Privacy policy

First things first: your privacy matters to us. We know how important privacy is to you; both in terms of your own private personal information and that of your contacts. Privacy is also of the utmost importance to us at upRing. We want our users to truly benefit from upRing’s unique and superior value proposition. We have designed and developed upRing from scratch with privacy in mind. We fully endorse digital ethics and data protection regulations and are committed to defending these rights. We are confident that you will recognize our efforts throughout the Application and as you read through this Privacy Policy Statement described in detail below.

Please read our Privacy Statement carefully, which provides product-specific details and additional information regarding:

  • Your rights;
  • The use of the Application or the website prior to providing any personal data;
  • The use of the Application or the website after providing personal data and after granting us access to your digital information sources; and
  • Our privacy practices and security measures guaranteeing protection and integrity of your data;

so that the consent prior to the submission of data on your part may be duly substantiated.

Use of the Application or web page as well as the provision of any Personal Data or consent on your part, explicitly implies your knowledge and acceptance of the terms described below in our Privacy Policy as well as those contained in our Terms and Conditions.

All this pursuant to General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council, of 27 April 2016, with regard to the processing of personal data and on the free movement of such data (the “European Regulation of Data Protection” or RGPD”), beClocked SL informs Users of upRing (hereinafter, the Application), of the processing of personal data, which they voluntarily provide during the process of registration, access and while using the service.

Therefore, any user who wants information, must necessarily mark the option, read and accept the website’s Privacy Policy, the Terms and Conditions and the cookies policy.


BECLOCKED SL is the entity responsible for processing the data provided by customers of the Application (hereinafter, the Users). BECLOCKED SL (hereinafter, the “Data Controller” or “beClocked”) is a mercantile company incorporated under the laws of Spain, bearing CIF/NIF no. B-88160361 and with offices at Irún 23, 28008 Madrid, Spain and registered with the Business Registry of Madrid under Volume 38003, Folio 91, Section 8, Sheet M-676659, Entry 1, beClocked is the owner and developer of upRing.


Consistent with the digital ethics principle that we endorse, upRing minimizes the amount of Personal Data that it collects. Personal Data (or “Information”) refers to information that specifically identifies a particular user.  upRing operates under the following technical principles which are designed to restrict our access to Personal Data while at the same time guaranteeing the correct functioning of the Application:

