EFFECTIVE DATE: 11/26/2025

​

1. INTRODUCTION

At Valhalla Partners S.L. (“we,” “us,” or “our”), we are committed to protecting the privacy and confidentiality of the information we collect from our business clients (“you,” “your”). This Privacy Policy describes how we collect, use, disclose, and safeguard personal and professional data related to business activities in the context of providing technology consulting services within the European Union.

​

2. SCOPE OF APPLICATION

This policy applies exclusively to information collected from business clients located anywhere in the world, strictly within a B2B (business-to-business) context. Our services are not intended for individuals acting in a personal capacity or as consumers.

​

3. INFORMATION WE COLLECT

We may collect the following types of information during the course of our business relationship:

• Professional contact information: full name, corporate email address, phone number, job title, and company name.

• Account and billing information: billing address, tax identification number, and banking or payment details necessary to process transactions.

• Communication data: emails, meeting notes, contracts, and other related correspondence.

• Technical data: IP addresses, usage logs, access credentials, system configurations, and integration data required to deliver our services.

We do not knowingly collect or process sensitive personal information (e.g., Social Security numbers, health data) or information from individuals under the age of 18.

​

4. HOW WE USE THE INFORMATION

We use the collected information strictly for business purposes, including:

• Delivering the requested consulting services.

• Communicating with your team regarding service delivery, updates, and support.

• Managing accounts, billing, and payments.

• Ensuring system security and performance.

• Complying with legal or contractual obligations.

• Sending relevant business communications (e.g., product updates, whitepapers, or webinar invitations), where permitted.

​

5. LEGAL BASIS

As a company based in Spain, we rely on the following legal grounds:

• Performance of a contract.

• Our legitimate business interests.

• Compliance with legal obligations.

• Your consent (where required, such as for marketing communications).

​

6. DISCLOSURE OF INFORMATION

We do not sell or rent your data to third parties.

We may share your information only in the following limited circumstances:

• With service providers or contractors acting on our behalf, subject to confidentiality agreements (e.g., cloud hosting providers or payment processors).

• When required by law, regulation, or legal process (e.g., court order or subpoena).

• As part of a corporate transaction (e.g., merger, acquisition, or asset sale), with prior notice to affected clients.

All third parties are required to implement appropriate safeguards to protect the information they access.

​

7. DATA RETENTION

We retain business-related information only for as long as necessary to:

• Fulfill our contractual and legal obligations.

• Maintain accurate financial and service delivery records.

• Support ongoing client relationships.

Once these purposes have been fulfilled, the data is securely deleted or anonymized.

​

8. DATA SECURITY

We implement reasonable administrative, technical, and physical security measures to protect your information, including:

• Encryption of sensitive data.

• Secure access controls and authentication mechanisms.

• Network monitoring and logging.

• Staff training on confidentiality and cybersecurity best practices.

While no system is completely secure, we continuously assess risks and take proactive measures to prevent unauthorized access or disclosure.

​

9. YOUR RIGHTS

Depending on your place of residence, you may have certain rights under European Union data protection laws, such as the General Data Protection Regulation (GDPR). These may include:

• The right to know what information we collect and how it is used.

• The right to access or rectify your data.

• The right to request the deletion of certain information.

• The right to object to certain data uses (e.g., marketing communications).

To exercise your rights or contact our privacy team, you may write to team @ onewai.tech.

​

10. UPDATES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. In the event of material changes, we will notify you through appropriate channels, such as email or notices on our website.

​

11. CONFIDENTIALITY AND DATA PROCESSING AGREEMENTS

​

11.1 Confidentiality and Non-Disclosure

During the course of our relationship with clients, both parties may exchange confidential business information, including but not limited to technical documentation, strategies, proprietary data, client lists, and internal communications (“Confidential Information”).

We fully commit to maintaining the confidentiality of such information and to:

• Not disclose Confidential Information to third parties without prior written consent, unless required by law.

• Use Confidential Information solely to fulfill our contractual obligations.

• Ensure that all employees, contractors, and partners with access to such information are bound by equivalent confidentiality obligations.

We are open to executing Non-Disclosure Agreements (NDAs), whether unilateral or mutual, and we recommend formalizing them before exchanging sensitive information.

​

11.2 Data Processing Agreements (DPAs)

If, in the course of providing our services, we process personal data on behalf of a client (e.g., during cloud migrations, platform administration, or analytics integrations), we are prepared to enter into a Data Processing Agreement (DPA) in accordance with applicable European Union legislation and required contractual standards.

Our standard DPA includes provisions regarding:

• Scope and duration of data processing.

• Categories of data and purposes of processing.

• Security measures and audit rights.

• Transparency and sub-processor obligations.

• Data breach notification procedures.

• Return or deletion of data upon service completion.

Clients requiring a customized DPA may contact our legal team at team@onewai.tech prior to the commencement of services.

​

12. CONTACT

If you have any questions regarding this Privacy Policy or our data processing practices, you may contact us at:

​

OnewAI

Valhalla Partners S.L.

C/ Los Gamos 3, Galapagar

28260 Madrid - España

​

Email: team @ onewai.tech