Privacy & Cookies Policy

Last Update: April 4, 2024.

This document explains our privacy and cookie policies.


1. Definitions

These definitions should help you understand the privacy and cookie policies described below.

GDPR” refers to the Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data.

LOPDGDD” refers to the Spanish Organic Law 3/2018 of 5 December 2018 on the Protection of Personal Data and Guarantee of Digital Rights whose objective is to adapt Spanish data protection regulations to the European GDPR.

including“, “includes” o similar words refer to matters which are included without limitation, in other words, that are not limited to any list provided.

Personal Data” means any information that identifies or can be used to identify an individual directly or indirectly, including, but not limited to, first and last name, identification number, date of birth, email address, gender, occupation, or other demographic information.

Websites” means all content included in our domains and

Services” refers to:

  • the online WordPress products, including the plugins Nelio A/B Testing, Nelio Content, Nelio Unlocker Importer, Nelio Popups, Nelio Forms and the plugins published by Nelio in the plugin Directory.
  • Unlocker platform, and
  • any information or support related to them we provide to bloggers and business to improve their website and better promote their content.

Premium Services” means the Services that are offered upon payment.

Channels” means the various means by which we may collect information including our Websites, the Services, social media pages, HTML-formatted e-mail messages and through offline sales and marketing activities.

we,” “us,” “our,” and “Nelio” refer to Nelio Software S.L., a company governed by Spanish law (without application of conflict of law rules).

Website Visitor” refers to anyone visiting our Websites.

User” refers to the person or entity that uses our Services. They may have downloaded and installed a free version of one of our plugins, have created an account in the Nelio Unlocker platform, or have subscribed to or purchased a Premium Service.

you” refers to Website Visitors or Users.

2. Updates and Modifications

Nelio’s services and business may change over time, and we may revise this Privacy Policy & Cookies at any time and from time to time. The most recent version of the Privacy Policy is reflected by the version date located at the beginning of this Privacy Policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this Privacy Policy or other notice on the Website. We encourage you to review this Privacy Policy often to stay informed of changes that may affect you, as your continued use of the Website signifies your continuing consent to be bound by this Privacy Policy.

Privacy Policy

3. Basic Information on Data Protection

At Nelio, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our Services. This privacy policy applies to all data we have collected or collect in connection with you, and in accordance with our Terms and Conditions and Data Processing Agreement. By using the Channels, you are accepting the practices described in this Privacy and Cookie Policy.

4. Responsible for the Treatment

We inform you that the data you provide us by any means (website or email) are treated confidentially and are incorporated into the corresponding processing activity owned by Nelio Software. S.L.

Identity: Nelio Software, S.L.
European Tax Identification Number: ESB66034794
Address: C/ Pomaret 83, 08017 Barcelona

5. What Information do we Collect or Maintain

We collect two types of information: personally-identifiable and non-personally identifieable to operate effectively. 

Information You Explicitly Give Us

We receive and store any information you enter on our Website or give us in any other way through a direct interaction with us which includes:

  • Your email when you subscribe to our newsletter.
  • Your name and email when you post a comment on our blog posts.
  • Your name and email when you contact us through our contact forms.
  • Your name, email, postal address, telephone number and your company when you subscribe to or purchase our Premium Services.
  • Your name and email when you download and subscribe to our free services.
  • Your name and email when you create an account in our Nelio Unlocker platform.
  • Your name, email, postal address, telephone number and your company when you request to join our Affiliation Programs.
  • The Personal Data you provide us when you send us an email or contact our service support.

Note that we do not collect any payment information when you subscribe to or purchase one of our Premium Services. We have an agreement with FastSpring as reseller of our Premium Services. See the section Third-party Providers below for more information.

Publicly Available Data or Data from other Sources

We may also store certain information from automated interactions on websites other than Nelio’s or other data you may have made publicly available. This information may include:

  • Your name or WordPress username, for example, when you participate in WordPress support forums.
  • Your name, your social account, and Personal Data that is public on that account when providing a rate review or participating on social media (for example, the WordPress Plugin Directory, Facebook, Twitter, LinkedIn, Google+, Reddit or Instagram).

