Privacy policy - Demium

In compliance with the provisions of the Organic Law 3/2018, of December 5, Protection of Personal Data and Guarantee of Digital Rights, Demium Startups S.L. (hereinafter, “DEMIUM”), with address at Calle Ribera, 1 Entlo. 1 y 2, 46002, Valencia, as party responsible for data processing, informs you that the personal data that may be required as a result of the subscription or registration in some of the services offered by our website, will be subject to automated processing and incorporated into the corresponding files owned by DEMIUM, with the required levels of security.

DEMIUM respects and takes care of your personal data, guaranteeing your rights. ( Personal data, understood as any information relating to natural or legal person alive, identified or identifiable, which could be: your phone number, email, CV, ID number, passport, images, LinkedIn profile,etc.)

This Policy applies to your personal data processing within the framework of various services, tools, applications, websites, web portals, promotions, marketing actions, sponsored social media platforms, etc, in the context of our activity consisting in the advice, management, promotion, investment and feasibility studies for the company start-ups that will operate on the Internet, both newly created and already established, and this through the appropriate professionals, from now on “the Activity”.

Whenever your personal data are needed and collected for the exercise of the activity in accordance with the above, will be communicated through the privacy notices.

This Policy applies to all your personal data collected by DEMIUM and those this Policy refers to, in such a way that, if you accept it, you will accept that we process your data in the manner and conditions set forth below.



DEMIUM has a data protection contact so that you can access it and direct questions or requests related to our company policy, privacy notices and the processing of your personal data.

For any question, request or complaint related to the application of this Policy or to the exercise of your rights, as described in this Policy, you may contact us at the Data Protection Contact Point:


We value the personal data you have entrusted to us and we are committed to treating them according to the following principles that DEMIUM applies:

  1. Legality: we will only collect your personal data for specific, explicit and legitimate purposes, and we will not process your personal data in a manner incompatible with the aforementioned purposes.
  2. Lawfulness: your personal data will be managed provided that you express your consent to the processing of such data as a way to state your will and free and informed consent. Your personal data may be necessary to formalize a contract, agreement or service, in which you may be an interested party, to comply with legal obligations, to protect your interests and another individual ́s interests, to fulfill a public interest mission or in the exercise of public powers conferred on the data controller or that serves the legitimate interests pursued by the data controller when they do not violate the rights and fundamental freedoms of the data subject and the personal data protection of the data subject.
  3. Loyalty and transparency: in accordance with article 11 of Organic Law 3/2018, of December 5, as a manifestation of transparency and proof of it, the interested party is informed of the existence of the treatment operation and its purposes.
  4. Data minimization: we limit the collection of personal data to what is strictly relevant and necessary for the purposes for which it was collected.
  5. Purpose Limitation: we will only collect your personal data for specific, explicit and legitimate purposes that we keep in the form of processing them.
  6. Accuracy: we will keep your personal data accurate and up-to-date.
  7. Data Security: we apply the appropriate technical and organizational measures to guarantee the appropriate level of security, taking into account the risks and nature of the data in order to prevent them from being disclosed, from unauthorized personnel accessing them, or from any loss or alteration. In short, we prevent any form of illicit treatment.
  8. Access and Rectification: the client, consumer or any person who, having given their consent for data collection, wishes to request any treatment management, is recognized and may exercise: the right of access, rectification, opposition, deletion, limitation of the treatment, portability and right of not being object of individualized decisions. Its exercise will be free and this request will be corrected within a month that may be extended for another two months under exceptional circumstances such as: number of applications, complexity, or others of a similar nature. Point 14 of this document provides information on how to exercise these rights and the means and channels through which we will make your request effective.
  9. Principle of limitation of the term of conservation: the data will be maintained during the necessary time and for the purposes of the treatment without undue delay, and during which, the users’ own data and clients’ data will be available to them when they request it.
  10. International transfers: We do not carry out any international data transfers, but if they are made, we will guarantee that all personal data transferred outside the European Union are adequately protected in accordance with the legislation of the country and the European Union.
  11. Third parties: we will guarantee that the access and transfer of personal data to third parties will be done according to the applicable laws and regulations and with the appropriate contractual guarantees.
  12. Direct Marketing and cookies: we will ensure compliance with the legislation applicable in respect to advertising and cookies. You can access the cookie policy in the link called “Legal Notice” that is available on the website.


Whenever we request your personal data you will be specifically informed of those we collect through a privacy notice generated for you to grant us express consent to such collection and treatment.


We only treat your personal data for specific, explicit and legitimate purposes, and we will not process your personal data in a manner incompatible with such purposes.

