Privacy Policy

Plan de recuperación, Transformación y Resiliencia
Responsible for the treatment Orionis Smart Water Networks, S.L.U. («Orionis»)

Camiño dos Carreiros, 23 CP36214 Vigo (PONTEVEDRA)

More information in point 9


Purposes (a) For the provision of our services and the monitoring of the functioning of the contracted features.

(b) To send alarms and alerts configured through the portal and/or promotional emails about own products and services.

More information in point 2


Legitimizing bases (a)  Legitimate interests

(b) Consent

(c) Compliance with legal obligations

More information in point 2


Personal Information (a) Identifying details: full name, DNI;

(b) Contact information: telephone number, email address, postal address or mobile telephone number;

(c) Other information: name of the company where you work and position.

More information in point 1

Recipients (a)  Service providers and software developers

More information in point 4


International transfers Your Personal Data can be transferred to, stored, and processed in a country that does not provide an adequate protection level of personal data under European Union law. We will implement adequate guarantees (such as contractual commitments) to ensure that your data is properly protected.

More information in point 7


Rights Among others, the rights of access, rectification and deletion of personal data, the right to oppose the treatment of personal data and revoke you consent. In particular, you have the right to object to the processing of your personal data, at any time, when it is based on the legitimate interest of Orionis.

You can exercise your rights at any time by contacting us through, attaching a copy of your ID or equivalent identification document.

More information in point 3

Extended information We recommend that you read carefully the information explained below.


This Privacy Policy describes how Orionis Smart Water Networks, S.L.U. (“Orionis”, “We”) collects and treats your Personal Data, as well as the way in which we use and protect such information, as well as the rights you hold in relation to it. Orionis will collect and process the personal data in its capacity as data controller. You can contact us through:


Address: Camiño dos Carreiros, 23 CP36214 Vigo (Pontevedra)


This Privacy Policy is applicable to all personal data we collect about you in relation to use of the website or app, where we configure users who receive alarms and notifications configured for each of their equipment, related to the provision of contracted service. “Personal Data” means all information about an identified or identifiable natural person (“the interested party”): any person whose identity can be determined, directly or indirectly, in particular by means of an identifier, such as a name, an identification number, location data, an online identifier or one or more elements of the identity, will be considered identifiable elements of the physical, physiological, genetic, psychic, economic, cultural or social identity of the person.


  1. What Personal Data do we collect?

We will collect your Personal Data directly from the interested party or from the manager or representative (interlocutor) who has entrusted Orionis with the configuration and parametrization of alarms and Access to each of the users; either with the interested party or with a manager, there will always be a contractual relationship (verbal or written) that allows collecting this data in order to provide the service.  Personal data is obtained by phone or email, depending on the volume of the same. Please note that we must collect certain personal data by legal imperative, or as a consequence of the contractual relationship that we have entered with you. Refusal to provide such information may prevent or delay the fulfilment of such obligations. When collecting your personal data, we will inform you about the obligation to provide such data, as well as the consequences of not doing so.

1.1 Personal Data that you provide us directly

The categories of Personal Data that we will collect directly from you include:

(a) Identifying details: full name, DNI;

(b) Contact information: email, postal address or mobile phone number;

(c) Information that we collect automatically. You can find additional information about the use of Cookies and Identification Technologies in the Cookies Policy.

1.2 Personal information that you provide about third parties

When you provide Orionis with personal data, such as contact information or any other information relating to third parties, you will be directly responsible for informing those people about your rights and for obtaining your explicit consent, when necessary, with respect to the treatment (including transfers) of your personal data, as deemed necessary and in accordance with the relevant local legislation on data protection, as established in this policy.


