Privacy Policy
Last updated: 04/05/2026
1. Who We Are
unitybyte.com is operated by:
Autónomo —
La Linea de la Concepcion, Spain, 11300
Email: hi@unitybyte.com
This Privacy Policy explains how we collect, use, and protect your personal data when you visit our Site, purchase our product, or communicate with us. It applies to all visitors and customers in the European Union and is written in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Spain's Organic Law 3/2018 on Personal Data Protection (LOPDGDD).
If you have any questions about this policy or how we handle your data, please contact us at the email address above.
2. What Personal Data We Collect
Depending on how you interact with us, we may collect the following:
- Purchase data
- Your name, billing address, email address, phone number, and payment confirmation reference.
- Account data (if you create an account)
- Username, password, and security questions.
- Communications data
- Any information you send us via email or our contact form, including the content of your messages.
- Technical data
- Your IP address, browser type, device type, operating system, and pages visited on our Site.
- Marketing data
- Your email address and record of your consent to receive marketing communications.
- Usage data
- How you navigate and interact with our Site, collected via cookies and analytics tools.
We do not collect any special categories of personal data (such as health, biometric, racial, or political data).
3. Legal Basis for Processing
We only process your personal data where we have a valid legal basis under Article 6 GDPR:
- Performance of a contract
- We process your purchase data and account data because it is necessary to fulfil your order, provide access to the digital product, and manage your account.
- Legal obligation
- We retain transaction records as required by Spanish tax and accounting law (generally 7 years under the Ley General Tributaria).
- Legitimate interests
- We process technical and usage data to operate, secure, and improve our Site. We have assessed that these interests do not override your rights. You may object to this processing at any time (see Section 9).
- Consent
- We rely on your consent to send marketing emails and to place non-essential cookies (analytics and advertising) on your device. You may withdraw consent at any time without affecting the lawfulness of prior processing.
4. How We Use Your Personal Data
- To process and fulfil your order — including payment processing,
providing access to the digital product, and after-sales support.
Legal basis: contract performance. - To manage your account — enabling login and account features.
Legal basis: contract performance. - To send transactional emails — order confirmations, purchase
receipts, product access details, and policy change notices.
Legal basis: contract performance and legal obligation. - To send marketing emails — promotional communications about
our product and offers, where you have given consent or are an existing
customer and have not opted out.
Legal basis: consent / legitimate interests. - To run advertising and remarketing campaigns — showing
relevant advertisements to you on platforms such as Google and Meta, using
data collected via advertising cookies.
Legal basis: consent. - To analyse Site usage — understanding how visitors use
our Site via Google Analytics in order to improve performance and content.
Legal basis: consent. - To prevent fraud and ensure security — monitoring for suspicious
activity and protecting our Site and customers.
Legal basis: legitimate interests and legal obligation. - To comply with legal obligations — retaining records as
required by Spanish tax and commercial law.
Legal basis: legal obligation.
5. Cookies
We use cookies and similar tracking technologies on our Site. Cookies are small text files placed on your device when you visit a website. Some cookies are essential for the Site to work; others require your consent.
When you first visit our Site, a cookie consent banner will appear. You can accept or decline each category of non-essential cookie. You can update or withdraw your preferences at any time via the cookie settings link in the footer of our Site.
You can also manage or block cookies through your browser settings. Note that blocking certain cookies may affect the functionality of the Site.
Category 1 — Strictly Necessary Cookies
These cookies are required for the Site to function. They cannot be switched off and do not require your consent under the ePrivacy Directive or Spain's LSSI.
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| session_id | unitybyte.com | Maintains your shopping session and cart contents | Session |
| cart | unitybyte.com | Stores items added to your cart | 30 days |
| auth_token | unitybyte.com | Keeps you logged in to your account securely | 30 days |
| csrf_token | unitybyte.com | Prevents cross-site request forgery attacks | Session |
| cookie_consent | unitybyte.com | Stores your cookie consent preferences | 1 year |
Category 2 — Analytics Cookies
These cookies help us understand how visitors use our Site so we can improve performance and content. All data is collected in aggregated, anonymised form where possible. These cookies require your consent.
