Login
Hausera logo
Opportunities
Home
Private Area

PRIVACY POLICY

I. OWNERSHIP AND RESPONSIBILITY FOR PROCESSING

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter GDPR), Organic Law 3/2018 of 5 December on Personal Data Protection and guarantee of digital rights (hereinafter LOPDGDD), and other applicable data protection legislation, the User is informed that personal data provided through the HAUSERA platform (hereinafter the “Platform”), accessible at https://www.hausera.io and operated by HOLDTX SPAIN, S.L., will be processed as follows.

a) Controller in relation to the Platform:

  • HOLDTX SPAIN, S.L. (hereinafter “HOLDTX”)
    Tax ID (CIF): B67708032
    Postal address: CEEIC – European Centre for Business and Innovation, C/ Berlín, 3F, 30553, Murcia (Spain)
    Email: rgpd@hausera.io

HOLDTX acts as controller for personal data processed in connection with registration, management and maintenance of the User’s account, access to and use of the Platform, management of its technological and documentary features, and security, integrity and fraud prevention linked to its use.

Without prejudice to the foregoing, each entity’s specific status (controller or processor) will be determined according to the nature of the activity and the legal relationship in each case, and will be duly communicated to the User when applicable or in the relevant contractual documentation.

b) Hausera Group companies

The Hausera Group comprises the companies headed by HAUSERA CORP, S.L., including its subsidiaries and investee companies, among them HOLDTX SPAIN, S.L. and the special purpose vehicles (SPVs) involved in investment opportunities published on the Platform.

Companies in the Hausera Group do not generally act as joint controllers but as independent controllers or processors depending on their specific role in each processing activity.

In particular, the following entities may be involved, among others:

  • HOLDTX SPAIN, S.L
  • PROPTECH SPV SP, S.A. CIF: A21724653
  • PROPTECH SPV2 BUSINESS, S.A. CIF: A21939152
  • PROPTECH SPV TRES, S.A. CIF: A22545404

These entities will act as independent controllers within the scope of their respective legal relationships with the User, in particular in connection with formalisation, execution and management of investment opportunities.

Data sharing between such entities will only take place when necessary for performance of the contractual relationship, compliance with legal obligations or operational management of opportunities, in line with necessity, proportionality and data minimisation.

c) Issuer companies (SPVs)

The special purpose vehicles (SPVs) identified in each investment opportunity will act as independent controllers for personal data necessary to formalise, execute and manage the investment contractual relationship and to comply with applicable legal obligations.

d) Third parties involved

Third-party providers or entities may also be involved (including identity verification providers (KYC), entities responsible for registration and inscription (ERIR), market infrastructures or technology providers), who will process personal data as processors or independent controllers according to their role and applicable law.

II. CONTACT

For any matter relating to personal data processing, the User may contact HOLDTX SPAIN, S.L. through the following channels:

Through these channels, the User may make enquiries and exercise data protection rights as provided in this Privacy Policy.

III. PERSONAL DATA

HOLDTX will process the User’s personal data according to the various purposes associated with use of the Platform, as follows:

a) Contact and user support

Handling enquiries, information requests or communications made by the User through channels enabled on the Platform:

  • Data collected: name, telephone, email and content of the enquiry.
  • Purpose: to respond to information requests, resolve enquiries and manage the relationship with the User.
  • Legal basis: pre-contractual measures at the data subject’s request and, where applicable, legitimate interest in efficient management of enquiries and user support.
  • Retention: data will be kept for as long as necessary to handle the request and thereafter for any legal periods required to address potential liability.

b) Registration and account management

Data required for sign-up, authentication and use of the Platform:

  • Data collected: name, surname, email, telephone, login credentials and other data necessary for registration.
  • Purpose: to manage the User’s registration, enable access to the Platform and keep the account active.
  • Legal basis: performance of the contractual relationship or pre-contractual measures.
  • Retention: data will be kept while the User’s account remains active and thereafter for applicable statutory limitation periods.

c) Commercial communications and newsletters

Sending information, updates, notices, reminders and promotions related to HAUSERA services and activities.

  • Data collected: name, surname, email address, telephone number and, where applicable, browsing and Platform usage data (such as IP address, device or operating system).
  • Purpose: to manage commercial, informational and promotional communications and keep the User informed about services, opportunities and news related to the Platform.
  • Legal basis: the User’s consent; or, where applicable, HOLDTX’s legitimate interest where there is a prior contractual relationship and communications concern similar services, in accordance with applicable information society services legislation.
  • Retention: data will be kept until the User withdraws consent or objects to processing.
  • Right to object: the User may object at any time to commercial communications using the mechanisms provided in each communication.

d) Investment opportunities and investment management

Processing linked to the User’s participation in investment opportunities published on the Platform.

