Privacy Policy
Highway Mobile
Operated by ORION INTECH SL
Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
Tax ID: B19881432
Email: hello@highwaymobile.eu
Effective Date: October 17, 2025
Highway Mobile ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile telecommunications services (the "Services"), including our website, mobile applications, and any related products or services provided by ORION INTECH SL in the European Union (EU), particularly in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable national laws in Spain, such as the Organic Law on Data Protection and Guarantee of Digital Rights (LOPDGDD).
By using our Services, you consent to the practices described in this Policy. If you do not agree, please do not use our Services.
1. Data Controller
The data controller responsible for your personal data is:
ORION INTECH SL
Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
Tax ID: B19881432
Email: hello@highwaymobile.eu
You can contact our Data Protection Officer (DPO) at the same email address for any privacy-related inquiries.
2. Information We Collect
We collect information in the following ways:
2.1 Information You Provide Directly
- Personal Details: Name, address, email address, phone number, date of birth, and identification documents (e.g., ID card or passport) when you register for Services, create an account, or contact customer support.
- Payment Information: Billing details, including bank account (e.g., IBAN: ES11 2100 5129 4102 0005 3322) or credit card information for processing payments. We do not store full payment card details; these are handled by certified payment processors compliant with PCI DSS.
- Communications: Records of your interactions with us, such as emails, chat logs, or call recordings for customer service.
2.2 Information Collected Automatically
- Usage Data: Details about your use of Services, including call logs, SMS/MMS records, data usage, IP addresses, device identifiers (e.g., IMEI, IMSI), location data (from cell towers or GPS if enabled), and browsing history on our apps or website.
- Device Information: Type of device, operating system, browser type, and network information.
- Cookies and Similar Technologies: On our website and apps, we use cookies to enhance user experience, analyze traffic, and personalize content. You can manage cookie preferences via your browser settings.
2.3 Information from Third Parties
- Credit Checks: From credit reference agencies for eligibility assessments.
- Partners and Affiliates: Data from roaming partners, device manufacturers, or marketing partners (with your consent where required).
- Public Sources: Information from public registers for fraud prevention or compliance.
We only collect data necessary for providing telecommunications services as an electronic communications provider under the EU ePrivacy Directive (2002/58/EC, as amended).
3. How We Use Your Information
We process your personal data for the following purposes, based on legal bases under GDPR (Article 6):
- Contract Fulfillment (Art. 6(1)(b) GDPR): To provide and manage Services, including activation, billing, network access, and customer support.
- Legal Obligations (Art. 6(1)(c) GDPR): Compliance with laws, such as tax reporting, anti-fraud measures, law enforcement requests (e.g., data retention under EU Directive 2006/24/EC or national equivalents), and telecommunications regulations by bodies like the Spanish Data Protection Agency (AEPD) or CNMC (Comisión Nacional de los Mercados y la Competencia).
- Legitimate Interests (Art. 6(1)(f) GDPR): Network security, fraud detection, service improvements, and internal analytics (balanced against your rights).
- Consent (Art. 6(1)(a) GDPR): For marketing communications, personalized offers, or location-based services. You can withdraw consent at any time.
- Vital Interests or Public Tasks: Rarely, for emergency services (e.g., sharing location data with authorities in life-threatening situations).
Special categories of data (e.g., health data via emergency calls) are processed only where strictly necessary and under GDPR Article 9.
Traffic data (e.g., call metadata) is retained for billing and interconnection payments for up to 12 months, as per Spanish law (Law 25/2007 on data retention). Content data is not accessed unless required by law.
4. Sharing Your Information
We share data only when necessary:
- Service Providers: With subcontractors (e.g., billing processors, cloud hosts like AWS in the EU, network operators) bound by data processing agreements (GDPR Art. 28).
- Roaming Partners: International operators for global coverage, ensuring GDPR-equivalent protections via standard contractual clauses (SCCs).
- Legal Requirements: To authorities, courts, or regulators (e.g., for law enforcement under a valid warrant).
- Business Transfers: In case of merger, acquisition, or sale, with notice to you.
- Affiliates: Within ORION INTECH SL for operational purposes.