Information We Collect Automatically

When you use the Services or browse our Websites, we may collect information about your visit to our Websites, your usage of the Services, and your web browsing. That information may include:

  • Your Internet Protocol (IP) address used to connect your computer to the Internet and may identify your general geographic location or company.
  • Your computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform.

We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below, and in more detail in the Cookies & Other Tracking Technologies section below.

6. Purposes of Treatment

We may use and disclose Personal Data only for the following purposes:

(a) To allow you to subscribe to or purchase our Premium Services.

(b) To allow you to register in our Nelio Unlocker platform.

(c) To provide, support, and improve the Services we offer, as well as to improve customer relationships. This includes our use of the data that our Users provide us in order to enable our Users to use the Services. This also includes, for example, aggregating information from your use of the Services or visit our Websites and sharing this information with third parties to improve our Services. This might also include sharing your information or the information you provide us with third parties in order to provide and support our Services or to make certain features of the Services available to you. When we do have to share Personal Data with third parties, we take steps to protect your information by requiring these third parties to enter into a contract with us that requires them to use the Personal Data we transfer to them in a manner that is consistent with this policy.

(d) To notify you about new product releases and service developments, and to advertise Nelio’s products and services in accordance with this policy. Your website visit, marketing experience, and communications may be tailored to your interests based on your Personal Data. Nelio may also use Personal Data in order to respond directly to your information requests (including newsletter registrations or other specific requests), or pass your contact information to Nelio’s reseller for further follow-up related to your interests.

(e) To interact with you on third party social networks, which would be subject to that network’s privacy policies and terms of use.

(f) To post public testimonials on our Websites or social networks. If you wish to update or delete your testimonial, you may contact us to the contact address indicated above.

(g) To provide suggestions to you and adapt our Services and Websites. This includes keeping track of shopping cart additions, preserving order information between sessions, and presenting marketing campaigns. For more information about our use of cookies and other tracking technologies for this purpose, and instructions about how to opt out of having data collected through the use of cookies, please see the Cookies & Other Tracking Technologies below.

(h) Track and evaluate our marketing campaigns, including online advertising and e-mail marketing campaigns.

(i) To become a member of our affiliation program.

(j) To contact third parties referred by you through our affiliation program. If you select to use our affiliation program to inform a third-party about our Services, we will then send the third party a one-time contact related to your referral request. We only use the Personal Data you provide us in this situation to send the one-time contact and tracking the success of our affiliation program. The third party may contact us through their inquiry form to be removed from the affiliation program.

(k) To communicate with you about a conference or event hosted, co-sponsored or participated by us, including information about the event’s content, logistics, payment, updates, and any additional meetings, special demonstrations or other customer facilitation. After the event, we may contact you about the event and related products and services, and may share information about your attendance with your company (if any).

(l) To share Personal Data with third parties who provide services to us, provided that the third party has executed any data processing documentation required by law.

(m) To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.

(n) To transfer your information in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.

We use your personal information only as permitted by law. The legal basis for processing your data, in compliance with the LOPDGDD, is the following:

  • Contract: We have a contract (by means of a purchase or subscription) with you and it is necessary to process your personal information to perform our contract with you, including to provide you with the benefits of our Services and operate our business.
  • Consent: when you agree that we can use your personal data in a particular way, as for example, you have opted in to receive marketing communications from us.
  • Legal obligation: to comply with legal requirements, including applicable laws and regulations.
  • Legitimate interest: when we may collect information about your visit to our Websites, your usage of the Services, and your web browsing to improve your experience in ways you would reasonably expect, and which have a minimal privacy impact.

8. Accuracy and Data Retention

We take reasonable business measures in compliance with laws to keep your Personal Data accurate and up to date, to the extent that you provide us with the information we need to do so. If your Personal Data change (for example, if you have a new email address), then you are responsible for notifying us of those changes.

We will retain the following data:

(a) Disaggregated data: Disaggregated data will be retained without a deadline for deletion.

(b) Subscribers and purchasers data: During the time your account is active or as long as needed to provide you with our Premium Services in accordance with our Terms and Conditions. In any case, it will be the minimum necessary from time to time, currently subject to certain statutes of limitation terms:

  • 4 years: Law on Infringements and Sanctions in the Social Order (obligations regarding affiliation, registration, cancellation, contribution, payment of salaries…); Art. 66 ff. General Tax Law (Accounting Books…);
  • 5 years: Art. 1964 Civil Code (personal actions without special time limit)
  • 6 years: Art. 30 Commercial Code (Accounting Books, invoices…)
  • 10 years: Art. 25 of the Prevention of Money Laundering and Financing of Terrorism Act.

