Legal
Privacy Policy
Last updated: 25 June 2026
This Privacy Policy explains how personal data is processed when you visit this website or contact its owner. It is intended to comply with the General Data Protection Regulation, Spanish Organic Law 3/2018 on Data Protection and Digital Rights, and applicable Spanish information-society rules.
Data Controller
- Controller: [Full legal name of the website owner]
- NIF/NIE: [NIF/NIE]
- Address: [Full postal address]
- Email: [email protected]
- Website: https://example.com
Replace the bracketed controller details before publishing this page. A privacy notice must identify the data controller clearly.
Personal Data Processed
The website may process the following categories of personal data:
- Identification and contact data you provide voluntarily, such as your name, email address and message content.
- Professional or collaboration information you choose to include in an enquiry.
- Technical data generated when you browse the website, such as IP address, browser, device type, pages visited, date and time, and security logs.
Purposes and Legal Bases
| Purpose | Legal basis |
|---|---|
| Responding to messages, questions, collaboration requests or travel-planning enquiries. | Your consent when you contact the owner voluntarily, and pre-contractual steps if you request a service. |
| Managing travel-planning or collaboration services if they are agreed. | Performance of a contract or pre-contractual measures requested by you. |
| Maintaining website security, preventing abuse and resolving technical incidents. | Legitimate interest in keeping the website secure and functional. |
| Complying with accounting, tax, consumer or legal obligations where applicable. | Compliance with legal obligations. |
Retention Periods
Contact messages are kept only for as long as necessary to answer and manage the enquiry. If the enquiry leads to a professional relationship, relevant data may be kept for the legal limitation periods required by tax, accounting, consumer or civil law. Technical logs are kept only for the time needed for security and maintenance purposes.
Recipients and Processors
Personal data is not sold. Data may be processed by service providers that support the website, hosting, email, security, backups or professional administration. These providers act under the applicable data-processing conditions. Data may also be disclosed to public authorities, courts or regulators when legally required.
International Transfers
If any service provider processes data outside the European Economic Area, the transfer must rely on a valid safeguard such as an adequacy decision, standard contractual clauses or another mechanism permitted by data-protection law. The provider list should be reviewed when the final hosting, email and analytics tools are confirmed.
Your Rights
You may request access, rectification, erasure, objection, restriction of processing and portability of your personal data. Where processing is based on consent, you may withdraw consent at any time without affecting earlier lawful processing.
To exercise your rights, email [email protected] and identify the right you want to exercise. You also have the right to lodge a complaint with the Spanish Data Protection Agency at aepd.es.
Children's Data
This website is not directed at children. In Spain, children aged 14 or over may generally consent to the processing of their own personal data. If you are under 14, do not send personal data without permission from a parent or legal guardian.
Security
The owner applies reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse or disclosure. No internet system can be guaranteed completely secure.
Changes to this Policy
This policy may be updated when the website, processing activities, service providers or legal requirements change. The date at the top indicates the latest version.