  1. How and with what basis do we treat your Personal Data?

We use and treat the Personal Data that we collect about you for the purposes and with the legitimizing bases indicated below:

(a) We will treat your personal data based on our contractual relationship with you for the following purposes:

  • To provide contracted tele management services;
  • To send you communications necessary to fulfil our obligations to you;

(b) We will treat your personal data based on our legitimate interest for the following purposes:

  • Customize our services;
  • To monitor the service provided (tele-assistance);
  • To administer our website;
  • To resolve your inquiries and requests;
  • To protect the security and/or integrity of our website and IT infrastructure;
  • To understand how it makes use of our services, and that therefore allows us to improve and continue to develop the functionalities, performance and support available on our website, which may involve the provision of anonymous information of a statistical nature in relation to our visitors (without this information being used to identify a specific user);
  • As mentioned in Section 4 of this Privacy Policy, among others, for communications to any of our employees, agents, collaborators, who treat Personal Data for the purposes described in this Privacy Policy;
  • In order to allow third party service providers and suppliers hired by Orionis to Access personal data in order to provide us with the purposes described in this Privacy Policy;
  • For any communication to third parties, as necessary as part of due diligence processes in the context of corporate restructuring operations of which we are a party, in line with the provisions of Section 4 (d) of this Privacy Policy;

When Orionis treats Personal Data based on your legitimate interests, it will always perform a balance test in order to ensure that your interests or your fundamental rights and freedoms do not prevail over our legitimate interests, and will implement rigorous guarantees to ensure your privacy is protected accordingly.

(c) We will treat your Personal Data for the following purposes, provided you have given your prior consent:

  • To send you electronic bulletins (newsletters) and/or promotional emails about our own products and services, unless you expressly express your wish not to receive such commercial communications, or if it is not legally permitted to send them to you;
  • For any other purpose of which you are informed at the time you provide us with your personal data, as long as you have given us your prior consent for each particular treatment. For example, we will collect your consent to treat and use certain types of Personal Data when we are bound by Law (e.g. In relation to our direct marketing actions, cookies and Identification Technologies, or when we handle sensitive data). If we request your consent to process your Personal Data, you may revoke that consent at any time by contacting us through, attaching a copy of your ID or equivalent identification document.

(d) We will treat your Personal Data, likewise, in order to guarantee an optimal level of compliance with respect to the legal obligations in force to which Orionis is subject, as well as to cooperate with the regulatory authorities and the security bodies when necessary, as provided in Section 4 of this Privacy Policy:

  • To communicate your personal data, as well as other complementary information, in response to requests issued by the authorities and/or competent entities, as provide in the applicable legislation or by the agents of the security forces in the exercise of their functions.


  1. What rights do you have about your Personal Data?

You have certain rights in relation to your Personal Data, without prejudice to the provisions of local legislation. These rights include:

  • Know how we are treating your Personal Data and Access those Personal Data that Orionis has about you, depending on the case;
  • Request the correction of inaccurate or incomplete personal data;
  • Request the deletion of your Personal Data when these are no longer necessary for the purposes for which they were collected, in accordance with the applicable legislation;
  • Limit the processing of your Personal Data, under certain circumstances (in which case we will only treat the Personal Data for the exercise and/or the defense of the rights of Orionis);
  • Oppose the processing of your Personal Data, taking into account certain circumstances and for reasons related to your particular situation (in which case we will only treat the Personal Data for legitimate imperative reasons or for the exercise and/or defense of the rights of Orionis); This includes your right to object, at any time, for reasons related to your particular situation, to the processing of your Personal Data on the basis of our legitimate interests or that of a third party, in which case we will stop processing your Personal Data unless we can based on legitimate reasons for this.
  • Exercise your right to the portability of the data, which will allow you to receive and reuse the Personal Data in an electronic format usable for your own purposes and for different services without impediment to its use, including its transmission to a third party.
  • Revoke, at any time, the consent that has been given in relation to a specific treatment. We recommend that you contact us to update or correct your personal information as it changes, or if the Personal Data we have about you is inaccurate. Orionis is committed to protecting your Personal Data as set forth in Privacy Policy and by virtue of the applicable legislation If you wish to ask any questions or want to request additional information on how to exercise your rights, do not hesitate to contact us through, attaching a copy of your ID or equivalent identification document.


