Privacy policy

How we process your personal data under GDPR and Spanish LOPDGDD.

Courtesy translation. This is a non-binding English translation provided for information purposes. The legally binding version is the Spanish original.

In compliance with Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR), and Spanish Organic Law 3/2018, on Personal Data Protection and the safeguarding of digital rights (LOPDGDD), the user is informed about the processing of personal data.

Data controller

  • Owner Alejandro Rueda Valido
  • Tax ID 78493230A
  • Address Valsequillo de Gran Canaria, Las Palmas, Spain
  • Contact via the contact form

Data we process and where we obtain it

We only process the personal data that the user voluntarily provides by filling in the contact form or booking an online appointment. Specifically: name, company (if you specify it), email address and the content of the message or the information provided when booking.

We do not use data obtained from third parties, nor do we profile users with automated techniques.

Purpose of processing

Your data is processed solely to reply to your enquiry, manage the booked appointment and, if so agreed with you, maintain the subsequent professional communication arising from that initial enquiry.

We do not use your data for unsolicited commercial communications, nor do we share it with third parties for advertising purposes.

Legal basis

Processing is based on the data subject's consent (GDPR art. 6.1.a), given by ticking the acceptance checkbox when submitting the form. In the case of appointment booking, consent is understood as granted by the act of completing the booking process.

Retention period

We keep your data for as long as necessary to reply to your enquiry. If the enquiry leads to a professional relationship, the data will be retained for the duration of that relationship and for up to six additional years to comply with accounting and commercial requirements. If there is no subsequent professional relationship, the data will be deleted within a maximum of one year from the last communication, unless the data subject requests deletion sooner.

Recipients and international transfers

To deliver the service, this website uses the following data processors:

  • Cloudflare, Inc. (United States): hosting and content delivery network. Adhered to the EU-U.S. Data Privacy Framework.
  • Web3Forms (United States): contact form processing service. Transfers are covered by the Standard Contractual Clauses approved by the European Commission.
  • Cal.com, Inc. (United States): appointment booking service. Transfers are covered by the Standard Contractual Clauses approved by the European Commission or by the Data Privacy Framework, depending on the configuration in force.
  • Google Workspace (Google Ireland Limited): professional email provider used to manage communications. Data processed in the European Union.

No further transfers to third parties are made except where required by law.

Data subject rights

At any time you may exercise the following rights over your data:

  • Access: to know what data of yours we process.
  • Rectification: to correct inaccurate or incomplete data.
  • Erasure: to request the deletion of your data when it is no longer necessary.
  • Objection: to object to processing based on grounds relating to your particular situation.
  • Restriction of processing: to request that processing be restricted in certain cases.
  • Portability: to receive your data in a structured format to transmit it to another controller.
  • Withdrawal of consent: at any time, without affecting the lawfulness of processing prior to the withdrawal.

To exercise them, write to us via the contact form stating which right you wish to exercise and providing a copy of an identification document.

If you consider that the processing does not comply with the regulations, you may file a complaint with the Spanish Data Protection Agency (AEPD), www.aepd.es.

Security

We apply reasonable technical and organisational measures to protect your data against unauthorised access, loss or alteration. Communications through the website are encrypted using TLS.

Modifications

This policy may be updated to adapt to regulatory or technical changes. The version in force is always the one published on this website.

Last updated: 26 April 2026.