Privacy Policy

At StoamSaaS we are committed to ensuring that your personal data is protected and is not used for purposes other than those indicated in this Privacy Policy. For this reason, in this section we inform users and interested parties of everything concerning the processing of their personal data, thus complying with the data protection regulations applicable in our country: General Data Protection Regulation (EU) 2016/679, of April 27 regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data (hereinafter, “RGPD”) and Organic Law 3/2018, of December 5, on Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDGDD”).

This Privacy Policy is applicable to the data processing that Tres elles ideas 2008, S.L.U (“STOAMSAAS”) carries out through the website: (hereinafter, the “Website”) and/or those others that are indicated.

We recommend that you read it carefully before using the Website or any of the services to which this Privacy Policy applies, as well as providing your data through them. You can ask us any questions about this by email:

Index of contents

In this Policy you will find all the information related to the processing of your personal data and the rights that you can exercise to maintain control over them. In this sense, you will find information about:

0. Terms and definitions

1. Who is responsible for the processing of your data.

2. What requirements must you meet to provide us with your personal data.

3. What data processing we carry out through the website and what its main characteristics are, explaining:

  • What data we collect and what are the ways in which it is collected.
  • For what purposes we collect the data we request from you.
  • What is the legitimacy for your treatment.
  • For how long do we keep them.

4. To which recipients your data is communicated.

5. Existence of international transfers of your data.

6. What are your rights and how you can exercise them.

7. How we protect your personal information.

8. Modifications to this policy.

0. Terms and definitions

  • “Personal Data” is any information about an identified or identifiable natural person (the “Data Subject”).
  • “Usage Data” is data collected automatically about how you use or interact with our Website or regarding our services. They may be collected through cookies or other tracking tools (for example, visit time in each section of the Website, etc.).
  • “Cookies”: defined in the Cookies Policy.
  • “Data Controller” or “Controller” refers to the natural or legal person, public authority, service or other body that, alone or jointly with others, determines the purposes and means of processing. For the purposes of this Privacy Policy, STOAMSAAS is the Controller of your Personal Data.
  • “Processor” is any natural or legal person who processes Personal Data in the name and on behalf of the Data Controller.
  • “Service(s)” are the functionalities or tools contracted from STOAMSAAS by you.

1. Who is responsible for the processing of your personal data?

Your personal data will be processed by the company Tres elles ideas 2008, S.L.U (“3LLIDEAS”), with NIF B-64972557 and whose contact information is as follows:

  • Registered Office: Calle Agricultura 24 (premises), 08320 Masnou, Barcelona (Spain).
  • Contact email:

2. What requirements must you meet to provide us with your personal data?

2.1. Minimum age. To provide us with your personal data, according to the regulations, you must be at least 14 years old, and/or, where applicable, have sufficient legal capacity to use the Website or the App. In this sense, keep in mind that our services are aimed at adults, therefore, you must be 18 years old to be able to use our App (more information in section 3.2.).

2.2. Veracity. When you provide us with your data to use our services, you guarantee that the data and information provided is real, truthful, updated and also belongs to you and not to third parties.

Furthermore, you must notify us of any modification that occurs in the data provided, being responsible in any case for the veracity and accuracy of the data provided at all times.

2.3. Control of Age and Veracity. At STOAMSAAS we reserve the right to verify your age and identifying information at any time, if necessary, even requiring an official accreditation document or equivalent procedure and, in the event of detection of fraud, it is proven or suspected that you are under the age of majority, to delete, temporarily deactivate and/or cancel your account.

3. What data processing do we carry out through the website and what are its main characteristics?

Below we explain how we process your personal information and provide you, in detail, with all relevant information regarding your privacy:

3.1 When you contact us through our channels (contact form, email or WhatsApp):

What are the ways of collecting data?

  • Contact Form
  • WhatsApp
  • Sending emails to the address or other STOAMSAAS email addresses.

What data do we collect?

Identification and contact information. We collect your identifying data (name and surname), email address, telephone number, as well as any other information that you voluntarily include in the communications you send us.

We may request additional information from you if necessary to fulfill your request or requirement.

What are the purposes of the processing of your personal data?

Respond to your requests. The main purpose of processing this data will be to answer your requests, resolve your doubts and/or provide you with the required information, as well as, where appropriate, follow up on your requests.

Improve customer service. All the information derived from doubts, queries, and advice offered to interested parties, as well as the way in which requests are resolved, allows us to know how we provide our own customer service, allowing us to improve its quality.

Likewise, all the information collected, after the retention period indicated below, is anonymized and used for the purposes of analyzing the most asked questions through the chat and being able to automate the most frequent ones, prepare FAQS or be kept for statistical purposes to develop commercial strategies.