Third party: Google Ireland Ltd (Google Analytics 4)
Data may be transferred to the US under Standard Contractual Clauses.
Google's privacy policy
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Distinguishes unique users by assigning a random ID | 2 years | |
| _ga_<ID> | Stores and counts page views for GA4 sessions | 2 years | |
| _gid | Distinguishes users; refreshes every 24 hours | 24 hours | |
| _gat | Throttles the request rate to Google Analytics | 1 minute | |
| _gac_<ID> | Contains campaign-related information for the user | 90 days |
Category 3 — Advertising and Remarketing Cookies
These cookies are used to show you relevant advertisements, to measure the effectiveness of our advertising campaigns, and to build audience segments for remarketing. They require your consent. If you decline, you will still see advertisements but they will not be tailored to you.
Google Ads
Third party: Google Ireland Ltd
Data may be transferred to the US under Standard Contractual Clauses.
Google's privacy policy
—
Opt out of personalised ads
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| _gcl_au | Stores and tracks conversions from Google Ads | 90 days | |
| _gcl_aw | Tracks clicks from Google Ads campaigns | 90 days | |
| IDE | Google (ads) | Used by Google DoubleClick to show targeted ads | 13 months |
| DSID | Google (ads) | Identifies a signed-in user for ad personalisation | 2 weeks |
| AID | Google (ads) | Links activity across devices for signed-in users | 13 months |
| NID | Stores user preferences for Google services | 6 months | |
| 1P_JAR | Gathers statistics and tracks conversion rates | 30 days |
Meta (Facebook / Instagram) Pixel
Third party: Meta Platforms Ireland Ltd
Data may be transferred to the US under Standard Contractual Clauses.
Meta's privacy policy
—
Opt out of personalised ads
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
| _fbp | Meta | Identifies browsers for ad delivery and measurement | 90 days |
| _fbc | Meta | Stores click attribution from Facebook ad links | 90 days |
| fr | Meta | Delivers and measures personalised ads on Facebook | 90 days |
| datr | Meta | Identifies the browser for security and integrity | 2 years |
| sb | Meta | Improves friend suggestions on Facebook | 2 years |
| wd | Meta | Stores browser window dimensions for page rendering | 1 week |
Managing Your Cookie Preferences
You may withdraw or change your consent at any time using the cookie settings link in our Site footer. You can also opt out directly with each platform:
6. Who We Share Your Data With
We do not sell your personal data. We share it only with the following third-party service providers who process data on our behalf, each under a written data processing agreement compliant with Article 28 GDPR:
- Payment processor: Stripe Payments Europe Ltd
-
1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.
Purpose: secure processing of your payment. Stripe collects and processes your payment card details directly and does not share full card data with us. Stripe acts as a data processor on our behalf and as an independent controller for its own fraud prevention and compliance obligations.
Location: EEA. Certain data may be transferred to Stripe Inc. in the US under Standard Contractual Clauses.
Stripe's privacy policy - Hosting provider: Google Firebase (Google Ireland Ltd)
-
Gordon House, Barrow Street, Dublin 4, Ireland.
Purpose: hosting and operating the Site, database storage, authentication, and infrastructure.
Location: EEA. Certain data may be processed on Google servers in the US under Standard Contractual Clauses.
Firebase's privacy policy - Email marketing platform: Brevo (Sendinblue SAS)
-
7 rue de Madrid, 75008 Paris, France.
Purpose: sending transactional and marketing emails.
Location: EEA. Certain data may be processed on servers outside the EEA under Standard Contractual Clauses.
Brevo's privacy policy - Analytics: Google Analytics 4 (Google Ireland Ltd)
- Purpose: analysing Site usage and visitor behaviour.
Location: EEA / transfers to US under Standard Contractual Clauses.
Google's privacy policy - Advertising platforms: Google Ads (Google Ireland Ltd) and Meta Ads (Meta Platforms Ireland Ltd)
- Purpose: delivering and measuring advertising and remarketing
campaigns.