We do not sell your personal data. Transfers outside the EEA (e.g., to non-EU roaming partners) use SCCs or adequacy decisions (GDPR Chapter V).
5. Data Security
We implement appropriate technical and organizational measures to protect your data, including encryption (e.g., TLS for transmissions), access controls, firewalls, and regular audits. In case of a data breach, we will notify you and the AEPD within 72 hours if required (GDPR Art. 33-34).
6. Data Retention
- Billing and contract data: Up to 6 years for tax purposes (Spanish Civil Code).
- Traffic data: 12 months for electronic communications (Law 25/2007).
- Marketing data: Until consent withdrawal.
- We delete or anonymize data when no longer needed.
7. Your Rights Under GDPR
As an EU resident, you have rights (GDPR Chapter III):
- Access: Request a copy of your data.
- Rectification: Correct inaccurate data.
- Erasure ("Right to be Forgotten"): Delete data where applicable.
- Restriction: Limit processing.
- Portability: Receive data in a machine-readable format.
- Objection: Object to processing based on legitimate interests or marketing.
- Automated Decisions: Not to be subject to solely automated decisions with legal effects.
Exercise rights by emailing hello@highwaymobile.eu. We respond within 1 month (extendable to 3 months for complexity). Complaints can be lodged with the AEPD (www.aepd.es) or your local supervisory authority.
For location data or direct marketing via calls/SMS, you have opt-out rights under ePrivacy rules.
8. Children's Privacy
Our Services are not intended for children under 14 (or 13 in Spain for consent). We do not knowingly collect data from children without parental consent. If discovered, we delete it promptly.
9. International Users
Services are provided in the EU/EEA. If accessing from outside, you consent to data transfer to Spain, governed by GDPR standards.
10. Changes to This Policy
We may update this Policy. Changes will be posted on our website with the new effective date. Continued use constitutes acceptance. Significant changes will be notified via email or app notification.
11. Contact Us
For questions:
Email: hello@highwaymobile.eu
Address: Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
This Policy is governed by Spanish law. Last updated: October 17, 2025.
Operated by ORION INTECH SL
Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
Tax ID: B19881432
Email: hello@highwaymobile.eu
Effective Date: October 17, 2025
Highway Mobile ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile telecommunications services (the "Services"), including our website, mobile applications, and any related products or services provided by ORION INTECH SL in the European Union (EU), particularly in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable national laws in Spain, such as the Organic Law on Data Protection and Guarantee of Digital Rights (LOPDGDD).
By using our Services, you consent to the practices described in this Policy. If you do not agree, please do not use our Services.
1. Data Controller
The data controller responsible for your personal data is:
ORION INTECH SL
Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
Tax ID: B19881432
Email: hello@highwaymobile.eu
You can contact our Data Protection Officer (DPO) at the same email address for any privacy-related inquiries.
2. Information We Collect
We collect information in the following ways:
2.1 Information You Provide Directly
- Personal Details: Name, address, email address, phone number, date of birth, and identification documents (e.g., ID card or passport) when you register for Services, create an account, or contact customer support.
- Payment Information: Billing details, including bank account (e.g., IBAN: ES11 2100 5129 4102 0005 3322) or credit card information for processing payments. We do not store full payment card details; these are handled by certified payment processors compliant with PCI DSS.
- Communications: Records of your interactions with us, such as emails, chat logs, or call recordings for customer service.
2.2 Information Collected Automatically
- Usage Data: Details about your use of Services, including call logs, SMS/MMS records, data usage, IP addresses, device identifiers (e.g., IMEI, IMSI), location data (from cell towers or GPS if enabled), and browsing history on our apps or website.
- Device Information: Type of device, operating system, browser type, and network information.
- Cookies and Similar Technologies: On our website and apps, we use cookies to enhance user experience, analyze traffic, and personalize content. You can manage cookie preferences via your browser settings.
2.3 Information from Third Parties
- Credit Checks: From credit reference agencies for eligibility assessments.
- Partners and Affiliates: Data from roaming partners, device manufacturers, or marketing partners (with your consent where required).
- Public Sources: Information from public registers for fraud prevention or compliance.
