Privacy Policy

1. Data controller
  • Company: Ruptture Studios S.L.
  • CIF: B21811286
  • Email: info@ruptture.com
  • Website: ruptture.com
2. Personal data we collect

2.1 Store / purchases (WooCommerce)

  • Name and surname
  • Email address
  • Shipping and billing address
  • Phone number (if requested)
  • Order details, invoices, returns
  • Payment data: handled by Redsys (we do not normally store full card numbers)

2.2 Memory Vault data (no account)

  • Access code status (e.g., active, renewal status)
  • Uploaded images and related technical information needed to store/display them
  • Technical logs (IP address, device/browser, timestamps) for security and service operation

2.3 Communications

  • Emails to customer support, returns requests, and content reports
3. Why we use your data and legal basis

3.1 To process purchases and deliver orders

Purpose: order processing, payment handling, shipping, refunds, support.
Legal basis: performance of a contract.

3.2 To provide the Memory Vault service

Purpose: enable access by code, host and display your private carousel, allow downloads, manage the 1-year included access and renewals, and manage reward eligibility.
Legal basis: performance of a contract / service requested by the user.

3.3 Security and fraud prevention

Purpose: protect systems, prevent coupon/code abuse, investigate suspicious activity.
Legal basis: legitimate interests.

3.4 Marketing communications (if used)

Purpose: updates, promotions, and campaigns.
Legal basis: consent and/or legitimate interest where permitted by law.
You can opt out anytime using the unsubscribe method provided or by emailing info@ruptture.com.

3.5 Using images for marketing

Purpose: using user images on our website/social/ads.
Legal basis: explicit consent (opt-in), which you can withdraw at any time.

4. Who we share data with

We do not sell your data. We may share it with:

  • Redsys (payment processing)
  • Shipping/logistics providers (delivery)
  • Technology providers acting as processors (hosting, database, email delivery, security, analytics), including:
    • Heroku (hosting)
    • NeonDB (database)

We may also disclose data when legally required.

5. International transfers

Some service providers may process data outside the European Economic Area. Where that happens, we apply appropriate safeguards (e.g., Standard Contractual Clauses) as required by GDPR.

6. Data retention
  • Purchases: kept as necessary for contractual performance and legal obligations (tax/accounting) and to handle claims.
  • Memory Vault images and content: kept while your access is active (included 1 year, plus any paid renewals).
    After access expires, we may retain data for a limited period to allow renewal/recovery and then delete it securely, unless we must keep it longer for legal reasons. The exact retention window will be communicated in the app or upon request.
7. Your rights

You may request access, rectification, erasure, restriction, objection, and portability (where applicable) by emailing info@ruptture.com.
You also have the right to lodge a complaint with your local data protection authority (in Spain, the AEPD).

8. Security

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, or alteration.

9. Changes

We may update this Policy. The latest version will be posted with a new “Last updated” date.

10. Contact

info@ruptture.com