This Privacy Policy explains how [Company Legal Name] (“we”, “us”, “our”) collects and processes personal data when you use vyvatra.com (the “Website”) or contact us.

1. Data controller

• Controller: [Company Legal Name]

• Address: [Full address, Spain]

• Email: [Privacy/contact email]

2. Personal data we collect

We do not use contact forms on the Website. If you contact us by email, we may collect and process:

• Contact data: name, email address, phone number (if provided)

• Professional data: company name, job title (if provided)

• Enquiry content: information you include in your email messages

• Technical data: IP address, browser type, device information, pages viewed, approximate location (from IP)

• Cookie data: consent status and preferences (see Cookies Policy)

We do not intentionally collect special category data (e.g., health, religion, political views). Please do not include sensitive information in your messages.

3. How we use your data (purposes)

We process personal data to:

• Respond to enquiries and communicate with you

• Provide and manage our services and business relationships

• Improve the Website, user experience and performance (where analytics are enabled and accepted)

• Maintain security, prevent fraud and troubleshoot issues

• Comply with legal obligations

4. Legal bases (GDPR)

We rely on:

• Contract / pre-contractual steps: to discuss or provide services

• Legitimate interests: to operate our business, improve the Website, and keep it secure

• Consent: where required (e.g., analytics cookies)

• Legal obligation: where we must retain or disclose information

5. Who we share data with

We may share personal data with:

• Service providers (processors) necessary to operate the Website and communications (e.g., Squarespace as the Website platform/hosting provider)

• Professional advisers (legal/accounting) where necessary

• Authorities where required by law

We do not sell personal data.

6. International transfers

Some service providers may process data outside Spain and, where applicable, outside the EEA. When this happens, we use appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms), as required by law.

7. Data retention

We keep personal data only as long as necessary:

• Enquiries: typically up to [12–24 months] after the last contact

• Client data: for the duration of the relationship and as required by law (e.g., tax/accounting)

• Analytics/technical logs: according to configuration and provider settings (where enabled)

8. Your rights

You may have the right to:

• Access your personal data

• Correct inaccurate data

• Request deletion

• Restrict or object to processing

• Data portability (where applicable)

• Withdraw consent at any time (where processing is based on consent)

• Lodge a complaint with a supervisory authority

To exercise your rights, contact [email].

If you believe your data protection rights have been infringed, you can lodge a complaint with the Spanish Data Protection Authority (AEPD).

9. Security

We use appropriate technical and organisational measures to protect personal data. However, no online system is 100% secure.

10. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date indicates the latest revision.