or query.

    Reading markers

    At NaviLens we use the data you provide to help you obtain information from your surroundings by reading digital markers — signage of spaces and guidance and access to information.

    We only process the personal data strictly necessary to manage or resolve your request or query.

    Sending notifications

    To the extent necessary for the functioning or updating of the application.

    Sharing your tags

    If you wish to share your tags with third parties, the personal data you enter will be used for this purpose. Only in this case will your tag data be stored on NaviLens servers for this sole purpose.

    Social media management

    If you follow or contact us through the different social networks where we are present, we will process the data you provide through them for the sole purpose of responding to your messages or comments and managing our contact list.

    Maintenance and security of the technical infrastructure (technical data)

    The IP address and other technical infrastructure data are processed solely to guarantee the functioning, security and integrity of the platform, including:

    • Maintaining the proper functioning of the application
    • Detecting and preventing attacks or security anomalies
    • Forensic analysis and internal audit when legally required
    • Updating security rules

    These technical data are not used for behavioral analysis, user profiling, nor disclosed to third parties for other purposes.

    Usability and quality analysis to improve our services (Cookies)

    If you access our Platform, we inform you that we will process your browsing data for analytical and statistical purposes, that is, to understand how users interact with our Platform and thus introduce improvements. Likewise, we occasionally carry out quality actions and surveys to measure customer and user satisfaction and detect areas in which we can improve.

    What is the lawful basis for processing your data?

    The legal basis that allows us to process your personal data also depends on the purpose for which we process them; therefore, we will find different legal bases according to the following purposes:

    • Handling information requests: informed consent to respond to queries submitted through the website.
    • Reading markers: contractual basis, having accepted the website's terms and conditions of use.
    • Notifications: consent.
    • Sharing your tags: express consent upon agreeing to share tags with third parties.
    • Social media: informed consent to respond to queries submitted through the social network and to manage the contact list.
    • Technical infrastructure data (IP and internal operations):
    • Legitimate interest in ensuring the functioning, security and integrity of the platform (art. 6.1.f GDPR).
    • Compliance with legal obligations under applicable regulations (art. 6.1.c GDPR).
    • Specific legal basis – COPPA compliance (children under 13 in the U.S.):

    The collection of technical data such as the IP address for strictly internal purposes (operations, security and integrity of the platform), without individual identification of the minor or disclosure to third parties, constitutes Support for Internal Operations pursuant to 16 C.F.R. § 312.2 (COPPA). This practice does not require verifiable parental consent under U.S. children's online privacy regulations.

    • Usability and quality analysis (Cookies): user consent for the installation of cookies, as well as legitimate interest in improving the application and the services provided to the user, in those analyses that do not consist of cookie installation.

    How long will we keep your data?

    • Information request: for the time necessary to handle your request and 1 year thereafter.
    • NaviLens: until you deregister as an app user, and 4 years thereafter to comply with legal and contractual obligations.
    • Technical infrastructure data (IP and internal operations):
    • Operational purpose: IP logs are kept for a maximum of 5 years for forensic analysis, security audit and compliance with legal obligations.
    • Automatic deletion: after this period, the data are automatically deleted unless a specific legal obligation requires additional retention.
    • COPPA compliance (children under 13 in the U.S.): technical data are automatically deleted when they are no longer necessary for the internal operations purposes described, pursuant to 16 C.F.R. § 312.10 (COPPA).
    • Social media: for the time necessary to handle your request and as long as you follow our profile.

    Will we share your data with third parties?

    To fulfill the purposes of the Privacy Policy, we share personal data with the following types of third parties:

    Infrastructure providers (hosting, servers)

    • Access: usage and operation data
    • Restriction: cannot access the IP address, which remains exclusively in the internal layer

    Analytics providers

    • Access: aggregated, non-identifying interaction data
    • Function: improve the service

    Notification providers

    • Access: device identifier
    • Restriction: only for service notifications

    Limitation for children under 13 (COPPA)

    For users under 13 residing in the United States, third parties receiving data are limited to those strictly necessary for the operation of the application. The IP address is never disclosed to third parties. Any new sharing requires verifiable parental consent.

    What are your rights when you provide us with your data?

    We are committed to respecting the confidentiality of your personal data and to guaranteeing the exercise of your rights.

    You may exercise them free of charge by sending us an email to dpd@navilens.com, indicating the reason for your request and the right you wish to exercise.

    If we deem it necessary to identify you, we may ask for a copy of an identity document.

    You have the right to:

    • Ask us for access to the data we hold about you.
    • Ask us to rectify the data we already hold.
    • Ask us to delete your data when it is no longer necessary or there is no lawful basis to process it.
    • Ask us to restrict the processing of your data (temporary suspension or retention beyond the necessary time when you need it).
    • Withdraw your consent at any time when processing is based on such consent.
    • Object to the processing when it is based on our legitimate interest.

    We also inform you of your right to file a complaint with the relevant data protection authority, in particular, the Spanish Data Protection Agency: https://www.agpd.es/portalwebAGPD/index-ides-idphp.php

    We will respond to all requests within 30 calendar days.

    Specific rights for children under 13 residing in the United States (COPPA)

    For users under 13 residing in the United States, parents or legal guardians have specific rights under the Children's Online Privacy Protection Act (COPPA, 16 C.F.R. § 312.4):

    • Right to review the minor's data: parents may request to see all personal data NaviLens has collected about the minor.
    • Right to request deletion: parents may request the deletion of the minor's personal data at any time.
    • Right to refuse disclosure to third parties: parents may request that the minor's data not be disclosed to third parties without their express consent.
    • Right to withdraw consent: parents may withdraw consent for the collection of new data from the minor at any time.
    • Right to no direct contact: NaviLens will not directly contact the minor for commercial or advertising purposes.

    To exercise these rights, parents or guardians must write to dpd@navilens.com, providing the minor's name, age and the specific right, and attaching proof of the parental or guardianship relationship if required.

    NaviLens will respond to requests within 30 calendar days.

    For users in the United States, you may also contact the Federal Trade Commission (FTC) if you believe your rights under COPPA are not being respected.

    Changes to the privacy policy

    We may modify the information contained in this Privacy Policy whenever we deem appropriate. If we do so, we will notify you through different channels on the Platform, or even by email when the change is significant for your privacy, so that you can review the changes, evaluate them and, if applicable, object or unsubscribe from any service or feature.

    If the changes made to this Privacy Policy involve a change in the legal basis relating to the personal information of children under 13 residing in the United States (for example, if we start processing their data for purposes other than internal operations or disclosing it to third parties), verifiable parental consent will be obtained beforehand in accordance with COPPA (16 C.F.R. § 312.5).

    Information about cookies

    We use cookies and similar devices to facilitate your browsing on the Platform, to know how you interact with us and, in certain cases, to be able to show you advertising based on your browsing habits. Please read our Cookies Policy for more details about the cookies and similar devices we use, their purpose and other information of interest.