Privacy policy

Last updated: [date]

In accordance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection and digital rights (LOPDGDD), the user is informed about the processing of their personal data.

1. Data controller

• Controller: [Full name or business name]
• Tax ID (NIF/CIF): [NIF/CIF]
• Address: [Registered address]
• Email: [email]

2. Purposes of processing

The personal data provided by the user will be processed for the following purposes:

• Managing information requests, calls and meetings booked via Calendly.
• Maintaining the business relationship and delivering the contracted services.
• Sending communications related to the services when there is a legitimate basis for doing so.

3. Legal basis

The legal basis for processing the data is:

• The consent of the data subject when requesting information or booking a meeting.
• The performance of a contract or pre-contractual measures.
• The legitimate interest of the controller in maintaining relationships with clients and prospects.

4. Retention

Data will be kept for as long as necessary to fulfil the purposes described and, afterwards, for the periods legally required to address any potential liabilities.

5. Recipients and processors

Service delivery relies on providers that act as data processors:

• Calendly (Calendly LLC, USA) — for appointment management. Covered by the standard contractual clauses approved by the European Commission for international transfers.
• [Other providers: hosting, analytics, email, etc.]

Data will not be transferred to third parties unless legally required.

6. User rights

The user may exercise their rights of access, rectification, erasure, objection, restriction of processing and portability at any time by sending a request to [email], attaching a copy of an identifying document.

The user also has the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if they consider that the processing does not comply with the regulations.

7. Security

The necessary technical and organizational measures have been adopted to guarantee the security and integrity of personal data and to prevent its alteration, loss, processing or unauthorized access.