Sending publications and commercial communications related to our products/services: When you check the corresponding optional box, we may send you, through electronic means, our newsletter, and other commercial communications related to our products, activities and services and other information of interest.

Consent. The data provided will be processed based on your consent when: (i) you voluntarily contact us through the means made available to you to request information or make a request to us; (ii) you check the acceptance box to receive our newsletter or commercial communications related to our products and services.

Legitimate interest. The statistical purposes and improvement of the quality of customer service are based on our legitimate interests, which have been weighed in relation to the interests, rights and freedoms of the Interested Party. For more details on the weighing of interests carried out by STOAMSAAS in relation to this purpose(s), write to us at

The information that you must provide will be indicated with an asterisk or in a similar way. Without this information it would not be possible to respond to your queries or requests.

How long do we keep your information?

1) In the case of your requests, we will process all your personal information during the time in which they are being processed and, if necessary, to monitor them.

2) Regarding the receipt of commercial communications: we will save your information for as long as you are subscribed to receive them.

Once you unsubscribe or your requests are resolved, STOAMSAAS will keep, blocked, said information during the periods provided for in the legislation to address possible responsibilities and to demonstrate compliance with our obligations.

From this moment on, STOAMSAAS will only process the information in an anonymized manner for the indicated statistical purposes, so it will not be possible to link the statistical information with the specific users to whom it refers.

To whom do we transfer your personal information?

To whom do we transfer your personal information? In this sense, some channels through which you can contact us are managed by service providers, who act as Data Processors. You will find more information about how these service providers operate in point 4, mentioned above.

3.2 Navigation through the Website (cookies)

On this Website we use cookies or other tracking and tracing tools to collect information about how users use the Website.

For more information about the treatment we carry out through these tracking tools, visit our ​​​​Cookies Policy.

3.3 STOAMSAAS profiles on social networks.

STOAMSAAS has a profile on the main social networks, such as Facebook, Instagram, LinkedIn or YouTube.

When you become a follower of one of our pages on social networks, the processing of data will be governed by the conditions of use, privacy policies and access regulations that belong to the corresponding social network and previously accepted by the user.

STOAMSAAS, in this sense, will process your data for the purposes of correctly managing its presence on the social network, informing you of activities, products or services, as well as for any other purpose that the regulations of social networks allow.

Please note that we have no influence over the information that the social network collects or how it processes it, so we recommend that you stay informed of the purpose and scope of the collection of information that is carried out through these social networks.

4. To whom do we transfer your personal information?

Generally, at STOAMSAAS we will not communicate your data to third parties. However, in addition to the transfers that we specifically indicate to you in the section in which we explain the characteristics of the different operations (point 3), we inform you of the communications that we can make, in general, and that affect all the previous treatments. and its legitimizing basis.

  1. Essential service providers to execute the service we offer you (for example, computer hosting companies or platforms for sending commercial communications). Notwithstanding the above, these entities have signed the corresponding confidentiality agreements and will only process your data according to our instructions, and will not be able to use them for their own purposes or apart from the service they provide us.
  2. Public organisms. We may disclose data and any other information in our possession or that is accessible through our systems to competent public authorities when there is a legal obligation to do so, as well as when required, for example, when the purpose is to prevent or prosecute abuses of services or fraudulent activities through our Website or web page. In these cases, the personal data that you provide us would be kept and made available to the administrative or judicial authorities.
  3. In the case of a corporate operation: In the event of a merger, acquisition, sale of all or part of its assets or any other type of corporate transaction involving a third party, we may share, disclose or transfer user data to the successor entity (including during the pre-operation phase).
  4. To third parties after aggregation or anonymization: We may disclose or use aggregated or anonymized data (that is, which is not linkable to an identified or identifiable natural person) for any purpose.
  5. To third parties with the user’s consent or other legitimate basis: In the event that we want to share data with third parties outside the scope of this Privacy Policy, in any case, your consent will be requested or you will be informed about it and its legitimate basis.

Likewise, we inform you that this Privacy Policy only refers to the collection, processing and use of information (related to personal data) by us through the interaction you carry out with our Website. Access to third-party websites that you can access through links from the Website have their own privacy policies over which we have no control. Therefore, before providing them with any personal information, we recommend that you inform yourself about their Privacy Policies.

5. Are your personal data transferred to third countries outside the economic area?

Some of our service providers are located in countries outside the European Economic Area (“EEA”).

The location of these companies outside the EEA implies the existence of an international transfer of your personal data, which could mean a lower degree of protection than that included in European regulations. However, at STOAMSAAS we have applied measures so that these transfers do not lead to a lower degree of protection of your personal data.

