Privacy Policy for the application “Breaks the App”

Last update: 15 July 2025

We consider the privacy of individuals to be important, and specifically that of users of our mobile application Breaks the App (hereinafter the "APP") accessible on Google Play and/or the App Store, owned by SILVESTRE STUDIO SL., with registered office at Can Puig, s/n de Castellfollit del Boix (08255) Barcelona and Tax ID number B44920254 (hereinafter "controller" or "developer").

The controller undertakes to process your data in accordance with the personal data protection regulations applicable and in force at all times.

Specifically, it will comply with the provisions of REGULATION (EU) 2016/679 (hereinafter "GDPR") and Organic Law 3/2018 (LOPDGDD).

The controller informs you of its Privacy Policy in order to make users aware of how their data is processed and of the fundamental principles of personal data protection that it applies.

Users must read this Privacy Policy carefully in order to be informed about the rules and practices we have developed to protect personal data and to better understand our relationships with third parties who may have access to such data.

In any case, the user is solely responsible for the information provided in the APP and if, in the future, the controller wishes to use it for purposes other than those referred to, it will inform you of these new purposes and request your consent, if necessary.

By using our APP, you acknowledge that you have read and accept this Privacy Policy.

The data controller reserves the right to modify this Privacy Policy, in which case it will notify the user so that they can review the changes before continuing to use the services offered.

Who is responsible for processing?

SILVESTRE STUDIO SL
Tax ID number: B44920254
Postal address: Can Puig s/n
Email: [email protected]

What data is processed and for what purpose?

The data controller only processes the following data for the purposes indicated below:

• User ID (generated in the APP) used to enable key features such as accurate geolocation, usage data analysis, integration with other applications and traceability of the user experience within the APP.
• Device IP address, which is collected for security purposes, technical validation of downloads and to obtain aggregate statistics on the use of the APP.
• Name, alias, comments and email address (optional) are only processed if the user decides to provide them voluntarily, for example, to receive a personalised summary of their journey or experience via email.
• Photographs and personal notes are content that the user records during their journey, but are not processed by the data controller.

They remain stored exclusively on the user's device and are not transmitted or processed by our servers.

How is data collected?

• Personal data may be collected or processed, in whole or in part, when using the APP in accordance with its Terms and Conditions.
• Technical data (user ID and IP address) are generated and collected automatically when the user downloads and uses the APP.
• Contact details (name, alias and email address) are only collected if the user provides them voluntarily, for example when requesting a personalised summary of their itinerary or experience on the app to be sent by email.

What is the legal basis for data processing?

The processing of personal data carried out through the APP is based on the following legal grounds:

• The user's consent (Art. 6.1.a GDPR), expressly granted when accepting certain features of the APP, constitutes the legal basis for:
  • - the processing of the user ID when enabling features such as precise geolocation or integration with other applications.
  • - processing of the name, alias and email address when the user decides to provide them voluntarily in order to receive a personalised summary of their experience.
• The legitimate interest of the controller (Art. 6.1.f GDPR), duly weighed, is the legal basis for:
  • - The processing of the device's IP address for security purposes, technical validation of downloads and the compilation of aggregate statistics on the use of the APP.
  • - The processing of the user ID for technical purposes that are essential to ensure the proper functioning, maintenance and improvement of the user experience in the APP.

Is data shared or cross-referenced?

The data controller may cross-reference the IP address and user ID with information from (I) app stores (such as Google Play or the App Store) in order to technically validate the download and legitimate use of the app, (II) other apps owned by or linked to associated organizations, for the purposes of analysis, service improvement and personalisation of the user experience, always within the same environment or digital ecosystem.

No personal data is communicated to third parties, unless there is a legal obligation to do so or when necessary for the provision of the service through external providers acting as data processors, with contracts in accordance with the GDPR that guarantee the confidentiality, security and limited use of the data.

Are international data transfers carried out?

In general, no international data transfers are made to third countries outside the European Economic Area (EEA).

However, if any of the providers that provide services to the data controller acting as data processor are located outside the EEA or use infrastructure located in third countries, it will be ensured that such transfers are made with the appropriate safeguards, in accordance with Articles 44 to 49 of the GDPR.

In particular, mechanisms such as the existence of an adequacy decision by the European Commission, the signing of standard contractual clauses approved by the Commission, or the adoption of binding corporate rules, among other applicable measures, will be applied.

How long is the data kept?

The data controller processes personal data for the period necessary to fulfil the purposes set out in this Privacy Policy, as well as to retain your personal information in compliance with the provisions of the relevant laws and regulations.

Personal data of third parties

With regard to personal data relating to other individuals, which the controller must communicate to the data controller in order to provide the services of the APP, the data controller must, prior to communication, inform them of the points contained in the preceding paragraphs.

What rights can be exercised?

Users may exercise the following rights:

• Right to request access to personal data: you may ask the data controller whether it is processing your data and, if so, access it.
• Right to request rectification if the data is inaccurate, or to complete any data we hold that is incomplete.
• Right to request the deletion of your data.
• Right to request restriction of processing: in this case, we will only keep your data for the exercise or defence of claims.
• Right to object to processing: the data controller will stop processing your personal data, except where it must continue to be processed for legitimate reasons or for the exercise or defence of possible claims.
• Right to data portability: if the user wishes their data to be processed by another data controller, the data controller will facilitate the transfer of their data to the new data controller.
• Right not to be subject to a decision based solely on the automated processing of your personal data.

If you have given your consent for a specific purpose, you may withdraw it at any time, without this affecting the lawfulness of the processing based on the consent given prior to its withdrawal.

In any case, when the user exercises their right to erasure, all personal data linked to their account, as well as the information and content included in their profile, will be deleted.

Likewise, if the user exercises their right to delete the data necessary for the controller to provide the services of the APP, the controller will be obliged to terminate their relationship with the user, proceeding to remove them from the APP, without the user having any right to claim and without affecting the rest of the relationships they have with the controller.

To exercise their rights, users must send a written communication to: Silvestre Studio S.L., Can Puig s/n de Castellfollit del Boix (08255), Barcelona or to the email address [email protected].

Data security

The controller maintains the levels of security required by the GDPR and other related regulations applicable and in force at any given time, and has established all technical means at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of the data provided by the User through the APP.

In any case, the data controller shall take appropriate technical and organisational measures, both when designing the data processing system and at the time of the processing itself, to preserve security and prevent unauthorised processing.

However, despite the diligent implementation of such measures, the user should be aware that security measures on the Internet are not impregnable.