Such purposes may be your registration in the AllStartup event, the management of vacancies and positions to which you can apply, your interest in our portfolio or investment opportunities, the improvement of your visit to our websites, the improvement of our products and services in general, the evaluation of our incubation program, the offer of our services or applications, communications, newsletters and marketing actions, etc.

We will never store your data without permission for more than 6 years.


It is important for us to keep the record of your personal information updated. It could be compulsory, under your responsibility, to inform us of any changes or errors in your personal data as soon as possible by contacting us at the Data Protection Contact Point:

We will take the necessary steps to ensure that any incorrect information about your data is removed or modified.


In accordance with the legislation on data protection, your data will be kept for as long as necessary to comply with the provisions of the applicable legislation or for the purposes for which they are processed, as explained throughout this Policy. 

To obtain information on the length of storage of your personal data before deleting it from our systems and databases, contact us at the Data Protection Contact Point:


DEMIUM has a set of technical and organizational security measures to protect your personal data against illegal or unauthorized access or use, as well as against the accidental loss or damage of your integrity.

These measures have been designed according to the infrastructure of DEMIUM and the programs and processes DEMIUM uses, the possible impact on your privacy and the possible consequences of a failure in the security systems according to the current industry standards and practices.

Your personal data can only be processed by a third party if the treatment manager is committed to adopt the technical and organizational measures that are needed to comply with the commitment to security in the treatment of data, protecting its confidentiality, integrity and availability.


This Policy will not apply to third-party websites, including those ones this website gives access to.

Our website uses technology of cookies to know the use of the website, facilitating the navigation through the web, to recognize you from other users, identify problems of its usage and, ultimately, provide the most satisfactory user experience possible.

The consent to the use of cookies will allow us to customize your experience to better match your interests and preferences.

Here you have the link to access to our Cookies Policy.


This website does not transfer the data to third parties except:

  • As required by law or as legally necessary to protect DEMIUM.
  • To comply with the law, requests from authorities, court orders, legal procedures, obligations related to the presentation of reports and presentation of information to authorities, etc.
  • To verify or enforce the policies and agreements of DEMIUM.
  • To protect the rights, property or safety of DEMIUM and its customers.


Your personal data will not be transferred to recipients outside the European Union and, if this is done and those countries do not count with the security measures and guarantees of our legislation, DEMIUM is committed to implementing the appropriate security measures and controls to adapt the level of security to which we offer.

In addition, if this is the case, the user will be notified with a privacy notice to grant us express consent to such collection and treatment.


The requirements of this Policy supplement, and do not replace, any other requirements under the applicable data protection legislation. In case of contradiction between what is written in this Policy and the requirements in the applicable data protection law, the applicable data protection regulations shall have priority.

DEMIUM can modify this Policy at any time. When this occurs, we will notify you of any changes and ask you to re-read the most recent version of this Policy and confirm your acceptance. You can also check this Policy periodically on our website, where it will be visible.



Article 13 of the Organic Law 3/2018, of December 5, recognizes the right of the interested party to know if their personal data are being treated or not and the purposes of the treatment, the categories of data, the recipients, the origin of the data, the duration of conservation and the criteria to determine it. Therefore, the data controller will provide a copy of the personal data processed by electronic format upon presentation of the request.

They may also request to the responsible party the rectification, deletion or limitation of data and treatment.

In order to facilitate the user the exercise of these rights we provide you in the following link the form that must be completed for your request:


Article 14 and 15 of the Organic Law 3/2018, of December 5, establishes, respect to the rectification and deletion of personal data, that the client or user may request the correction of their personal data to consider these inaccurate or their completion or deletion for not being necessary for the purposes that were collected and treated.

In order to facilitate the user the exercise of this right we provide in the following link the form that must be completed for your request:


In accordance with Article 18 of EU Regulation 2016/679, the interested party will have the right to obtain the limitation of the processing of their data from the data controller in the cases provided for in said provision.

That is, the data may only be subject to treatment, with the exception of its conservation, with the consent of the interested party, for the exercise or defense of claims, protect the rights of another natural or legal person or for reasons of public interest of the European Union or of a specific Member State. In addition, this will be informed by the person responsible before the lifting of said limitation.

In order to facilitate the user the exercise of this right we provide in the following link the form that must be completed for your request:


The collected data will be stored in different files in order to organize them and deal with them efficiently while maintaining security levels according to their sensitivity.

The collected data will be stored in:

  1. Non-automated files: will collect data sets in a non-automatic way on physical media.
  2. Automated files: they cover data automatically and in this way they are managed through programs, computer equipment and others of a similarnature.

These, in turn, must be protected according to their relevance by different levels of security as described in the Privacy Policy and which can be accessed through our website.