Legal

Privacy Policy

Information about the processing of your personal data under the GDPR.

Last updated: March 26, 2026 · Version 1.0 · Legal basis: GDPR (EU) 2016/679

1. Data controller

Controller: FutureBNPL SL
Address: Madrid, Spain
Privacy email: info@futurebnpl.com
General email: info@futurebnpl.com

2. Data we collect

2.1 Data provided by the user

When using our contact forms, demo requests or registration, we may collect: full name, corporate email, phone number (optional), company name and VAT number, country, professional profile and reason for contact.

2.2 Automatically collected data

During browsing, we may automatically collect technical data such as IP address, browser type, operating system, pages visited and session duration, as set out in our Cookie Policy.

3. Purposes and legal basis

Managing enquiries and demos — pre-contractual measures (Art. 6.1.b GDPR).
Commercial communications — user's prior consent (Art. 6.1.a GDPR), revocable at any time.
Service improvement — legitimate interest (Art. 6.1.f GDPR).
Legal compliance — legal obligations (Art. 6.1.c GDPR).

4. Data retention

Contact data: up to 3 years from last contact, unless deletion is requested earlier.
Contractual data: during the contractual relationship and applicable statutory limitation periods (generally 5 years).

5. Recipients and international transfers

FutureBNPL does not sell personal data to third parties for commercial purposes. Data may be accessed by data processors (hosting, CRM, email marketing) under Art. 28 GDPR contracts, and by competent authorities when required by law. Transfers outside the EEA are covered by appropriate GDPR safeguards (adequacy decisions, standard contractual clauses).

6. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, port, object to and withdraw consent for your personal data. To exercise these rights, contact info@futurebnpl.com with a copy of your ID. We will respond within 30 days.

If you believe processing violates the GDPR, you have the right to lodge a complaint with the competent supervisory authority in your country of residence.

7. Security

We apply appropriate technical and organisational measures under Art. 32 GDPR, including TLS/SSL encryption, access controls, regular audits and incident management procedures.

8. Children

The website is not directed at children under 14. If you become aware that a minor has provided data without parental consent, please contact us for immediate erasure.

9. Changes to this policy

We may update this policy to reflect legal or business changes. The date of the last update always appears at the top of this page.

B2B trade credit · Digital deferred paymentOffer 30-60-90 day terms. Your client pays later, you collect in 24h. No banks, no risk.

The full B2B commercial cycleVerification + Credit + Payments + Defaults

Solutions by sectorEach industry has its own dynamics

Integrate and learnAPIs, docs & resources

Technology with purposeReal commitment to businesses