General terms and conditions

These General Conditions (hereinafter the "Conditions") constitute a legally binding contract ("Contract") governing the provision of services by Reskyt Online SL (hereinafter the "MANUFACTURER") in favor of any person and / or company contracting (hereinafter the "CUSTOMER"), under the specific agreements entered into through special conditions. These General Conditions shall apply to all services offered by the MANUFACTURER, unless otherwise expressly agreed in writing in the specific conditions.

Please read these Terms and Conditions carefully, as they contain important information about your rights, remedies and obligations.

  1. NATURE OF THE RELATIONSHIP

    The relationship between the CUSTOMER and the MANUFACTURER is strictly commercial in nature. There is no employment, agency, partnership or representation relationship between the parties, nor between the personnel of one party with respect to the other. Each party shall assume its own tax, labor and social security obligations in accordance with the legislation in force.

  1. GENERAL OBLIGATIONS OF THE CUSTOMER
    1. Collaboration and provision of information:
      • Provide to the MANUFACTURER, in a truthful, complete and timely manner, all information, materials, credentials and technical or commercial documentation required for the performance of the service.
      • Maintain updated information provided, including legal URLs (privacy policy, terms of use, etc.), as well as contact details and access to external platforms linked to the service.
    2. Content and regulatory compliance:
      • Ensure that all content, trademarks, text, images or any other material provided to the MANUFACTURER do not infringe the rights of third parties, nor violate current legislation, including regulations on intellectual property, data protection, advertising, consumption or competition.
      • Ensure that the content published or distributed through the platform or service contracted complies with the policies and conditions of use of third parties, such as App Store, Google Play or other technology platforms.
      • To assume responsibility for the legal consequences derived from any illicit, inaccurate or inappropriate content that the CLIENT incorporates directly or indirectly to the service provided.
    3. Safety and technical management:
      • Have the technical accounts required for the provision of the service (e.g. developer accounts at Apple or Google, access to Analytics or third party tools) and provide the corresponding access to the MANUFACTURER when required.
      • Ensure that its own systems, networks or web pages meet the minimum performance and compatibility requirements established by the MANUFACTURER to allow proper technical integration.
    4. Diligent use of the service:
      • Make use of the contracted service in accordance with its purpose and conditions, without manipulating, altering, duplicating or distributing its operation, technical components or documentation without express authorization.
      • Refrain from any action that may affect the stability, security or reputation of the platform, the MANUFACTURER or third parties.
    5. Financial obligations:
      • Pay the agreed rates punctually within the terms established in the particular conditions.
      • Assume the possible surcharges, penalties or interruptions of the service that may result from delays or non-payments, as provided in these General Conditions and/or in the particular conditions.
    6. Data Protection: 
      • In cases where the CUSTOMER acts as the party responsible for the processing of personal data linked to the service, it must ensure compliance with the applicable regulations on data protection (RGPD, LOPDGDD or others), and provide the MANUFACTURER with the legal texts and conditions required for the correct use of such data in the provision of the service.
      • Sign, where appropriate, the corresponding processing order contract with the MANUFACTURER.
  1. GENERAL OBLIGATIONS OF THE MANUFACTURER
    1. Provision of the service:
      • Provide access to the platform and functionalities included in the contracted service, as defined in the particular conditions.
      • Adopt reasonable measures to ensure the availability, stability and proper functioning of the platform, except in cases of force majeure or incidents attributable to third parties beyond its control.
    2. Technical support:
      • Provide technical and functional assistance to the CUSTOMER through the enabled channels, within the current working hours.
      • Attend and resolve, within reasonable terms, the incidents reported by the CUSTOMER according to the established priority levels.
    3. Security and confidentiality:
      • Implement appropriate technical and organizational measures to protect the integrity, availability and confidentiality of the CLIENT's data, according to the level of sensitivity of the same.
      • Guarantee the confidentiality of the information provided by the CLIENT and not disclose or use it for purposes other than those necessary for the execution of the contract.
    4. Regulatory compliance:
      • Comply with the applicable legislation in the framework of the provision of its services, especially with regard to data protection, intellectual property rights and consumer regulations.
      • Facilitate the CLIENT, where appropriate, the signing of the necessary processing assignment contracts in compliance with the GDPR.
  1. AUTHORIZATION FOR USE OF INFORMATION

    The CLIENT authorizes the MANUFACTURER to use the logos, images and testimonials for marketing and promotional activities.