In this sense, service providers located outside the EEA have a valid mechanism to carry out international transfers: (i) they have either signed the corresponding standard contractual clauses approved by the European Commission (“CCT”), agreement signed between both entities by which the non-EU company guarantees that it applies European data protection standards or, (ii) when they are US companies, alternatively to the CCT, they can be certified by the new Decision of adequacy to the Framework EU-US Data Privacy USA (Data Privacy Framework or DPF)

Therefore, the use of these providers does not give rise to a lower degree of protection of your personal data than the use of providers located in the

You can consult the content of the CCT and the Decision of adequacy to the EU-US Data Privacy Framework. USA in the following links:

Below, we indicate which are the international transfers that we make from STOAMSAAS:



Transfer mechanism

Amazon Web Services, Inc.


Data Privacy Framework

The Rocket Science Group LLC (Mailchimp)


Data Privacy Framework

6. What are the rights that you can exercise as an interested party?

If you are a European resident, you can exercise the rights that the law guarantees you in relation to the processing of your personal data by contacting us via email

We will resolve any rights request that we receive as soon as possible and, in any case, within the maximum period established by law from the time we receive it. In some cases, it will be necessary to ask you for a copy of your ID or other identification document if your identity needs to be verified.

The rights that correspond to you as an interested party are the following:

1. Right to withdraw the consent given

You can revoke your consent in relation to all processing based on it at any time. However, the withdrawal of consent will not affect the legality of the treatment based on the consent prior to its withdrawal.

2. Right of access

You have the right to know what data is being processed, if applicable, and, if so, obtain a copy of it, as well as to obtain information regarding:

  • the origin and recipients of the data;
  • the purposes for which they are processed;
  • whether there is an automated decision-making process, including profiling;
  • the data retention period; and
  • the rights provided for by the regulations.

3. Right to rectification

You have the right to obtain rectification of your personal data or to complete it when it is incomplete.

4. Right of deletion

You have the right to request the deletion of your personal data if it is no longer necessary for the purpose for which it was collected or, where appropriate, if we are no longer authorized to process it.

5. Right to data portability

You have the right to request data portability in the case of processing of your data that is based on your consent or the execution of a contract, as long as the processing has been carried out by automated means. In the event of exercising this right, you will receive your personal data in a structured format, commonly used and readable by any electronic device. However, you can also request, where possible, that your data be transmitted directly to another company.

6. Right to limit the processing of your personal data

You have the right to limit the processing of your data in the following cases:

  1. When you have requested the rectification of your personal data during the period in which we verify its accuracy.
  2. When you consider that we are not authorized to process your data. In that case, you can ask us to limit its use instead of requesting its deletion.
  3. When you consider that it is no longer necessary for us to continue processing your data and you want us to keep it for the purposes of exercising or defending claims.
  4. In cases where there is processing based on our legitimate interest and you have exercised your right to object to it, you can ask us to limit the use of your data during the verification of the prevalence of such interests with respect to yours.

7. Right to object

You have the right to object at any time to the processing of your personal data based on our legitimate interest, including profiling.

Unsubscribe from commercial communications: Remember that at any time you can object to receiving this type of communications by sending us an email to You can also opt out of this service by following the instructions indicated at the bottom of the body of each of the electronic communications we send you.

8. Right to file a claim with the Control Authority

Remember that, at any time, and in the event that you consider that we have violated your right to the protection of your data, you can address your defense to the corresponding Control Authority, in the case of Spain, the Spanish Data Protection Agency (

7. How do we guarantee the confidentiality of your information?

The security of your personal data is a priority for us. For this reason, STOAMSAAS has implemented all the necessary security measures to guarantee effective use and processing of personal data provided by the user, safeguarding the intimacy, privacy, confidentiality and integrity of the same and makes use of the means necessary technical techniques to avoid alteration, loss, unauthorized access or processing of your data, according to the state of technology at any given time.

Consequently, we comply with the recommended security standards to protect them. However, it is impossible to completely guarantee its security due to the very nature of the Internet and because there may be malicious actions by third parties beyond our control.

We are committed to acting quickly and diligently if data security is at risk or compromised, and to inform you if relevant.

8. Modifications to this policy

At STOAMSAAS we can modify the content of this Privacy Policy at any time, especially when there are legislative, jurisprudential or interpretation changes by the competent authorities that affect the data processing carried out by STOAMSAAS through this Website. Any new version of this Privacy Policy will be effective on the published effective date.

If the revised version includes a material change that affects the processing of your data, we will notify you at least 30 days in advance by posting a notice on our website or application. Despite the above, we recommend that you periodically review this Privacy Policy to be informed of how your personal data is treated and protected, as well as the rights that assist you.

This Privacy Policy has been updated in January 2024