Location: EEA / transfers to US under Standard Contractual Clauses.
We may also disclose your data where required by law, court order, or at the request of a Spanish or EU regulatory or law enforcement authority.
7. International Data Transfers
Some of our service providers (including Google and advertising platforms) are based in or transfer data to countries outside the EEA, including the United States. Where this occurs, we ensure that appropriate safeguards are in place, specifically the Standard Contractual Clauses approved by the European Commission under Article 46(2)(c) GDPR, supplemented where necessary by additional technical and organisational measures.
You can request details of the specific safeguards applicable to any transfer by contacting us at the address in Section 1.
8. How Long We Keep Your Data
We retain your personal data only for as long as necessary for the purpose it was collected, or as required by law.
- Purchase and transaction records
- 7 years from the date of transaction, as required by Spanish tax law (Ley General Tributaria, Art. 66).
- Account data
- For the life of your account, and deleted within 30 days of account closure unless retention is required by law.
- Marketing consent records
- Until you withdraw consent, plus 3 years as evidence of consent.
- Customer support communications
- 3 years from the date of last communication.
- Analytics data
- Up to 26 months in identifiable form, per Google Analytics default settings, then anonymised.
- Advertising cookie data
- Per the retention periods of the relevant platform (typically 90–180 days).
- Cookie consent records
- 1 year from the date of consent.
Once the applicable retention period expires, your data is securely deleted or anonymised.
9. Your Rights
Under the GDPR and Spain's LOPDGDD, you have the following rights regarding your personal data:
- Right of access
- Request a copy of the data we hold about you and information on how we use it.
- Right to rectification
- Request correction of inaccurate or incomplete data.
- Right to erasure
- Request deletion of your data where it is no longer needed, where you withdraw consent, or where it has been unlawfully processed.
- Right to restriction
- Request that we limit processing of your data in certain circumstances.
- Right to data portability
- Receive your data in a structured, machine-readable format and request we transfer it to another provider where technically feasible.
- Right to object
- Object at any time to processing based on our legitimate interests, including profiling. You also have an unconditional right to object to direct marketing at any time.
- Right to withdraw consent
- Where we rely on consent, you may withdraw it at any time via the unsubscribe link in our emails or our cookie settings. Withdrawal does not affect the lawfulness of prior processing.
- Right not to be subject to automated decisions
- We do not make decisions about you based solely on automated processing that produce legal or significant effects.
To exercise any of these rights, contact us at hi@unitybyte.com. We will respond within one month. We may ask you to verify your identity before fulfilling your request. There is no charge for exercising your rights unless requests are manifestly unfounded or excessive.
10. Right to Lodge a Complaint
If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the Spanish data protection authority, the Agencia Española de Protección de Datos (AEPD). You may also complain to the supervisory authority in your country of habitual residence or place of work within the EU.
We would welcome the opportunity to address your concerns directly first — please contact us at hi@unitybyte.com.
11. Children
Our Site and product are not intended for children under 14 years of age (the minimum age of digital consent under Spanish law per LOPDGDD Art. 7). We do not knowingly collect personal data from children under 14. If you believe a child has provided us with their data, please contact us and we will delete it promptly.
12. Security
We implement appropriate technical and organisational measures to protect your personal data, including encryption of data in transit (TLS/HTTPS), restricted access controls, and regular security reviews.
No transmission over the internet is entirely secure. We cannot guarantee absolute security and recommend you do not send sensitive information over unsecured channels.
In the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify the AEPD within 72 hours as required by Article 33 GDPR, and will notify you directly without undue delay where the risk is high, in accordance with Article 34 GDPR.
13. Changes to This Policy
We may update this policy from time to time. We will post the revised version on this page and update the "Last updated" date. For material changes, we will notify you by email or by a prominent notice on our Site prior to the change taking effect.
14. Contact
For any questions, requests, or concerns about this Privacy Policy: hi@unitybyte.com