  • Your contacts only in your device: Your contact list only resides inside your device. What this means to you as a User:
    • When you grant upRing access to your native digital contact database, you are not giving us permission to extract or copy your contacts’ information outside your device; you are only allowing upRing to create a copy of your database in your own device and to synchronize any changes between upRing’s database and your native digital contact database according to the chosen synchronization setting.
    • Your contact list remains only in your device and not in our servers. This results in the highest level of privacy and safety available to you
    • Why do we initially duplicate your native digital contacts database? Operating on a specific upRing contact database allows us to offer you many of the features included in the upRing App while guaranteeing maximum levels of safety and control (e.g. allowing you to roll back your native digital contact database to the way it was before you started using upRing).
  • Device-to-device communication: Data exchanges between users are not stored on our servers. They are delivered directly whenever the cell phone devices involved are reachable simultaneously. In addition, all exchanges are encrypted end-to-end. What this means to you as a user:
    • When you decide to share one of your Cards with one or more Contacts (or when you request a Card with updated information), the only information you provide us (and therefore flows outside your device into our servers) is your name and either:
      • the email and/or cell phone number of the contact(s) with whom you want to share your Card (in the event that you and your contact(s) have not previously exchanged information via upRing),
      • the contact’s ID (in the event that you and your contact(s) have previously exchanged information via upRing)
    • Why do you need to provide us with the email addresses and cell phone numbers of contacts you want to reach for first time? By providing this information, we can confirm if the contact has previously verified those email addresses or cell phone numbers in order to facilitate the exchange of information between your devices. If they have been verified, your contact will receive your communication in-app. Otherwise, your contact will receive a private link via email and/or SMS that will direct them to upRing to establish a private and device-to-device communication. We may use internationally reputed third-party providers to deliver these email and SMS communications.
    • Please note that we also use unverified contact information to avoid spam. By keeping unverified email addresses and phone numbers in our servers, we are able to limit communication with these contacts. This prevents potential spam that the owner of said addresses or numbers could suffer due to the massive sending of messages by either yourself or other users.
    • Upon establishing and successfully completing your first connection from device to device with a contact, we will automatically erase the existing relationship between yourself and the owners of the email addresses and/or cell phone numbers.
    • Once you have exchanged information with a contact, we will no longer use their email addresses and/or cell phone numbers is subsequent exchanges. We will assign a unique ID (anonymous and for internal use only) and use it so that you can find each other and establish a private and secure connection from device to device.
    • Do we have access to the personal information you and your contacts exchange in the form of Cards or messages? No, we do not. Any information shared in Cards or sent for contact’s confirmation, as well as any text message attached to the communication, is transmitted only from device to device. We act like a traffic agent, indicating when your devices are reachable simultaneously and providing both of you with the technical details for your devices to find each other. When a contact has not previously verified the email addresses and / or cell phone numbers that you have in your contact list, we can also use any message that you may attach when sharing a Card (or when sending a confirmation request) to provide some context about who you are and what you want in the email and / or SMS that your contact will receive.
  • Users keep full control: You retain control of the interactions with your contacts at all times. What this means to you as a user:
    • Only you decide who to contact and when to do so. upRing does not contact your contacts.
    • Only you decide what information you share, with whom and for how long you share it. You can create multiple Cards each containing different personal information so that you can decide which information you share with each of your contacts. You can update the information you are sharing with your contacts at any time by editing, adding or deleting information from your Cards or by deleting any of your Cards. Such changes will be automatically updated to your contacts through device-to-device communication. You can also stop sharing one of your Cards with selected contacts. upRing does not share your Cards automatically; you are the one who decides.
    • Only you decide who to send information requests to (i.e. requesting contact information confirmation) and when to do it. upRing does not send requests to your contacts automatically; you are the one who decides.
    • Only you decide if you want to reply to an information request received from any of your contacts. In the event that you choose to ignore a request received from a contact, the contact will not be informed of your decision to ignore the request.
    • upRing does not have access to the information you include in your Cards as this remains solely in your device.
  • Key contact field verification: upRing helps prevent identity-theft by requiring the verification of exchanged emails and cell phone numbers. This affects you as follows:
    • You can use upRing without registering as a user or verifying any data. upRing will have no information about you. Unfortunately, for safety reasons, this will also mean that you will only be able to benefit partially from upRing’s features as explained below.
    • In order for you to share a Card that contains email addresses and/or cell phone numbers, you will need to verify them first. Your contacts will therefore only receive email addresses and cell phone numbers from you that have been previously authenticated. Likewise, you will only receive verified contact information from your contacts when they share Cards with you.
    • The only exception to the above is when you or your contacts reply to a data request. This is because upRing uses the emails and/or numbers that a user already has for a contact to connect the user with that contact for the first time. This implies that the user is already certain of the contact’s identity, and verification is not required.
    • Additionally, if a contact using upRing sends you one of their Cards and/or a data request and the contact information that user has about you is an unverified email and/or cell phone number, then you will receive a notification email and/or SMS with a private link. By clicking that link, you will be able to access the communication sent by your contact, and you agree to the automatic verification of that email or cell phone number.
    • When sharing a Card with (or when sending information to) a contact for first time, we will also ask for your name so that the contact receiving your Card or request can know who you are.
    • We will keep your verified email addresses and cell phone numbers. Data verification allows you to receive in-app communications directly from your contacts, avoiding the hassle of having to manage emails and/or SMS. Please note that you can verify emails and/or cell phone numbers rarely used as a way to allow old contacts that may have outdated information to reconnect and remain connected through your current contact data.
    • You can delete your verified emails and/or cell phone numbers in the Application. This will delete them from our servers, and any of your Cards that contain the erased emails and/or cell phone numbers will no longer be shareable. Contacts that have these Cards will not receive further updates until you delete the unverified emails and/or cell phone numbers from your Cards or replace them with other verified data.

