Privacy Policy

This Privacy Policy explains how MaiKupo collects, uses, shares, and protects personal data when you use our website and services. We are committed to safeguarding your privacy and processing personal data in a lawful, fair, and transparent manner.

Data Controller: ARTECO CONSULTING, S.L. ("Arteco"), acting under the MaiKupo brand.

NIF (Tax ID): B57734600

Registered address: C/Gremi Fusters 33, Local 102, 07009 Palma (Illes Balears), Spain

Contact email: info@arteco-consulting.com

This Policy applies to personal data processed through www.maikupo.com and related services. Where our Services link to third-party services (for example, payment processors or external websites), those third parties' privacy practices apply to their processing.

We may collect and process the following categories of personal data:

• Account and identity data: name, email address, password, profile information.
• Booking and usage data: sessions booked, dates and times, capacity status, attendance/no‑show, cancellation details, communications with Providers or with us, device and log data generated by your use of the Website.
• Provider data: business name, contact details, billing and payout identifiers, configuration of fees and cancellation policies.
• Payment information: limited payment identifiers and tokens processed by Stripe (for example, transaction IDs). MaiKupo does not store full card numbers on its servers; card data is handled by Stripe.
• Cookies and similar technologies: as described in the Cookies section.

We use personal data for the following purposes and on the following legal bases:

• Provide and operate the platform (manage accounts, enable session discovery and booking, capacity management, communications) — necessary for the performance of a contract with you or to take steps at your request.
• Process payments and settlements via Stripe — necessary for contract performance and our legitimate interests in operating a secure payment flow.
• Customer support and Provider support — necessary for contract performance and our legitimate interests in assisting Users.
• Fraud prevention, security, and abuse detection — our legitimate interests in protecting the Service and Users.
• Service improvement and analytics — our legitimate interests in improving the Website and Services. Where required, we will obtain your consent.
• Marketing communications — where permitted by law, based on our legitimate interests; otherwise, based on your consent. You can withdraw consent at any time.
• Legal obligations — to comply with accounting, tax, and other legal requirements.

Cancellation policies are set by each Provider in the platform, typically based on the number of hours of advance notice and a penalty scheme. These policies are displayed at the time of booking and are binding on Customers who complete the booking. MaiKupo facilitates the technical enforcement of such policies; the final decision on eligibility and amounts is the responsibility of the Provider, without prejudice to applicable consumer law.

We may share personal data with:

• Providers so they can manage the sessions you book and comply with their obligations.
• Payment service providers, specifically Stripe, to process payments and prevent fraud. See Stripe Privacy Policy.
• Service providers who assist us with hosting, analytics, communications, customer support, and other operations, under data processing agreements.
• Authorities where required to comply with law or to protect rights and safety.
• Corporate transactions in case of merger, acquisition, or asset transfer, subject to appropriate safeguards.

If personal data is transferred outside the European Economic Area, including by processors such as Stripe, we will ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other lawful mechanisms.

We retain personal data for as long as necessary to fulfill the purposes described above, including to comply with legal, accounting, or reporting requirements. Retention periods may vary depending on the category of data and the context of processing.

Subject to conditions and exceptions under applicable law, you have the right to request access, rectification, erasure, restriction of processing, data portability, and to object to processing. You also have the right to withdraw consent at any time where processing is based on consent.

You may exercise your rights by contacting us at info@arteco-consulting.com. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

We use cookies and similar technologies to operate the Website, measure performance, and, where permitted, for personalization and marketing. You can manage cookies through your browser settings and, where provided, through our consent tools. Disabling cookies may affect certain features of the Website.

We implement technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. However, no internet transmission is entirely secure and we cannot guarantee absolute security.

Our Services are not directed to minors under 14 years of age. If we become aware that we have collected personal data from a minor under 14 without appropriate consent, we will take steps to delete such information.

We may update this Privacy Policy from time to time. We will post the updated version with an updated "Last updated" date and take additional steps as required by law.

Last updated: 01/10/2025.

If you have questions about this Policy or how we process your data, please contact us at info@arteco-consulting.com.