  1. SUSPENSION OF SERVICE AND TERMINATION OF THIS CONTRACT
    1. Suspension of Service

      If the CUSTOMER fails to pay any invoice within 1 month of its due date, the MANUFACTURER shall be entitled to suspend the provision of services until the outstanding debt is fully settled. The CUSTOMER shall be notified in advance of such suspension.

      The suspension of the service shall not exempt the CUSTOMER from its payment obligation nor shall it constitute a cause for termination of the contract, unless the conditions set forth in section 5.2 are met.

    1. Termination of Contract

      The agreement shall be deemed terminated for the following reasons:

      • Delays in the payment of fees or invoices exceeding 3 months.
      • Incorporation of content that is illegal, criminal, racist, xenophobic, incites terrorism or violates human rights, as well as content that is defamatory, pornographic, misleading or fraudulent to its recipients, or that in any way violates applicable laws or regulations or is offensive to the rights of the MANUFACTURER, distributors or third parties.
      • The MANUFACTURER may terminate this contract for reasons not attributable to it and for reasons of force majeure, such as the withdrawal of the product by Google Play or App Store in the case of Apps, or by other partners essential to the operation of the service provided by Reskyt.
      • The MANUFACTURER may terminate this contract if it considers that the platform or service provided by Reskyt has become obsolete and/or the active subscriptions at that time are not sufficient to maintain the economic structure necessary to operate the platform. To do so, it shall give the other party at least three months' notice prior to the termination of the contract.
      • Termination of this agreement for any of the aforementioned causes shall not entitle either party to any indemnification.
  1. SUPPORT AND AVAILABILITY

    The MANUFACTURER undertakes to provide support services and attention to the CUSTOMER during the working hours in force, through the enabled communication channels, such as e-mail, telephone or videoconference, as appropriate. Updated information on available schedules and channels may be consulted at the request of the CUSTOMER.

    1. Incident management

      Requests and incidents will be attended by the technical team according to priority criteria, with the objective of minimizing the impact on the CLIENT's operations and guaranteeing the continuity of the service. For such purposes, two categories are established:

      • Normal incidents: Those that do not involve a critical interruption of service or compromise data security. They are managed within normal working hours, with response times appropriate to their nature.
      • Critical incidents: Those that imply a total or partial interruption of the service, or that may affect the integrity, availability or confidentiality of the data. These incidents are prioritized with immediate attention, regardless of the schedule, by means of the alerts and permanent monitoring system.
    1. Operational Continuity

      The technical environment supporting the MANUFACTURER's services is hosted on a highly available cloud infrastructure, with 24/7 active monitoring systems. Any critical anomaly will be automatically notified to the on-call technical staff, who will proceed to take the necessary measures to ensure the restoration of the service in the shortest possible time.

    1. Scope of support

      The support offered includes:

      • Resolution of doubts about the use and configuration of the contracted services.
      • Technical support in case of changes or updates in the platform.
      • Management of functional and technical incidents associated with the correct operation of the service.

      They are not included within the scope of support:

      • Personalized services not expressly contracted.
      • Intervention on systems, platforms or data outside the infrastructure of the MANUFACTURER.
      • Direct support to end users of the CLIENT.
  1. INFRASTRUCTURE AND OUTSOURCING

    All services are provided on infrastructure hosted in secure data centers, currently provided by Amazon Web Services (AWS) in the European Union. The CUSTOMER expressly authorizes the outsourcing of technical services and infrastructure to the extent that it does not affect the confidentiality or scope of the contracted service.

  1. DATA PROTECTION POLICY

    The personal data of those who subscribe and sign this contract will be processed by both parties for the sole purpose of managing its execution and complying with the legal obligations arising from it. These data will be kept for as long as there is a contractual relationship between the parties and, thereafter, will be kept blocked for the legally required periods, adopting appropriate technical and organizational measures to ensure, where appropriate, pseudonymization or final deletion of the same. The transfer of data to third parties is not foreseen unless legally required or in those cases in which it is necessary to resort to service providers acting as Data Processors, duly authorized by each of the parties.

