Legal
Privacy Policy
Last updated: 11 May 2026
Placeholder content. The final text of this page will be provided by our legal advisor. The information shown below is a draft outline and is not legally binding.
1. Data Controller
The data controller of personal data collected through Rekovr is [Company name], with the contact details set out in our Legal Notice.
2. Data We Collect
- Account data: name, email, password (hashed).
- Lost & found items: descriptions, photos, location, and any details you choose to provide.
- Verification data: answers to ownership verification questions, optional identification documents.
- Payment data: processed by Stripe; Rekovr does not store card information.
- Technical data: IP, device, browser, usage analytics.
3. Legal Basis and Purposes
- Performance of the contract (Art. 6.1.b GDPR): to operate the service.
- Legal obligations (Art. 6.1.c GDPR): tax, accounting, anti-fraud.
- Consent (Art. 6.1.a GDPR): marketing communications, optional cookies.
- Legitimate interest (Art. 6.1.f GDPR): platform security and improvement.
4. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, subject to applicable legal retention periods. Identification documents linked to identified-owner items are deleted after six (6) months from registration.
5. Your Rights
You may exercise your rights of access, rectification, deletion, restriction, portability, and objection by writing to privacy@rekovr.ai. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).
6. International Transfers
Some service providers may process data outside the European Economic Area. In such cases, Rekovr applies the appropriate safeguards (Standard Contractual Clauses).
7. Security
We implement technical and organizational measures to protect personal data, including encryption at rest for sensitive fields and HTTPS in transit.