Twop

Creators

Real Creator Program

About Twop

Contact

Request app access

Privacy Policy subscribers Twop iOS Application

Responsible: MuseumMate, S.L.U., C/ Arlabán, 7, 8th floor, 28014 Madrid (Spain). CIF: ESB88168299.
Contact (privacy/DSA): legal@twop.app

Date of entry into force: 1st September 2025

This specific Policy complements the general Privacy Policy of TWOP and focuses on the necessary processing for subscriptions on iOS.

1. Data we collect in relation to your subscription

  • Purchase identifiers and status: transaction identifiers, token/receipt of purchase, subscription status (active, cancelled, in renewal, in grace period), frequency, start/end date, free trial/introductory offer, and store country.

  • Management events: renewals, cancellations, changes of Plan, payment attempts, grace period, receipt reinforcement, and server-to-server notifications from Apple (if enabled).

  • Support data: communications you send us (e.g., questions, incidents, purchase restoration).

  • We do not access the card number or bank data: payments are processed by Apple.

 2. Purposes and legal bases

  • To provide and manage your subscription (activation, receipt verification, renewal, restoration, plan changes). Base: contract execution.

  • Fraud prevention and security (receipt validation, abusive use detection). Base: legitimate interest and legal obligation.

  • Customer service (queries, incidents, cancellations). Base: contract execution/legitimate interest.

  • Legal obligations (taxation, accounting). Base: legal obligation.

  • Aggregate analytics on subscriptions (sign-ups, cancellations, retention) without identifying the user. Base: legitimate interest.

3. Sources and flow of data 

  • From your device: purchase initiation, restoration, receipt verification.

  • From Apple: purchase confirmation, status changes (StoreKit/App Store Server Notifications).

  • From you: support queries.
    TWOP verifies receipts securely and only processes the minimum necessary data to confirm your right of access to the Plan.

 4. Retention

  • Subscription and billing data: during the subscription period and subsequently for the legal retention periods (usually 6–10 years for tax/accounting obligations).

  • Support tickets: up to 24 months from their closure, except for open incidents or legal requirements.

 5. Recipients and data processors

  • Apple (App Store): manages the payment and the subscription account.

  • Providers acting as processors (e.g., hosting, server-to-server notifications, secure storage of subscription metadata, support tools).

  • Authorities: when there is a legal basis or valid request.
    We do not sell your personal data.

 6. International transfers

If we use providers outside the EEA, we will apply Standard Contractual Clauses or other appropriate safeguards, with impact assessment where applicable.

 7. Rights

You can access, rectify, delete, object, limit, port your data and withdraw consents.

For payment/cancellation/refunds, you must manage your subscription with Apple (Account → Subscriptions).

For data rights or additional support: legal@twop.app. If you wish, you can file a complaint with the AEPD.

8. Minors

Subscriptions are intended for aged 16 and over. If we detect that age/consent requirements are not met, we may close the account and delete data reasonably soon.

9. Security

We apply appropriate technical and organizational measures (encryption in transit, access controls, secure receipt validation, audit logs, and incident response).

10. Changes

We may update this Policy to reflect legal or technical changes. We will inform you with reasonable notice if they are substantial. The current version will be available in the app and at twop.app/app-legal/apple-user-subscription-terms