    The parties and signatories are informed that they may exercise their rights of access, rectification, deletion, opposition, limitation of processing and portability, in accordance with the provisions of the applicable regulations, by means of a written request accompanied by an identification document, addressed to the addresses contained in this contract. They may also file a complaint with the Spanish Data Protection Agency (www.aepd.es) if they consider that their rights have been violated.

    In the event that the provision of contracted services involves a treatment by RESKYT ONLINE S.L. to personal data for which the CUSTOMER is RESPONSIBLE, such treatment will be carried out in accordance with the provisions of Article 28 of Regulation (EU) 2016/679 as well as the provisions of the Organic Law 3/2018, acting RESKYT ONLINE S.L. for this purpose as PROCESSOR.

    The conditions governing the personal data processing relationship are detailed below:

    • Object, nature and purpose of the treatment

      The purpose of this order is the processing of data generated by the devices of users who download and use the CLIENT's application, such as tokens, UUID, geolocation, device language, device country, as well as usage statistics, solely and exclusively for the purpose of:

      • Manage the sending of push notifications.
      • Provide technical and functional support to the CLIENT.
      • Offer advanced segmentation, personalization and statistics functionalities within the Reskyt platform.

      Under no circumstances will personal data that allow the direct identification of the end user be processed, nor will the CUSTOMER's customer database be accessed.

    1. Duration of assignment

      The assignment shall have the same duration as the main contract (Special Conditions). At the end of the contractual relationship, the MANUFACTURER shall delete all personal data processed on behalf of the CUSTOMER, unless legally required to retain them.

    1. Type of data processed
      • Push notification token.
      • UUID of the device.
      • Geolocation data (with the user's consent).
      • IP address (only in administration panel access logs and not for end users).
      • Language, country, dates of access to the application.
      • Functional information about abandoned carts (number of items and last interaction), without cart content or user identification data.
    1. Stakeholder categories

      Users who download and use the CLIENT's application.

    1. Obligations of the MANUFACTURER as data processor

      The MANUFACTURER undertakes to:

      • Process the data only according to the documented instructions of the CLIENT.
      • Ensure that persons authorized to process personal data have undertaken to respect confidentiality.
      • Adopt appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including data protection measures by design and by default (art. 25 of the GDPR). 
      • Outsourcing: The CUSTOMER expressly authorizes the MANUFACTURER to use Amazon Web Services, Inc (AWS) as a subcontractor for processing, exclusively for the hosting and processing of personal data on the cloud services used by the Reskyt platform. AWS provides its services from data centers located in the European Union (Ireland), and complies with the provisions of the GDPR on data security and data protection. The TREATMENT PROCESSOR shall ensure that AWS assumes the same obligations as set out in this agreement. Any subsequent changes or addition of new sub-processors shall require the prior specific or general authorization of the CUSTOMER.
      • The CONTROLLER has to create, whenever possible and taking into account the nature of the processing, the technical and organizational conditions necessary to help the RESPONSIBLE to comply with the obligation to respond to requests for the data subject's rights. In case the CARRIER receives a request to exercise these rights, it has to communicate it to the RESPONSIBLE immediately and in no case later than the next working day following the day of receipt of the request, together with other information that may be relevant to resolve it. 
      • To notify without undue delay any breach of security of personal data for its knowledge and implementation of measures to remedy and mitigate the effects caused.
      • Collaborate with the CLIENT in carrying out impact assessments and prior consultations with the control authority when necessary.
      • Make available to the CUSTOMER the necessary information to demonstrate compliance with its obligations, as well as allow and contribute to the performance of audits or inspections by the CUSTOMER or an authorized auditor.
      • The RESPONSIBLE PARTY authorizes the PRINCIPAL to carry out international data transfers provided that he/she can prove that the data transfer is based on adequacy decisions taken by the EU Commission (Article 45 of the GDPR), on adequate data protection safeguards (Article 46 of the GDPR) or on one of the exceptions for specific situations (Article 49 of the GDPR). The CARRIER shall be solely responsible for proving that the transmission of data provides adequate or appropriate safeguards as permitted by the GDPR and shall provide the RESPONDENT with sufficient information to demonstrate that such safeguards are in place or the means to obtain a copy of such safeguards or the fact that they have been provided.
    1. RESPONSIBLE's obligations and rights
      • The CONTROLLER guarantees that the data provided to the PROCESSOR have been lawfully obtained and that they are adequate, relevant and limited to the purposes of the processing.
      • The RESPONSIBLE PARTY shall make available to the PRINCIPAL all the information necessary for the execution of the services under the assignment.
      • The CONTROLLER warns the PROCESSOR that, if it determines on its own the purposes and means of the processing, it will be considered the data controller and will be subject to comply with the provisions of the applicable regulations in force as such.
    1. Safety measures