  • Data collected: identification data, economic data, transactional data, contractual documentation, proof of payment and data related to the investment.
  • Purpose: to manage participation in opportunities, formalise the investment, send contractual documentation and monitor transactions.
  • Legal basis: performance of the contractual relationship and compliance with legal obligations.
  • Retention: data will be kept for the duration of the contractual relationship and thereafter for legally required periods.

The User is informed that investment is formalised with the relevant issuer company (SPV), which will act as an independent controller within the scope of the investment contractual relationship.

e) Identity verification and regulatory compliance

Processing necessary to comply with legal obligations on anti-money laundering and counter-terrorist financing (AML/CFT).

  • Data collected: identity document, identifying personal data, information on economic activity, beneficial ownership, source of funds and, where applicable, data from identity verification processes carried out by external providers (including documentary, biometric or proof-of-life checks).
  • Purpose: to verify the User’s identity, conduct due diligence controls, prevent fraud, ensure traceability of transactions and comply with applicable AML/CFT obligations.
  • Legal basis: legal obligation (Art. 6(1)(c) GDPR) in connection with anti-money laundering rules. Where biometric data are processed, this will be done with appropriate safeguards and in accordance with Article 9 GDPR and applicable law.
  • Retention: data will be kept for the period required by AML legislation (generally ten years), without prejudice to subsequent blocking for applicable limitation periods.
  • Third parties: identity verification may be carried out through specialised providers (KYC) acting as processors under Article 28 GDPR.

Data may be disclosed to competent authorities and other obliged entities involved in the transaction (including issuers, financial institutions, ERIR or other parties) when necessary for legal compliance or proper application of due diligence measures.

f) USE OF DISTRIBUTED LEDGER TECHNOLOGY (DLT)

In the context of certain investment opportunities, financial instruments may be represented wholly or partly using distributed ledger technology (DLT).

  • Data processed: technical identifiers, digital addresses (wallets), transaction records and metadata associated with operations.
  • Purpose: to ensure correct identification, registration, traceability and technical management of financial instruments and the integrity and security of transactions.
  • Legal basis: performance of the contractual relationship and compliance with legal obligations.
  • Specific considerations: where an opportunity is structured using distributed ledger technology, the User acknowledges that records added to that infrastructure are immutable and cannot be altered or deleted once validated on the network. In any case, HOLDTX will not place plain-text personal data on the DLT infrastructure. The link between the User’s identity and technical identifiers will be managed through separate systems with pseudonymisation, access control and security measures. Where data subject rights apply, HOLDTX will implement blocking, erasure or unlinking measures that are legally and technically feasible for information under its control, without prejudice to limitations inherent in DLT immutability.
  • Retention: data will be kept for as long as necessary for the stated purpose and in accordance with applicable legal obligations.

g) Social networks

HOLDTX maintains corporate profiles on various social networks through which it interacts with users and provides information on its activities and services.

The User may join or follow HAUSERA profiles on those networks. In that case, processing of their personal data will be governed both by this Privacy Policy and by the terms of use and privacy policies of the relevant social network.

  • Data collected: data the User has made public on their social profile and data provided in interactions with HAUSERA (comments, messages, engagement with posts, etc.).
  • Purpose: to manage social media presence, interact with users, respond to enquiries and share information, content and, where applicable, promotional activities related to HAUSERA.
  • Legal basis: the User’s consent expressed through interaction on the relevant network; and HOLDTX’s legitimate interest in maintaining an active social presence and managing its community.
  • Retention: data will be processed while the User maintains their relationship with the network and does not delete interactions or request erasure.

HOLDTX does not extract personal data from social networks for incorporation into its own systems without an appropriate legal basis.

h) Event participation

If HOLDTX organises in-person or online events, personal data may be processed as follows:

  • Data collected: name, surname, email, telephone and, where applicable, images of participants.
  • Purpose: to manage registration, organisation and running of the event and, where applicable, dissemination of related activities.
  • Legal basis: performance of the relationship arising from event registration; and the data subject’s consent for capture and use of their image, where applicable.
  • Retention: data will be kept for as long as necessary to manage the event and thereafter for applicable legal periods.

Where images are captured, data subjects will be informed in advance and, where necessary, specific consent will be obtained in accordance with applicable law.

