Poriyo.com

Privacy Policy

Last updated: May 2026

Data Controller

RAM ROM GAMES, S.L., located at Avenida de la Industria 8, 28760, Tres Cantos (Madrid), Spain, is the data controller responsible for processing your personal data.

Privacy Principles

We are committed to continuously working to protect your privacy and the processing of your personal data. Our key principles include:

  • We will never request information that is not truly necessary for the services you have requested.
  • We will never share your personal data with third parties, except where required by law or with your explicit consent.
  • We will never use your data beyond the purposes stated in this policy.
  • We process your data with an appropriate level of protection in compliance with data privacy regulations.
  • No automated decisions will be made without your express consent.

This policy complies with Regulation (EU) 2016/679 (GDPR), Ley Orgánica 3/2018 (LOPD), and Real Decreto 1720/2007 (RLOPD).

Processing Activities

Contacts

Legal Basis: Explicit consent of the data subject.

Purposes: Request management, information provision, and follow-up.

Data Categories: Name, phone number, email address.

Recipients: No third-party disclosure without consent.

Retention: Duration necessary for purpose fulfillment or until consent is withdrawn.

International Transfer: None planned.

Data Subject Rights Requests

Legal Basis: Legal compliance obligation (GDPR).

Purposes: Facilitate exercise of GDPR rights (access, rectification, erasure, restriction, portability, objection to automated decisions).

Data Categories: Full name, address, signature, phone.

Recipients: Supervisory Authority if a complaint is lodged.

Retention: Five years.

International Transfer: None planned.

Customers

Legal Basis: Consent, contract performance, legal compliance, and legitimate interests.

Purposes: Product and service supply.

Data Categories: Name, identification, address, bank details.

Recipients: Financial entities, tax administration agencies.

Retention: Duration necessary for purpose fulfillment.

International Transfer: None planned.

Suppliers

Legal Basis: Contract performance and legal compliance.

Purposes: Product/service acquisition and subcontractor control.

Data Categories: Name, identity proof, address, employee job positions, hazard prevention training.

Recipients: Financial entities, tax administration agencies.

Retention: Per Spanish tax law (Ley 58/2003).

International Transfer: None planned.

Personal Data Breach Management

Legal Basis: Legal compliance (GDPR articles 33-34).

Purposes: Breach management within the organization.

Data Categories: Variable by breach type.

Recipients: Spanish Data Protection Agency (AEPD), police authorities.

Retention: Duration necessary for purpose fulfillment.

International Transfer: None planned.

Your Rights

As a data subject, you have the right to:

  • Access: Request copies of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion when your data is no longer necessary for its original purpose.
  • Restriction: Restrict processing under certain circumstances.
  • Portability: Obtain your data in a structured, commonly used, and machine-readable format.
  • Objection: Object to processing under certain circumstances.
  • Withdraw consent: Withdraw your consent at any time without affecting the lawfulness of prior processing.
  • Automated decisions: Not be subject to solely automated decision-making with legal effects without your express consent.

These rights may be limited when disclosure would affect the rights and freedoms of others, when legal obligations require data retention, or when freedom of expression prevails.

To exercise your rights, contact us at poriyo@poriyo.com with appropriate identity verification.

You also have the right to file a complaint with the Agencia Española de Protección de Datos (AEPD) or your national supervisory authority.

Third-Party Links

Our website may contain links to third-party websites. Users are responsible for reviewing the privacy policies of those websites. RAM ROM GAMES, S.L. is not responsible for the privacy practices of external sites.

Third-Party Data

If you provide personal data of other individuals to us, you assume responsibility for ensuring that those individuals have been adequately informed in accordance with Article 14 of the GDPR.