Below you can see what other information we collect and why we collect it:

  • In addition to the reasons outlined above for collecting your name, verified emails and cell phone numbers, we may also use this kind of personally identifying information to provide services. For example, we may use it to bill you and collect fees or charges for contracted services, to confirm your identity when necessary (so that a third party does not usurp your identity), or to communicate with you.
  • Hence, Personal Data provided by Users, such as their email and phone number, may also be used to send newsletters, software maintenance notices and updates, as well as commercial offers and/or advertising of the Application, provided that users have previously given express consent to the receipt of such electronic communications.
  • upRing may also routinely collect non-personally identifying information and use it to improve your experience and to decide which new features may be beneficial to you in the future. This may include your activity in upRing (e.g. number and type of Cards created, shared and received; number of requests sent to contacts; Application uptime; successful vs failed connections…) and generic information (e.g. number of contacts in your contact list, generic quality measures of your contact list, location, preference data…).
  • upRing uses web log and preference data for purposes consistent with this Privacy Policy including, but not limited to (i) customizing, measuring, and improving services, and its content, (ii) enforcing our Terms & Conditions and detecting fraud or other illegal activities, (iii) informing Users of changes to services, Terms & Conditions, our Privacy Policy and other terms that apply to our services, (iv) updating any programs or tools that we provide in conjunction with the web services, and (v) for internal business purposes, such as determining how much traffic certain portions of the web receive, for license reporting and assessment of service levels, to better understand how the web is used, to gauge traffic patterns and determine what types of content and services are most popular with users of the web, or to determine which search queries on certain services are the most popular.
  • Personal Data provided by Users voluntarily upon registration and while using the Application shall be recorded in automated storage systems owned by beClocked. The collection, storage, modification, structuring and, where appropriate, elimination of data provided by Users shall constitute personal data processing operations carried out by the Controller for the purposes of guaranteeing the correct functioning of the Application, maintaining the relationship for the provision of services and/or commercial relation with the User, and for the management, administration, information, provision and improvement of the service.

Once collected, your data becomes part of a treatment to which the corresponding security measures are applied.


The Personal Data collected through upRing will be stored in our systems and databases for the duration of your relationship with the Application if you do not request its deletion. Once the relationship finalizes, it will be erased except that data which is necessary to comply with our legal and regulatory obligations. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

We shall inform Users that, as a provider of data storing services and in accordance with the Law 34/2002 of July 11 on Information Society Services and Electronic Commerce (LSSI-CE according to its Spanish initials), we will hold the information essential to identify the origin of the data hosted and the moment in which the provision of the service began for a period not to exceed 12 months.

The retention of this data shall not affect the confidentiality of communications and shall only be used within the framework of a criminal investigation or to protect public safety, being at the disposal of judges and/or courts or the Ministry as required by law. The communication of data to State security forces shall be carried out by virtue of the provisions regulating personal data protection, ensuring that these provisions are fully respected.

We, as Data Controller, shall take the required steps to ensure the security, integrity and confidentiality of data pursuant to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

Although the Data Controller makes backup copies of the contents hosted on the servers, it shall not be responsible for the loss or accidental deletion of data by Users. Likewise, the Data Controller does not guarantee the replacement of data deleted by Users in its entirety since the aforementioned data may have been deleted and/or modified during the period of time elapsed since the last backup. The services offered or provided by means of the Application, except for specific backup services, do not include the recovery of contents preserved in the backup copies made by the Data Controller when this loss is attributable to the User. In this case, a rate shall be established according to the complexity and volume of the recovery, always upon User acceptance. The recovery of deleted data is only included in the price of the service when the loss of content is due to causes attributable to the Controller.

As previously explained, upRing maximizes your privacy by keeping your contact list only in your device. Please note that this necessarily implies that we do not have such information and, therefore, cannot store it nor back it up.  An exception to this would be if you specifically purchase a premium back up service from us.


The legal basis on which the processing of the User’s data is based is as follows:

  • Legitimation by reason of the consent of the User: Article 4 (11) of the GDPR states that opt-in consent is “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” Examples of a statement or clear affirmative action include ticking a box provided for that purpose or downloading the app through the Apple Store or the Google Store.
  • The request for information and/or the contracting of services contained in the Application will be considered expressly accepted provided that the Terms and Conditions have be made available to the Users beforehand.
  • In the event that Users do not provide beClocked with the corresponding data, or do so in an incorrect or incomplete manner, it will not be possible to use the Application.

Personal Data shall not be shared with any third party not belonging to beClocked, except as requested by the User, with the User’s express consent or when obligated by law. We respect and protect your privacy, but we may be required to provide Personal Information to a court or law enforcement agency. We will only disclose your Information if we are legally required to do so such as, but not limited to, when receiving a valid subpoena, court order or search warrant.

