Privacy Policy

The data controller for your personal data is Weexel (hereinafter, "the Platform" or "we"). You can contact us for any data protection matter on the contact page.

We collect the following personal data depending on your interaction with the Platform:

We use your data for the following purposes:

• Service provision: create and manage your account, allow you to connect with other users and use all Platform features.
• Age verification: ensure all users are over 18 years old.
• Personalization: show relevant profiles and suggestions based on your preferences.
• Security: detect and prevent fraud, abuse, spam and unauthorized access.
• Support: handle your queries and manage incidents.
• Communications: send you service notifications, policy changes and, with your consent, commercial communications.
• Billing: manage payments for Premium subscriptions and Zex purchases.
• Legal compliance: comply with applicable legal obligations.

Some data we collect may be considered special categories of data under the GDPR, such as sexual orientation or intimate preferences. This data is only processed with your explicit consent, which you grant by voluntarily filling in those fields in your profile.

You can delete this data at any time from your profile settings.

We do not sell or rent your personal data to third parties. However, we may share it with:

• Technology service providers (such as Supabase for database and authentication) under confidentiality agreements and DPAs.
• Payment processors to handle transactions securely. We do not store credit card data.
• Competent authorities when legally required or to protect legitimate rights and interests.
• Other users only the data you have chosen to make public in your profile.

Some of our providers may be located outside the European Economic Area (EEA). In such cases, we ensure that transfers are made with appropriate safeguards: standard contractual clauses approved by the European Commission, adequacy decisions or other GDPR-recognized safeguards.

We retain your data for as long as necessary for the purposes for which it was collected:

• Active account: throughout the lifetime of the account.
• After account deletion: up to 30 days to allow reactivation, then permanent deletion of identifiable personal data.
• Billing data: 5 years according to tax obligations.
• Security logs: maximum 12 months.

As a user residing in the EU, you have the following rights over your personal data:

To exercise any of these rights, contact us on the contact page. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

We apply appropriate technical and organizational measures to protect your data against unauthorized access, loss, alteration or disclosure:

• Encryption in transit (TLS/HTTPS) and at rest.
• Passwords stored with secure hashing (bcrypt).
• Data access restricted by roles and row-level security (RLS) policies.
• CAPTCHA verification at registration to prevent automated accounts.
• Regular security audits.

In the event of a security breach that may affect your data, we will notify you within a maximum of 72 hours of becoming aware, in accordance with the GDPR.

We use cookies and similar technologies (localStorage, sessionStorage) for the operation of the Platform:

• Essential cookies: necessary for authentication and basic operation. They cannot be disabled.
• Preference cookies: remember your language settings and interface preferences.
• Analytics cookies: with your consent, help us understand how the Platform is used to improve it.

You can manage and delete cookies from your browser settings. Disabling essential cookies may prevent the Platform from functioning correctly.

The Platform is strictly prohibited for users under 18 years of age. We do not knowingly collect data from minors. If we detect that a user is a minor, we will delete their account and all their data immediately.

If you are aware that a minor has created an account, please contact us immediately on the contact page.

We may update this Privacy Policy periodically. When we do, we will revise the "last updated" date at the beginning of the document and notify you by email at least 15 days in advance before changes take effect, unless required by law with greater urgency.

If you continue to use the Platform after the changes take effect, you will be deemed to have accepted them.

For any queries related to this policy or to exercise your rights, you can contact us at:

You can also lodge a complaint with the competent supervisory authority. In Spain, the Spanish Data Protection Agency (AEPD): www.aepd.es.