Privacy Policy

This is a courtesy translation. The legally binding version is the Spanish one.

Last updated: 31 May 2026

1. Data controller

VigilaClick is a personal, non-commercial project. The data controller is the owner of the domain vigilaclick.com.

Contact: [email protected]

2. Data we collect

• Registration: Email address and password (stored encrypted with bcrypt).
• Use of the service: Monitored product links, configured alerts, notification preferences.
• Telegram linking: Telegram user and chat ID (only if the user voluntarily links their account).
• Technical data: IP address (for rate limiting and security), User-Agent (for click tracking on short links).

3. Purpose of processing

• Providing the price-tracking service and sending alerts.
• Sending notifications by email and/or Telegram according to the user's preferences.
• Improving the service through anonymous usage analytics.
• Preventing abuse and ensuring the security of the platform.

4. Legal basis

• Consent (art. 6.1.a GDPR): By registering, the user accepts the processing of their data for the operation of the service.
• Legitimate interests (art. 6.1.f GDPR): Platform security and fraud prevention.

5. Sub-processors

VigilaClick uses the following third-party services that may have access to personal data:

• OVH SAS / OVHcloud (France) — Server hosting (VPS). Privacy policy
• Hostinger (Lithuania) — Transactional email delivery (SMTP). Privacy policy
• Mailchimp (Intuit) (USA) — Subscriber list for communications. Privacy policy
• Google Tag Manager / Google Analytics (USA) — Site usage analytics (only if the user accepts analytics cookies). Privacy policy

6. International transfers

Some sub-processors (Mailchimp, Google) are located in the USA. These transfers are carried out under the standard contractual clauses approved by the European Commission (art. 46.2.c GDPR).

7. Data retention

• Account data is retained for as long as the account remains active.
• Users may request deletion of their account and all associated data at any time.
• Security logs (IP addresses) are retained for a maximum of 90 days.

8. User rights (GDPR)

You may exercise the following rights by writing to [email protected]:

• Access: Know what data we hold about you.
• Rectification: Correct inaccurate data.
• Erasure: Request deletion of your account and data.
• Portability: Receive your data in a structured format.
• Objection: Object to the processing of your data.
• Restriction: Request restriction of processing.

You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).

9. Cookies

VigilaClick uses the following cookies:

• session_monitor (necessary): Session cookie to maintain authentication. Expires in 7 days. Does not require consent.
• Google Tag Manager (analytics): Only loaded if the user accepts analytics cookies. Enables anonymous analysis of site usage.

You can manage your cookie preferences at any time via the "Cookies" link in the footer.

10. Security

We apply technical and organisational measures to protect your data: password encryption (bcrypt), HTTPS connections, security headers (CSP, HSTS), IP-based rate limiting and restricted database access.

11. Changes to this policy

We reserve the right to update this privacy policy. Any changes will be published on this page with the updated date.