Holded's privacy policy follows international data protection legislation. In addition, Holded intends to inform the user through this document of their rights and obligations regarding the privacy of their data, in addition to explaining the reasons for the storage and use of the data.

Data collected by Holded

Holded collects all the information entered in the application by the user and stores it on their own servers or on the servers of the Holded storage provider. Being a Cloud service, server storage is a requirement for the operation of the application , That is why the user accepts this fact.

Holded classifies data into two categories: user data and account data. The user data includes the user name and personal data, as well as photographs or other documentation that the user chooses to upload to the application in the account information part and the contact information. The account data are those related to the business account created by the user, in any of its different forms: Autonomous, Civil Society Personal or Limited Partnership, which includes billing information, expenses, contacts, workers and products.

Finally, Holded collects data from the connection device through cookies. The user can deactivate the cookies in his browser so that Holded does not collect such information in case the user wants it to be so. This information is used to perform navigation studies and access to the application, as well as the use of it. The navigation information includes the type of device and its characteristics, location and connection times.

Data shared by user

Many of our services allow you to share information with other users. Remember that when you share information publicly, it can be indexed by search engines. Our services provide you with different options on how to share and delete your content. How to access your personal data and update them whenever you use our services, our goal is to provide access to your personal information. If that information is not correct, we strive to provide you with ways to eliminate or update it quickly, unless we have to maintain that information for legitimate business or legal reasons. By updating your personal information, we may ask you to verify your identity so we can process your request.

We may reject requests that are more repetitive than reasonable, requiring a disproportionate technical effort (for example, developing a new system or radically changing an existing practice) that endanger the privacy of other users or are not at all practical (For example, requests that refer to information stored in backup systems). When we can offer you the possibility to access your personal data and modify them, we will do it for free, unless it requires a disproportionate effort.

By providing our services, we will protect your data so that they can not be accidentally or intentionally disposed of. For this reason, even if you delete your data from our services, we may not immediately destroy the residual copies stored on our active servers or the data stored in our security systems.

Access and modification of user data

The user can modify at any time his user data or the accounts of which he owns. Holded does not store the modified information, so that once the user modifies or deletes the information, he will lose it forever within the application.

The data we share

We do not share personal information with companies, organizations or individuals that are not related to Holded, unless any of the following circumstances apply:

  • Consent: We will share your personal information with companies, organizations or individuals outside of Holded when you have given us your consent to do so. Your consent will be required to share specially protected personal data.
  • External Treatment: We provide personal information to our affiliates or other persons or companies of confidence to carry out their processing by Holded, following our instructions and in accordance with our Privacy Policy, and taking other appropriate security and confidentiality measures.
  • Legal reasons: We will share your personal data with companies, organizations or individuals outside of Holded if we consider in good faith that there is a reasonable need to access, use, retain or disclose such information in order to: comply with any requirement under applicable legislation or regulations; Comply with the provisions of the current Conditions of Service, including investigating possible infringements, detecting or preventing any fraud or technical or security incidents, or otherwise dealing with them, protecting the rights, property Or the security of Holded, our users or the general public to the extent required or permitted by applicable law.

Data security

For Holded, security is the most important thing. Currently the data storage service is done through specialized providers with security certificates and anti hacking systems. Holded has decided to outsource storage to ensure the vendor meets the highest security standards, at levels that Holded could not offer on its own storage servers.

We endeavor to protect Holded and our users from any unauthorized modification, disclosure or destruction of the data we hold or unauthorized access to them. In particular: We encrypt many of our services through the SSL protocol. We review our policy on data collection, storage and processing, including physical security measures, to prevent unauthorized access to our systems. We limit the access of Holded contractors, agents and employees to the personal information they must process for Holded and we ensure that they comply with strict contractual confidentiality obligations and are subject to the relevant disciplinary conditions or dismissal if they fail to comply Such obligations. When this Privacy Policy applies Our Privacy Policy applies to all services offered by Holded and its affiliates, including Holded, but excludes services that are subject to independent privacy policies that do not incorporate this Privacy Policy.

Application of the privacy policy

Our Privacy Policy applies to all services offered by Holded and its affiliates, including Holded, but excludes services that are subject to independent privacy policies that do not incorporate this Privacy Policy.

Law compliance

At Holded we verify compliance with our Privacy Policy on a regular basis. We also adhere to different self-regulation codes. In the event that we receive a formal written complaint, we will contact the person who made it to follow up on it. We will work with the relevant regulatory authorities, including local data protection authorities, to resolve any claims related to the transfer of personal data that we have not been able to resolve directly with the user.


Our Privacy Policy may be modified at any time. We will not limit your rights under this Privacy Policy without your express consent. We will post all modifications to this Privacy Policy on this page and, if significant, we will make a more noticeable notification (for example, we will send you an email notification if the modification affects certain services). In addition, we will archive the previous versions of This Privacy Policy so that you can consult them.