We only collect data necessary for providing telecommunications services as an electronic communications provider under the EU ePrivacy Directive (2002/58/EC, as amended).
3. How We Use Your Information
We process your personal data for the following purposes, based on legal bases under GDPR (Article 6):
- Contract Fulfillment (Art. 6(1)(b) GDPR): To provide and manage Services, including activation, billing, network access, and customer support.
- Legal Obligations (Art. 6(1)(c) GDPR): Compliance with laws, such as tax reporting, anti-fraud measures, law enforcement requests (e.g., data retention under EU Directive 2006/24/EC or national equivalents), and telecommunications regulations by bodies like the Spanish Data Protection Agency (AEPD) or CNMC (Comisión Nacional de los Mercados y la Competencia).
- Legitimate Interests (Art. 6(1)(f) GDPR): Network security, fraud detection, service improvements, and internal analytics (balanced against your rights).
- Consent (Art. 6(1)(a) GDPR): For marketing communications, personalized offers, or location-based services. You can withdraw consent at any time.
- Vital Interests or Public Tasks: Rarely, for emergency services (e.g., sharing location data with authorities in life-threatening situations).
Special categories of data (e.g., health data via emergency calls) are processed only where strictly necessary and under GDPR Article 9.
Traffic data (e.g., call metadata) is retained for billing and interconnection payments for up to 12 months, as per Spanish law (Law 25/2007 on data retention). Content data is not accessed unless required by law.
4. Sharing Your Information
We share data only when necessary:
- Service Providers: With subcontractors (e.g., billing processors, cloud hosts like AWS in the EU, network operators) bound by data processing agreements (GDPR Art. 28).
- Roaming Partners: International operators for global coverage, ensuring GDPR-equivalent protections via standard contractual clauses (SCCs).
- Legal Requirements: To authorities, courts, or regulators (e.g., for law enforcement under a valid warrant).
- Business Transfers: In case of merger, acquisition, or sale, with notice to you.
- Affiliates: Within ORION INTECH SL for operational purposes.
We do not sell your personal data. Transfers outside the EEA (e.g., to non-EU roaming partners) use SCCs or adequacy decisions (GDPR Chapter V).
5. Data Security
We implement appropriate technical and organizational measures to protect your data, including encryption (e.g., TLS for transmissions), access controls, firewalls, and regular audits. In case of a data breach, we will notify you and the AEPD within 72 hours if required (GDPR Art. 33-34).
6. Data Retention
- Billing and contract data: Up to 6 years for tax purposes (Spanish Civil Code).
- Traffic data: 12 months for electronic communications (Law 25/2007).
- Marketing data: Until consent withdrawal.
- We delete or anonymize data when no longer needed.
7. Your Rights Under GDPR
As an EU resident, you have rights (GDPR Chapter III):
- Access: Request a copy of your data.
- Rectification: Correct inaccurate data.
- Erasure ("Right to be Forgotten"): Delete data where applicable.
- Restriction: Limit processing.
- Portability: Receive data in a machine-readable format.
- Objection: Object to processing based on legitimate interests or marketing.
- Automated Decisions: Not to be subject to solely automated decisions with legal effects.
Exercise rights by emailing hello@highwaymobile.eu. We respond within 1 month (extendable to 3 months for complexity). Complaints can be lodged with the AEPD (www.aepd.es) or your local supervisory authority.
For location data or direct marketing via calls/SMS, you have opt-out rights under ePrivacy rules.
8. Children's Privacy
Our Services are not intended for children under 14 (or 13 in Spain for consent). We do not knowingly collect data from children without parental consent. If discovered, we delete it promptly.
9. International Users
Services are provided in the EU/EEA. If accessing from outside, you consent to data transfer to Spain, governed by GDPR standards.
10. Changes to This Policy
We may update this Policy. Changes will be posted on our website with the new effective date. Continued use constitutes acceptance. Significant changes will be notified via email or app notification.
11. Contact Us
For questions:
Email: hello@highwaymobile.eu
Address: Avenida Las Adelfas, 16 - Loc IV, 03189 Orihuela, Spain
This Policy is governed by Spanish law. Last updated: October 17, 2025.