      The TREATMENT CONTROLLER undertakes to implement, at all stages of the development, deployment and maintenance of the App, appropriate technical and organizational measures to ensure that the processing of personal data is carried out in accordance with the principles of the GDPR, in particular those of minimization, purpose limitation, confidentiality, integrity and security. These measures shall take into account the state of the art, the costs of implementation, the nature of the data, the context and purposes of the processing, as well as the risks to the rights and freedoms of individuals.

      Among others, the following concrete measures will be implemented:

      1. Minimization and pseudonymization of data

      • Collection limited to the data strictly necessary for each functionality of the App.
      • Use of pseudonymization techniques or substitution of personal identifiers when it is not essential to preserve the direct identity.
      • Avoidance of unnecessary information collection through closed forms, avoiding open fields whenever possible.

      Logical separation of environments and data

      • Isolation between development, test and production environments, with no use of real data in test environments except anonymization.
      • Segregated and restricted-access storage of records containing personal identifiers.
      • Differentiated data management by functionality or project.

      3. Restricted and controlled access

      • Role-based access control model (RBAC), under the principle of least privilege.
      • Access traceability through registration and periodic auditing.
      • Record kept for at least two years for access to special category data.

      4. Privacy-oriented default settings

      • Any functionality that involves processing of non-essential data (e.g. geolocation) will be disabled by default, requiring explicit activation by the user or the RESPONSIBLE.
      • Application of the "privacy by default" principle, configuring the system to provide the highest possible level of privacy from the first installation.

      5. Additional security measures

      • Access control through strong authentication.
      • Encryption of communications and, where applicable, data at rest.
      • Activity monitoring and incident alerts.
      • Regular software updates and security patches.
      • Periodic technical tests to verify vulnerabilities.

      6. Resilience, continuity and verification

      • Mechanisms to restore data availability and access in case of physical or technical incidents.
      • Automatic backups and recovery policies.

      7. Continuous evaluation and cooperation

      • Collaboration with the RESPONSIBLE for conducting impact assessments (DPIA), where appropriate.
      • Analysis and communication to the CONTROLLER of emerging risks that may affect data security.
    2. Destination of the data at the end of the contract

      Upon termination of this contract, the MANUFACTURER shall delete all personal data to which it has had access, together with any copies thereof, unless retention is required by a legal obligation.

  1. CONFIDENTIALITY

    The parties undertake to maintain the strictest confidentiality with respect to all information exchanged of this nature. This obligation shall survive the termination of the contract. Disclosure to third parties shall require the prior written consent of the party concerned.

  1. LIMITATION OF LIABILITY

    The MANUFACTURER shall not be liable for:

    1. Failures derived from third-party services (Google Play, App Store, AWS, etc.).
    2. Content provided by the CLIENT.
    3. Loss of profit or indirect interruptions.

    In any case, the maximum liability of the MANUFACTURER shall be limited to the annual amount paid by the CUSTOMER.

  1. INTELLECTUAL PROPERTY

    All rights to the source code, designs, tools and developments of the Reskyt platform belong exclusively to the MANUFACTURER. The CUSTOMER only acquires a limited and non-exclusive right of use, under the terms defined in the particular conditions.

  1. MODIFICATIONS

    Any modification of these General Conditions shall be made in writing and shall be notified to the CUSTOMER with reasonable notice. The particular conditions subscribed shall prevail over the provisions herein, in case of discrepancy.

  1. APPLICABLE JURISDICTION

    This agreement shall be governed by Spanish law. The parties expressly submit to the jurisdiction of the Courts and Tribunals of Barcelona, waiving any other jurisdiction that may correspond to them.

Platform
Features
Price
ROI Calculator
Login
Company
About us
Success stories
Help
Contact
Terms of Use
Cookies Policy
Privacy Policy
Legal Notice
General Terms and Conditions
©2025 Reskyt Online SL - All Rights Reserved.