PRIVACY POLICY
PRIVACY POLICY
OPINATOR is a registered trademark of Innology Ventures, S.L. (“Innology”, “we”, “us” or “our”). This Privacy Policy applies to all products and services (“OPINATOR” or the “Services”) offered by us and any of our subsidiaries or affiliated companies and explains how we handle and protect personal data.
OPINATOR is GDPR (General Data Protection Regulation) compliant. We take the protection of personal data very seriously and we always observe the rules laid down in the applicable data protection laws.
1.1 Brief description of Our Services
OPINATOR is a powerful online software platform to create feature-rich digital forms, which can be used by any type of organization to interact with customers, members or end-users across many types of digital channels.
OPINATOR is provided under a “Software as a Service” (SaaS) model. Our customers can only access and use the software with valid accounts. Every account has a set of users, which can access and use the software self-service with a browser through the Internet.
All data processed and stored by our online software platform is hosted in best-of-class data centers operated by Amazon Web Services EMEA, SARL (“AWS”), Elastic, B.V. (“Elastic”) and Commify UK Limited (“Esendex”) and/or their respective affiliates.
1.2 Data collection through the OPINATOR software platform
As explained above, OPINATOR is self-service software. This implies that users of our customers’ accounts are solely responsible for the forms that they create with OPINATOR and for the data that they show and gather when interacting with their own customers, members, or end-users, which may include personal data.
Our customers, through the users that they assign to access and use their account, own and control how they use our software and all the information and data that they generate, distribute, report, manage, process or store in OPINATOR. Our associates, employees or collaborators do not pro-actively access our customers’ data and any exposure to customers’ data is only in connection to providing our services.
We will process data for our customers as part of our services only upon their request and following their instructions strictly, always taking care to comply with the applicable laws. Nevertheless, it’s the sole responsibility of our customers to ensure that they comply with all applicable laws when using our services themselves. This includes taking the appropriate measures when processing personal data, preventing unsolicited communications, deleting data when no longer required, and responding to any personal data right enforcement request.
We may anonymize and aggregate data and use such anonymized and aggregated data for our business purposes. However, unless required by law, we will never transfer data to a third-party without the written permission of the customer.
In summary, we basically provide software technology and it’s our customers who decide and control how they prefer to use our technology, according to their own purposes and needs, in compliance with all applicable laws and regulations.
1.3 Other forms of data collection
We only collect and process the data that we need to conduct our business in a responsible manner and as required by law. Therefore, we collect data from customers, suppliers, employees, etc. according to the usual and normal business needs, from performing the marketing and sales of our products and services, to managing our accounting and payroll according to the applicable norms. We also maintain databases of customer and user information, used for internal purposes such as technical support and marketing activities.
In our website (web.opinator.com), which we use both to inform about our products and services, as well as to provide login access to the OPINATOR online software platform, we collect and process aggregate information of visitors and users (such as the domain, accessed account, forms, and other publicly available information). We use this information to improve our products and services and to customize the content shown to each visitor or user. Cookies are used to help analyze the user experience and to provide customized content.
We collect personal data through various channels available on our website and related platforms, including but not limited to: contact forms, newsletter sign-up forms, event registrations (such as webinars), and direct email communications. The information you provide through any of these channels will be used to respond to your inquiries and for commercial purposes, such as sending you information about our products, services, newsletters, and events.
By providing your personal data through any of these channels, you expressly consent to such processing. Your information will be kept until you expressly instruct us to stop using it or to delete it.
Even after receiving a deletion request, we reserve the right to retain a copy of your personal data and the consent originally provided for the period allowed by applicable laws and regulations, for compliance purposes and for the establishment, exercise, or defense of legal claims.
1.4 Legal Basis for Processing
We process your personal data based on the following legal grounds: a) Your explicit consent when you provide your personal data through our contact channels for commercial communications; b) Our legitimate business interest in responding to your inquiries, managing customer relationships, and improving our services; c) Legal obligations that require us to retain records for compliance with applicable laws and regulations and d) The necessity to perform our contractual obligations when providing services to our customers.
1.5 Sub-Processors
As explained above, all data processed and stored by our online software platform is hosted in best-of-class data centers operated by Amazon Web Services EMEA, SARL (“AWS”), Elastic, B.V. (“Elastic”) and Commify UK Limited (“Esendex”). Accordingly, as described by the GDPR, AWS, Elastic and Esendex are to be considered as sub-processors. Other sub-processors, depending on the use that our customers make of our software platform, may include email and messaging platforms. The list of possible sub-processors is, therefore:
- AWS (aws.amazon.com), operated by Amazon Web Services EMEA, SARL, located in 38 Avenue John F Kennedy, L-1855 Luxembourg.
- Elastic (www.elastic.co), operated by Elastic B.V., located in Keizersgracht 281, Amsterdam P7 1016 ED, The Netherlands.
- Esendex (www.esendex.com), operated by Commify UK Limited (“Esendex”), located in 20 Wollaton Street, Nottingham NG1 5FW, United Kingdom.
International Data Transfers: Some of our sub-processors may process or store data in countries outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place in accordance with data protection requirements, including: a) Standard Contractual Clauses approved by the European Commission; b) Adequacy decisions recognizing equivalent levels of data protection and c) Other legally approved transfer mechanisms.
Our sub-processors comply with applicable data protection frameworks and maintain adequate security measures to protect your personal data regardless of location.
1.6 Your Data Protection Rights
Under applicable data protection laws, you have the following rights regarding your personal data: 1) Right of access: You can request information about the personal data we hold about you; 2) Right to rectification: You can request correction of inaccurate or incomplete data; 3) Right to erasure: You can request deletion of your data (subject to the limitations described in this policy); 4) Right to restriction of processing: You can request that we limit how we use your data; 5) Right to data portability: You can request a copy of your data in a structured, commonly used format; 6) Right to object: You can object to processing based on legitimate interests or for direct marketing purposes; 7) Right to withdraw consent: You can withdraw your consent at any time without affecting prior processing; 8) Right to lodge a complaint: You can file a complaint with your local data protection supervisory authority.
To exercise any of these rights, or if you have any general inquiries or questions regarding our privacy policy, you may contact us by email at legal@opinator.com. We will respond to your request in accordance with applicable data protection laws.
If you are an EU or Swiss citizen and have an inquiry or question regarding your personal data, we urge you to contact the organization responsible for interacting with you with our software. Please be aware that it’s our customers who decide and control how they use our software and they are solely responsible for the interaction forms that they create and the data that they gather and process with OPINATOR. If the organization responsible for your personal data is unresponsive to your inquiry, you may contact us by email at legal@opinator.com.
Updated January 29, 2026
Last revision January 29, 2026