Legal
Privacy policy
Last updated: 10 July 2026
The short version: macDNIe processes your DNIe only on your Mac. Neither the app nor this website collects personal data, there is no telemetry or analytics, and we neither sell nor share anything — because there is nothing to sell or share. What follows is the long version.
1.Data controller
- Controller
- nexoapex (publisher of macDNIe)
- Contact
- macdnie@nexoapex.com
- Scope
- The macDNIe application for macOS and the macdnie.com website
2.The principle: on-device processing
macDNIe reads your DNIe through a card reader, over the secure channel the card itself defines. The data on the chip — your identity record (name, DNI number, date and place of birth, address, parents' names…), your photograph and your certificates — is read, shown on your screen, and never leaves your Mac. It is not transmitted to nexoapex or to any third party, and the app does not keep it permanently: the documents you sign are saved only where you choose.
Your PIN is entered locally, travels encrypted inside the secure channel between the app and the card, and is never stored, logged or sent to any server.
3.No telemetry, no analytics
Neither the application nor this website includes telemetry, analytics, advertising identifiers, third-party tracking SDKs or "anonymous usage statistics". We do not know how often you open the app, what you do with it, or who you are.
4.The app's network connections
The app connects to the Internet for three things only, each in service of an action you start:
- Certificate verification (OCSP). To check that a DNIe certificate has not been revoked, the app queries the OCSP service of the DNIe infrastructure (
ocsp.dnie.es). That query contains the identifier of the certificate being checked (not your full document) and, like any connection, exposes your IP address to the queried server, which belongs to the public DNIe infrastructure. - Timestamping (TSA), optional. If you enable timestamping when signing, the app sends the timestamping service only the cryptographic hash of the document — a mathematical fingerprint from which the content cannot be reconstructed. The document itself is never sent.
- Purchases (Apple and RevenueCat). See section 5.
5.Purchases: Apple and RevenueCat
macDNIe is sold through native Apple In-App Purchases. Payment is processed entirely by Apple: we never see your name, your address or your payment details. Apple's processing is governed by its own policy: apple.com/legal/privacy.
To validate purchases and know whether your license is active we use RevenueCat, which receives the transaction information from Apple (product purchased, dates, renewal status) tied to an anonymous identifier generated by the app — not to your name or email. Their policy: revenuecat.com/privacy.
6.This website
macdnie.com is a static site: it sets no cookies, includes no analytics or trackers, and loads no third-party resources (no fonts, no scripts, no external images). The hosting provider may record accesses (IP address, date, page requested) in its standard technical logs for security and operation of the service; nexoapex does not use them to identify you or cross-reference them with anything.
7.Email
If you write to macdnie@nexoapex.com, we will process your address and the content of your message for the sole purpose of replying and following up on your query (legal basis: your consent and our legitimate interest in providing support). We keep the correspondence for as long as needed for that purpose and to evidence the support provided.
8.Your rights (GDPR and LOPDGDD)
Under Regulation (EU) 2016/679 (GDPR) and Spain's Organic Law 3/2018 (LOPDGDD), you have the right to access, rectify and erase your data, to restrict or object to its processing, to data portability and to withdraw consent. Since macDNIe collects no personal data, in practice these rights mostly concern email correspondence. You can exercise them by writing to macdnie@nexoapex.com.
If you believe we have not handled your rights properly, you can lodge a complaint with the Spanish data protection authority (Agencia Española de Protección de Datos): aepd.es.
9.Changes to this policy
If this policy changes, we will publish the new version here with its date. If a change materially affected how the app handles data, we would also flag it in the corresponding release notes.