Privacy Policy
How Fundinorio collects, processes, and protects your personal data.
1. Data Controller
The data controller responsible for your personal data is:
Fundinorio
C. de Edgar Neville, 37, Tetuán, 28020 Madrid, Spain
NIF: R91123515
Email: info@fundinorio.com
Phone: +34 914 046 644
This Privacy Policy is governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, GDPR) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD).
2. Data We Collect
We collect personal data in the following circumstances:
2.1 Contact Form
When you complete our contact form, we collect: full name, email address, the subject of your enquiry, and the content of your message. Submission of the contact form is voluntary.
2.2 Browsing Data
When you visit our website, our servers automatically record technical information including your IP address, browser type and version, operating system, referring URL, pages visited, and timestamps. This data is collected for security and operational purposes.
2.3 Cookies
We use cookies as described in our Cookie Policy. You can manage your cookie preferences through the consent tool provided on this website.
3. Legal Basis for Processing
We process your personal data on the following legal bases under Article 6 of the GDPR:
- Consent (Article 6(1)(a)): Where you have given clear consent for us to process your personal data for a specific purpose, such as submitting the contact form.
- Legitimate interests (Article 6(1)(f)): For the processing of browsing data necessary to maintain the security and proper functioning of our website.
- Legal obligation (Article 6(1)(c)): Where processing is necessary to comply with a legal obligation to which we are subject under Spanish or European Union law.
4. How We Use Your Data
Personal data collected through the contact form is used solely to respond to your enquiry and to maintain a record of our correspondence. We do not use this data for marketing purposes without your explicit consent.
Browsing data is used to monitor website performance, detect and prevent security incidents, and improve the user experience.
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
5. Data Retention
Contact form data is retained for a period of two years from the date of submission, after which it is securely deleted unless a longer retention period is required by law or by an ongoing professional relationship.
Browsing logs are retained for a maximum of twelve months for security purposes.
Where you withdraw your consent, we will delete your data within thirty days, except where retention is required by a legal obligation.
6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data to third parties. We may share your data in the following limited circumstances:
- Service providers: We engage trusted third-party service providers (such as web hosting providers) who process data on our behalf under data processing agreements that comply with Article 28 of the GDPR.
- Legal requirements: We may disclose your data where required to do so by law, court order, or competent authority, including the Spanish Data Protection Agency (Agencia Española de Protección de Datos, AEPD).
7. International Data Transfers
Where personal data is transferred to a country outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR. These safeguards may include Standard Contractual Clauses approved by the European Commission or adequacy decisions.
8. Your Rights
Under the GDPR and LOPDGDD, you have the following rights regarding your personal data:
- Right of access (Article 15 GDPR): You may request a copy of the personal data we hold about you.
- Right to rectification (Article 16 GDPR): You may request correction of inaccurate or incomplete data.
- Right to erasure (Article 17 GDPR): You may request deletion of your personal data in certain circumstances.
- Right to restriction of processing (Article 18 GDPR): You may request that we limit the processing of your data.
- Right to data portability (Article 20 GDPR): You may request your data in a structured, commonly used, machine-readable format.
- Right to object (Article 21 GDPR): You may object to processing based on legitimate interests.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at info@fundinorio.com. We will respond within one month. You also have the right to lodge a complaint with the AEPD at www.aepd.es.
9. Cookies
This website uses cookies. For full details of the cookies we use, their purpose, and how to manage them, please refer to our Cookie Policy.
10. Security Measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration, in accordance with Article 32 of the GDPR. These measures are reviewed and updated regularly.
Transmission of data over the internet cannot be entirely guaranteed to be secure. While we take all reasonable steps to protect your data, we cannot guarantee the security of data transmitted to our website.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will indicate the date of the most recent update at the top of this page. Where changes are material, we will take reasonable steps to notify you.
12. Contact
For any questions regarding this Privacy Policy or to exercise your rights, please contact our data protection point of contact:
Fundinorio
C. de Edgar Neville, 37, Tetuán, 28020 Madrid
Email: info@fundinorio.com
Phone: +34 914 046 644