  1. How do we share your personal information and with whom?

Orionis will share your Personal Data with third parties in the following circumstances:

(a) Service providers and business partners. We will allow our service providers and commercial partners, who perform, among others, maintenance of the web service and other IT services, developers, legal and auditing, to access your Personal Data. For example, we partner with other companies to fulfil and optimize our services, as well as to offer support for web hosting services.

(b) Security forces, judges and courts, regulatory entities, government authorities or other competent third parties. We may share your Personal Data with these parties when we deem it necessary to comply with legal or regulatory obligation, or to protect in any other way our own rights as well as the rights of third parties.

(c) Asset and merger buyers. We will share your Personal Data with any third party that purchases, or to which we transfer, all or almost all our assets and businesses or those with which we carry out a merger, consolidation, integration or similar restructuring. In the event of such sale or transfer, we will use all reasonable efforts to ensure that the entity to which we transfer your Personal Data treats them in a manner consistent with this Privacy Policy. Since we operate with a Web portal that is hosted on virtual servers, these can be outside of your jurisdiction (or where we provide services), including third countries outside the European Union (“EU”) with respect to which is considered that do not provide an adequate level of protection of Personal Data. Please refer to the “International Data Transfers” section to expand this information.


  1. How do we protect your Personal Data?

We implement technical, organizational and contractual measures to guarantee a level of security appropriate to the risk for the Personal Data processed. These measures are intended to guarantee the continuous integrity and confidentiality of Personal Data. We evaluate these measures periodically in order to guarantee the safety of the treatment.



  1. How long do we keep your Personal Data?

We will keep your Personal Data for as long as the contractual relationship with you is maintained.

When this relationship ends, we will keep your Personal Data for a period that allows us to:

  • Maintain commercial records for analysis and/or audit purposes;
  • Comply with the conservation requirements established in the applicable regulations;
  • Defend or present any legal claim, both existing and potential; and
  • Process any claim related to services.

We will proceed to eliminate your Personal Data when it is no longer necessary for such purposes. In case there is information that, due to technical reasons, we can not completely eliminate from our systems, we will adopt the appropriate measures to prevent any additional treatment or use with respect to that data.


  1. International Data Transfers

Your Personal Data may be transferred to, stored, and processed in a country that does not provide an adequate level of protection of personal data under European Union law. We will implement, where appropriate, adequate guarantees (such as contractual commitments) in accordance with the applicable legal requirements, in order to guarantee that your data is adequately protected, based on the standard contractual clauses approved by the European Commission, which may consult in:

Decision 2004/915/CE (Controller-to-Controller)

Decision 2010/81/UE (Controller-to-Processor)

For more information about these appropriate guarantees, please contact us as indicated in this Policy.


  1. Contact us

Orionis is responsible for the processing of data in relation to the Personal Data that we collect and treat.

If you have questions or doubts about the treatment of your Personal Data, please contact

We are committed to work with you to obtain a fair resolution regarding any claim or doubt related to privacy. However, if you believe that we have not been able to help you with your claim or doubt, you have the right to file a claim with the data protection authority of Spain (Spanish Agency for Data Protection) through its website


  1. Changes to this Privacy Policy

You have the right to request a copy of this Privacy Policy using the contact information indicated above. This Privacy Policy is subject to change, as deemed necessary from time to time.

In case we modify this Privacy Policy, we will notify you of the changes. In those cases in which the changes to the Privacy Policy have a fundamental impact on the nature of the treatment, or in any other way have a substantial impact on you, we will notify you in advance so that you have the opportunity to exercise your rights (for example, among others, to oppose the treatment). Likewise, and to extent that Orionis relies on the consent to carry out any of its treatment activities, we will make sure to request your consent when the aforementioned changes could have a substantial impact on the treatment in question, before these changes become effective.