IV. PROCESSING BASED ON LEGITIMATE INTEREST

Certain processing activities carried out by HOLDTX are based on legitimate interest under Article 6(1)(f) GDPR.

In particular, HOLDTX may process personal data on the basis of legitimate interest to:

  • ensure Platform security and prevent fraud;
  • properly manage user support and the relationship with the User;
  • send commercial communications related to similar services where there is a prior contractual relationship, in accordance with applicable information society services legislation;
  • maintain and improve the services offered.

Such processing follows a balancing of HOLDTX’s interests against the User’s rights and freedoms.

The User has the right to object at any time to processing based on legitimate interest by emailing rgpd@hausera.io.

The User may also request further information on the balancing test by contacting the Data Protection Officer at dpd@hausera.io.

V. DISCLOSURES OR TRANSFERS OF DATA

The User’s personal data may be disclosed to third parties when necessary to fulfil the purposes described in this Privacy Policy, including:

  • Issuer companies (SPVs): when the User participates in an investment opportunity, data may be disclosed to the relevant issuer, which will act as an independent controller within the investment contractual relationship.
  • Hausera Group companies: data may be disclosed to other group companies involved in administrative, technical, compliance or operational support, acting as processors or, where applicable, independent controllers according to their role.
  • Service providers: HOLDTX may disclose data to providers necessary for Platform operation (e.g. technology, hosting, e-signature, identity verification (KYC), communications or technical support), who will act as processors with agreements under Article 28 GDPR.
  • Third parties in listed opportunities: where applicable, data may be disclosed to ERIR, market infrastructures or authorised third parties involved in issue, trading, settlement or custody of financial instruments, acting as independent controllers under their applicable rules.
  • Public authorities: data may be disclosed to administrative, judicial or regulatory authorities where there is a legal obligation or formal requirement.

In all cases, disclosures will follow necessity, proportionality and minimisation, with appropriate data protection safeguards.

VI. INTERNATIONAL DATA TRANSFERS

In providing Platform services, certain service providers used by HOLDTX may be located outside the European Economic Area (EEA) or, while in the EEA, may use infrastructure in third countries.

In such cases, HOLDTX will ensure that international transfers comply fully with Regulation (EU) 2016/679, using appropriate safeguards such as:

  • Adequacy decisions adopted by the European Commission;
  • Standard contractual clauses approved by the European Commission;
  • Or other appropriate safeguards under applicable law.

The User may request further information on such transfers and safeguards by contacting rgpd@hausera.io.

VII. EXERCISING RIGHTS

The User has the right to obtain confirmation as to whether HOLDTX processes personal data concerning them and, where applicable, to exercise the following rights:

  • access to their personal data;
  • rectification of inaccurate or incomplete data;
  • erasure of data when, among other grounds, they are no longer necessary for the purposes for which they were collected;
  • restriction of processing in certain circumstances;
  • objection to processing, where applicable;
  • data portability, under the terms provided by applicable law.

Where processing is based on consent, the User may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

Rights may be exercised by request to HOLDTX SPAIN, S.L. at rgpd@hausera.io, indicating the right to be exercised.

Where necessary to verify the applicant’s identity, additional information or supporting documentation may be requested.

The User may also contact the Data Protection Officer at dpd@hausera.io.

If the User considers that their rights have not been duly addressed, they may lodge a complaint with the Spanish Data Protection Agency (www.aepd.es).

VIII. TECHNICAL AND ORGANISATIONAL SECURITY MEASURES

HOLDTX has implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including measures aimed at confidentiality, integrity, availability and resilience of processing systems and services, prevention of unauthorised access and detection of security incidents.

IX. DATA PROVIDED

Personal data requested through channels enabled on the Platform are strictly necessary to respond to the User’s request or to provide the services offered.

The User warrants that data provided are truthful, accurate and up to date. Refusal to provide mandatory data may prevent provision of the service or access to certain Platform features.

The User may voluntarily provide additional data to improve service delivery.

If the User provides third parties’ personal data, they warrant that those third parties have been informed of this Privacy Policy and, where applicable, that consent has been obtained for disclosure.

The User undertakes to notify any changes or updates to their personal data as soon as possible so that they remain current.

© 2026 HOLDTX SPAIN, S.L. (HAUSERA). Spain.
All rights reserved.

More information about the use of cookies at this link.

hausera logo

contacto@hausera.io

TelegramXInstagram
QUICK ACCESS
LEGAL
OUR NEWSLETTER

Stay updated with: launches, promotions, and much more.

©2026, Hausera.io. All rights reserved

Lugar El Buen Retiro, 25, Cartagena, 30310, Murcia