On the other hand, we shall be entitled to give access to or transfer Personal Data provided by you to third-party service providers with which we have formalized data processing agreements, and they shall only access said Information to provide a service in favour and on behalf of the Controller:

  • We use reputable third parties to assist us in delivering services to you. This includes, for instance, third-party service providers that facilitate electronic communications requested by you.
  • We therefore may, and shall be entitled to, share portions of your Information with these third parties to the extent necessary for the provision of these services. These companies will be acting on our behalf and are required, by contract with us, to keep this Information confidential and are only authorized to use it for specific purposes, as described in more detail below.
  • By using upRing, you expressly consent and grant us permission to use emails and cell phone numbers from your digital contact database for the purpose of sending electronic communications to your contacts as requested by you. These contacts may or may not be Users of the Application. You must be aware that by initiating/requesting electronic communications with your contacts through upRing, you accept that your Information may be disclosed to third parties for the purpose of processing these electronic communications, and you consent to subscribe these contacts to our electronic communication services even when they imply third-party service providers.
  • The nature of these user-to-user electronic communications and the associated subscription is your sole responsibility; we shall not be held responsible for the subscription and the nature, accuracy or reliability of any Information or advice transmitted by means of the Application. We shall be entitled, at any time, to limit or interrupt this use at our sole discretion. To the maximum extent permitted by law, in no case will we be liable for any related damage or breach of Law.

We wish to inform Users of their rights to information, access, rectification, limitation, deletion, opposition and portability:

  • Right to information: You have the right to be clearly informed prior to collecting your data about what data is being treated, with what purpose it is treated, where the data has been obtained and if we are going to communicate it or have communicated it to someone.
  • Right of access: You have the right to know which of your data is being treated, for what purpose, where we have obtained the data and if we are going to communicate it or have communicated it to someone.
  • Right to rectification: You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data. Taking into account the purposes of the processing, you shall also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • Right of limitation: you have the right to cancel your inadequate or excessive data.
  • Right to erasure (‘right to be forgotten’): You have the right to request deletion of your data.
  • Right to object: You have the right to prevent your data from being processed or to stop being processed, only in the cases established by law.
  • Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured electronic format for normal use and in order to be able to transmit that data to another data controller.
  • Right not to be the subject of individualized decisions: You have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects to you or similarly significantly affects you.

Likewise, Users shall be entitled to withdraw the consent initially provided, and to submit claims of rights to the Control Authority.


You may exercise your rights by means of a request addressed to, which must include:

  • Photocopy of official government issued identification (passport or other official ID) or electronic signature
  • Content of the request you make and, if necessary, the documents that prove it.
  • Mailing address (for notification purposes), date and signature

If you exercise your rights via a voluntarily appointed representative, you must provide the document or electronic instrument that proves such representation.

In the event that the owner of the data is a minor or legally incapacitated, these rights will be exercised by their duly accredited legal representative.


This privacy policy only applies to Personal Data collected through our website or the Application. However, this website contains links to other websites, and we are not responsible for the privacy practices of these other websites.

Meaning that when you click on one of those links, you are leaving our website and should read their privacy policies regarding the collection of personal data.


If you choose to post information on blogs or forums, it will not be private. Once the information is posted, other users will be able to copy or store it.


A cookie is a small file that is stored on a user’s computer. They allow you to be recognized as the same user across the different pages of a website, or when you use an app. Amongst other things, cookies enable web services to store preferences, as described in this Privacy Policy. For example, cookies allow us to remember your preferred ZIP code. Cookies can also hold information like an anonymous but unique string of numbers and letters that may be used to help collect Activity Data, as described in this Privacy Policy. Our web services and App may use different types of cookies, but we always notify you first.


According to the LISS-EC (Law on Information Society Services and Electronic Commerce), beClocked shall not send advertising or promotional communications by email or other equivalent means of electronic communication unless previously requested or expressly authorized by the recipients. In the case of Users with whom there is a prior contractual, legal or service relationship, the Data Controller will be authorized to send commercial communications regarding products or services of the Controller similar to those initially contracted by the customer. Should Users wish to unsubscribe from receiving the aforementioned communications, they must do so by sending a statement expressing this desire via email to the address: