Privacy Policy

Scope

This policy applies exclusively to our website, wearespacely.com. It covers our website and what we do with the information we gather when visiting our website. This privacy policy explains how we use any personal data you give us, and how we might use trackers, cookies or other services. It also describes how we treat your information.

Data Control and Contact

As a European company, we are subject to the General Data Protection Regulations (GDPR). We take your privacy very seriously. If you have any questions about this privacy policy or want us to remove your data, contact us at [email protected].

We will endeavour to respond within one week, and at most within 29 days.

Your Rights

Under GDPR you have rights to control your data and these are:

1. The Right to Information
2. The Right of Access
3. The Right to Rectification
4. The Right to Erasure
5. The Right to Restriction of Processing
6. The Right to Data Portability
7. The Right to Object
8. The Right to Avoid Automated Decision-Making

You may exercise these rights at any time by contacting us.

Changes and Revisions

We re-evaluate this policy on an ongoing basis, and we reserve the right to make changes to this privacy policy as required. However, if there are any changes to the use of personal information that is different from that stated at the time of collection, we will notify you by posting a notice on this website and seek your consent. This privacy policy was last amended on 21st May 2025.

Information we collect directly

We collect some data from you if you signup for our service, use our website or enter information into our forms. Some of this data is collected automatically as part of the fundamental way the internet works; other data may be given freely by you as you use our website.

We collect data associated with networking, automatically given by your internet service provider and web browser, to facilitate the use of our website or for maintenance purposes: IP Address, user-agent, browser information, and usage data.

We collected data entered into contact forms required to facilitate our service to you, respond to your communications, when you sign up to our newsletter, or to comply with tax or other laws: IP Address, User-agent and browser information, usage data, email address, first name, last name, billing address, username, phone number, website, physical address, VAT number or tax ID, any other information you choose to give us during the signup process.

Our website can be used only by adults. Users declare themselves to be an adult under their local law; minors may only use this website and our service with the assistance of a parent or guardian. Under no circumstances do we accept personal information from people under 13. If you believe we have inadvertently collected information directly from a child, please tell us so that we can delete their data.

Cookies and Trackers

We use optional cookies for reasons outlined in our cookie policy. You can enable analytics and marketing cookies separately, or not at all. You may change or withdraw your consent at any time. Please visit our cookie policy to see what cookies we might set and how they're used.

Security & Retention

We take security measures to prevent unauthorised access, modification, disclosure or destruction of your data, including firewalls, strong passwords, strong encryption and other methods deemed to improve the security of our data processing. Data is processed at our place of work or by our subprocessors which will be listed below.

We store and process information only for as long as legally or operationally necessary. Where it is personal data gathered by us to facilitate your services, generally speaking, this means we will delete it after the conclusion of your contact with us.

However, the retention time for your data can be different depending on the data we've gathered. For example, tax law might require us to retain billing information for seven years. We will gladly clarify the specific basis for collecting and processing your data if you have any questions.

Transfer of Personal Data to Third Countries

We may transfer your data to a third country (outside the EU/EEA) for processing through our subprocessors (listed below as third party processors), ensuring that every one of them has a legal basis for the transfer.

We always ensure transfers outside the EU / EEA happen with Standard Contractual Clauses through which third-party processors agree to maintain the standards of EU data protection legislation or under an adequacy decision (for example, Canada).

Our web hosting is located exclusively in EU / EEA data centres.

Third-Party Processors

We use some third party processors to help us deliver our service and process data as necessary.

Google Ireland Limited: We use Google Ireland Limited for the computing infrastructure and storage required to run our app. We also use a google font to make our website look nice. We also use Google Tag Manager and Google Analytics to understand how users interact with our website. We use EEA/EU datacenters exclusively. They are based in Ireland, and you can read their privacy policy here.

Mailgun Technologies, Inc: Mailgun provide a transactional email API that sends automatic emails on our behalf and provides us with facilities to send bulk email. They process your email address, first name, and various data types we have collected depending on the email. They are based in the United States, and we use EU/EEA data centres with them. You can read their privacy policy here.

Cloudflare Group: Cloudflare provide services that help keep our website and application secure and fast. They deliver a CDN, which allows accelerated website delivery to you, and a web application firewall, which helps protect us from bots and other threats. You can read their privacy policy here.

Complaints and Redress

You should contact us directly if you have any complaints about how we are handling your data. If you are not satisfied with our response, there are supervisory bodies in the European Union when it comes to data protection. You can contact these bodies in the event of a dispute over this privacy policy, or if you think we have mis-handled your data. In Bulgaria that body, and their contact information, can be found at www.cpdp.bg.