Once you have cancelled all subscriptions to our Services, you will be able to:

  1. Maintain the consent to develop commercial actions: we will treat your data for the commercial actions you have consented to. We will consider that you have chosen this option if you do not expressly revoke your consent.
  2. Revoke consent for commercial purposes: we will cancel your data by blocking it.

We will keep your data blocked for the periods provided for in the applicable provisions or, where appropriate, in the contractual relations maintained with Nelio, proceeding to the physical deletion of your data after the expiry of these periods.

(c) Newsletter subscribers’ details: From the moment the user subscribes to the newsletter until the subscription is ceased.

(d) User data uploaded by Nelio to pages of Websites and profiles on social networks: From the moment the user offers consent until it withdraws it.

9. Data We Share and Disclose to Third Parties

We do not sell or disclose your Personal Data to anyone for marketing or advertising purposes.

We may share your Personal Data with our third party Service Providers, who help us provide and support our Services, such as credit card processing services, order fulfilment, analytics, event or campaign management, websites management, information technology and related infrastructure provision, customer service, e-mail delivery, auditing, and other similar services.

We follow strict criteria for the selection of service providers in order to comply with our data protection obligations. As data processors, these service providers have committed themselves to comply with the applicable data protection regulations at the time of their contracting.

We may disclose your personal data as we believe to be necessary or appropriate:

  • under applicable law, including laws outside your country of residence;
  • to comply with legal process;
  • to respond to requests from public and government authorities, including public and government authorities outside your country of residence;
  • to enforce Nelio’s terms and conditions, which are subject to this private policy; and
  • to allow us to pursue available remedies or limit the damages that we may have.

Additionally, in the event of a reorganization, merge, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Nelio’s business, assets or stock (including in connection with any bankruptcy or similar proceedings), we may transfer the Personal Data it has collected to the relevant third party.

10. Your Rights – Communication and Support

You may send a written communication to us, through the contact form in our Website, or to the e-mail address to request the exercise of the following rights:

  • Request access to any Personal Data we may have about you.
  • Request rectification (if incorrect) or deletion of your Personal Data.
  • Request the limitation of their treatment, in which case they will only be kept by Nelio for the exercise or defense of claims.
  • Oppose the processing. Nelio will no longer process the Personal Data in the manner you indicate, unless for compelling legitimate reasons or the exercise or defense of possible claims they have to be further processed.
  • Request data portability. In the event that you wish your Personal Data to be processed by another company, Nelio will provide you with the portability of your data to the new data controller.

We will provide you with access to any Personal Data we hold about you within 30 days of your request for such information. There is no cost for an individual to access or update their Personal Data.

How to File a Complaint with the Supervisory Authority. If you believe that there is a problem with Nelio’s processing of your Personal Data, you may direct your complaints to Nelio (as indicated above) or to the appropriate Data Protection Authority, being the Spanish Data Protection Agency the one indicated in the case of Spain.

11. Notice to Visitors of Your Websites

When you use our Services as part of your own websites and services, you may collect information from your visitors using our services, but you remain responsible for their own privacy and security practices. We are not responsible for your privacy and security practices, which may differ from ours.

Our Data Processing Agreement is the document under the GDPR that outlines the responsibilities and obligations of both, you, the data controller and, us, the data processor for processing your visitors information.

12. Children’s Privacy

In accordance with our Terms and Conditions, our Website and Services are intended for use by persons who have reached the age of majority or can enter into legally binding agreements in their country. If you are a minor, you should ask your parent or guardian to use the Web Site for you.

Our goal is to comply with applicable laws and regulations relating to collection and use of information from children as such term is defined by applicable laws. If you believe that we have received information from a child or other person protected under such laws, please notify us immediately by postal mail or to the e-mail address indicated in the heading of this legal notice, and we will take reasonable steps to remove that information from our databases.

13. Notice of Breach of Security

We take reasonable and appropriate measures to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Data.

Our Websites feature SSL TLS v.1.2 encryption that allows for the secure submission of Personal Data through standard contact forms, which are stored at our Web Hosting Service Provider.

