Data controller: Adoration Taboada Gavilán
NIF: 78728891-Y
Home: Paseo Milicias de Garachico, No. 5, Edf. San Francisco, Floor 1, Office 4, 38001 – Santa Cruz de Tenerife (Spain)
Mail: consumption.bo2lex@gmail.com
This policy explains how we process users' personal data, in accordance with Regulation (EU) 2016/679 (GDPR) and LOPDGDD 3/2018.
1. Data we process
We can process the following categories of data:
Contact information: name and surname, email, telephone.
Inquiry data: information that the User provides to us in forms or by email (for example, card issuer, dates, documentation).
Technical data: IP address, device identifiers, logs and necessary technical cookies (see Cookie Policy).
2. Purposes of the processing
To handle inquiries and manage requests for information or case assessment submitted through forms or email.
Provision of legal services and management of professional assignments, including pre-trial and trial procedures.
Informative communications related to the requested service or to legal updates directly linked to your inquiry (without aggressive commercial purposes).
Legal compliance (prevention of money laundering where applicable, tax and accounting).
3. Legitimation
User consent (art. 6.1.a GDPR) to respond to inquiries received via forms/email.
Performance of a contract or pre-contractual measures (art. 6.1.b GDPR) to process the professional engagement.
Compliance with legal obligations (art. 6.1.c GDPR).
Legitimate interest (art. 6.1.f GDPR) in maintaining the security of the Web, preventing fraud and improving the quality of service.
4. Storage periods
We will retain your data for as long as necessary to address your inquiry. If a professional engagement is initiated, your data will be retained for the duration of the relationship and, after its termination, for the statutory limitation periods applicable to legal obligations and/or professional liability (between 5 and 10 years, depending on the subject matter). Data linked to technical cookies is retained as indicated in the Cookie Policy.
5. Recipients
Technology providers (web hosting, email, office tools) acting as data processors in accordance with Article 28 GDPR, with contracts that guarantee confidentiality and security.
Public administrations and judicial bodies when there is a legal obligation or requirement.
Data is not shared with third parties for commercial purposes.
6. International Transfers
If our technology providers are located outside the European Economic Area, we will adopt appropriate safeguards (e.g., Standard Contractual Clauses approved by the European Commission) or verify the existence of an adequacy decision (Art. 45–46 GDPR).
7. Rights of persons
You can exercise your rights of access, rectification, erasure, objection, restriction of processing, and data portability by contacting us at the email address provided. You also have the right to withdraw your consent at any time when the legal basis for processing is consent, without affecting the lawfulness of processing based on consent before its withdrawal.
If you believe your rights have not been respected, you can file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.
8. Security
We apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing.
9. Minors
Our services are not directed at children under 14 years of age. If we detect the processing of data belonging to minors without valid consent, we will delete such information reasonably and diligently.
10. Third-party data
The User guarantees that the data provided is accurate, current and truthful, and that, in the case of providing data of third parties, he has their authorization and has informed them of this Privacy Policy.