At EFITAX ADVISORY, S.L., we are especially committed to the confidentiality of the personal data provided to us through the website. Through this policy, we inform the user about data protection matters as well as the rights they are entitled to.

Therefore, and in accordance with the General Data Protection Regulation of the European Union (GDPR), Regulation EU 2016/679 of the European Parliament and Council of April 27, 2016, and following the principle of transparency, we provide relevant information about the processing of personal data, to ensure that at all times you understand how we process data, for what purpose, and your corresponding rights.

Data Controller:

EFITAX ADVISORY, S.L. (hereinafter THE CONTROLLER), Tax ID: B93365286, located at C/ Cueva de Viera nº 2 Edificio Antequera Planta 1, local 1, 29200, Antequera, Málaga, and email: je_monterroso@efitax.es.

Contact of the Data Protection Officer (DPO): A DPO is not available; however, you can contact us through any of the means indicated above.

Data Collection:

THE CONTROLLER has obtained the personal data to be processed through different channels:

• Voluntarily provided by the data subject, whether through a web form, email, phone, or contract, to request any type of information or to formalize and/or acquire services or products.
• From publicly accessible sources and/or public records, provided there is a legitimate interest by THE CONTROLLER to do so.

Description of the Purpose of Processing:

THE CONTROLLER will process your data to respond to requests made through this website. Additionally, if you consent to the sending of commercial communications, promotions, and information of interest, you may receive commercial and/or advertising information through regular communication channels. However, this consent may be revoked at any time through the means provided for this purpose.

We will process your data for commercial, administrative, accounting, and tax management in accordance with current regulations and based on the information provided and authorization granted.

Data Retention:

The personal data provided will be retained as long as the relationship with the entity is maintained and the deletion is not requested by the data subject. They will be retained in accordance with the legal timeframes established and depending on the purpose for which they were collected.

If the data subject has voluntarily subscribed to any type of commercial communications, newsletter, advertising, etc., the data will remain until they unsubscribe from such communications.

Legal Basis:

The basis for which THE CONTROLLER processes personal data is supported by:

• The mere request by the data subject for any type of information.
• Potential subscription to receive commercial communications through explicit consent.
• Formalization of a commercial relationship resulting from the acquisition of products and/or services.
• Legitimation by contract execution.

Recipients:

While the data subject's data is being processed, THE CONTROLLER will not transfer the data to third parties unless there is a legal obligation to do so.

In cases where administrative, tax, accounting, and/or commercial processing services are required from third parties, the mandatory data processing agreement will be properly formalized to guarantee the security and confidentiality of the data subject's data against third parties.

Rights:

The data subject, concerning their personal data, may freely and gratuitously exercise the following rights:

• Right of access to their personal data.
• Right to rectify their personal data when it is incomplete or inaccurate.
• Right to delete their personal data when it is no longer necessary for the purposes for which it was collected.
• Right to restrict the processing of all or part of their data.
• Right to object to processing.
• Right to data portability.
• Right to withdraw previously granted consent.

If the data subject feels their rights regarding personal data protection have been violated, particularly when they have not obtained satisfaction in exercising their rights, they may file a complaint with the competent Data Protection Authority.

Supervisory Authority:

If you need further information and/or assistance beyond what we can and wish to provide concerning Data Protection, please note that the supervisory authority in Spain, which ensures compliance with data protection regulations and guarantees and protects the fundamental right to personal data protection, is:

Spanish Data Protection Agency (AEPD)

C/ Jorge Juan Nº6
28001 – Madrid
901 100 099 – 912 663 517
www.agpd.es

You can also contact them through this form.

The AEPD informs and helps citizens exercise their rights, as well as companies comply with the obligations established by law.

As the owner of your data, the AEPD oversees the exercise of access, rectification, cancellation, restriction, portability, and opposition rights when they have not been adequately addressed. It guarantees the right to data protection against actions that may be contrary to the law.