If a security breach causes an unauthorized intrusion into our system that materially affects you, then we will notify you as soon as possible (in the event of a breach being detected, Nelio undertakes to inform users within 72 hours) and later report the action we took in response.

We use FastSpring as the reseller of our services. Therefore, all payments for the services will be done through FastSpring. FastSpring, uses security measures to protect your information both during the transaction and after its completion. They are a United States-based seller of digital goods specialized in safe and secure Internet sales, compliant with PCI and that employs Verisign SSL Certificates.

At Nelio we respect your privacy. Through our Websites we do not collect or process any personal data, except for the data collected through contact and/or purchase forms and cookies, as explained below.

Please note that our Websites may contain links to other websites of other related companies or social media. When you click on a link to another website of the Website or related third parties, please remember that these sites have their own privacy policy. Please familiarize yourself with their privacy policy before using these websites. We assume no responsibility or liability whatsoever for third party websites linked to our Websites.

15. Does Nelio Use Cookies and Other Tracking Mechanisms?

Yes. Nelio uses cookies and similar technologies like single-pixel gifs and web beacons. We use both session-based and persistent cookies. We set and accesses our own cookies on our Website. In addition, we use third-party cookies, like Google Analytics’. To learn more about cookies, visit this site.

We may use cookies to recognize you when you visit a domain we operate or when you use our Services, and also for us to remember:

  • your display preferences, including your selected language,
  • if you have already replied to a survey pop-up that asks you to subscribe to our Newsletter (so you won’t be asked again),
  • if you have agreed (or not) to our use of cookies on that site,
  • the service you subscribe to perform the checkout with our reseller.

We also use cookies to measure the traffic and performance of our Website’s pages.

16. What Types of Cookies Do We Have?

Depending on who sends the cookies and treats the data obtained, the cookies we use may be:

(a) Own Cookies: These are cookies sent to your terminal from a computer or domain managed by us (and from which the service requested by you is provided). For example, we have defined and own certain cookies that are used to run A/B tests and heatmaps experiments and to track visitor information. See the Nelio A/B Testing Cookies section for further details.

(b) Third party cookies: These are cookies sent to your terminal from a computer or domain that is not managed by us, but by another entity that processes data obtained through cookies. For example, we use Google Analytics cookies to measure the traffic in our Websites or MailChimp cookies to see the openings and clicks of our Newsletter emails, or YouTube cookies to record user viewing preferences. See the Third Party Service Providers section below for more details.

17. How You Can Control or Delete Cookies

This web includes a system of configuration of cookies so that in the first visit to the web you can explicitly accept or reject the use of own and third party cookies.

You can control and/or delete cookies as you wish – for details, see You may delete all cookies that are already in your computer and you may set most browsers to prevent cookies from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

Browser manufacturers provide help for cookie management in their products. Please see below for more information.

For other browsers, please consult the documentation that your browser manufacturer provides.

Third Party Service Providers

To be transparent and provide you with the maximum information about who our third party service providers are, we list below the ones that may keep Personal Data and what information they keep.

As data processors, our providers have undertaken to comply with the applicable data protection regulations at the time of their contracting. With all of them Nelio has signed a Data Processing Addendum (DPA) as an additional means of meeting the adequacy and security requirements under the GDPR.

Sub-Processor NamePurpose of ProcessingLocation of Processing
Amazon Web Services (AWS)Cloud computing platform as the backend of our services (SOC 1, SOC 2, SOC 3, ISO/IEC 27001, 27017, 27018, 27701 Certified)Ireland
FastSpringReseller of our servicesUSA
Freshdesk Support DeskTicketing and help desk service (SOC 2, VAPT, ISO 27001 and 27701 Certified)Global
Google WorkspaceBusiness suite for communication, storage and collaboration (SOC 2, SOC 3, ISO/IEC 27001, 27017, 27018, and 27701, ENS Spain, MTCS, GNS Portugal, Certified)Europe
Google AnalyticsTo collect and receive website analytics (ISO/IEC 27001 Certified)Global
Intuit MailchimpTo deliver our newsletters and other email communications (SOC 2, SOC 3, ISO/IEC 27001 Certified)Global
SiteGroundOur website hosting (TLS v.1.2 SSL encryption)Global