• info@legalspain.es
  • +34 644 61 39 38
  • Contact
Facebook Instagram

Privacy policy

1. Responsible for the treatment

In compliance with Regulation (EU) 2016/679, General Data Protection Regulation (GDPR), and Organic Law 3/2018, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), you are hereby informed that the data controller is:

  • Company name: Legal and Educational Services Agency in Europe, SL
  • Registered office: C/José Bielsa, 18, 2C, 28026 (Madrid)
  • Tax ID: B75975151
  • Phone: +34 644 61 39 38
  • Email address: info@legalspain.es

 

This policy applies to all data processing carried out through the platforms, applications and tools developed and/or managed by AGENCIA DE SERVICIOS LEGALES Y EDUCATIVOS EN EUROPA, SL, hereinafter referred to as «LegalSpain».

 

2. Data we process

LegalSpain It processes the following categories of personal data:

  • Identification details: name, surname, NIF/DNI/Passport.
  • Contact information: postal address, email address and telephone number.
  • Economic and transaction data: information on payments, billing and contracted services.
  • Browsing data: IP address, browser settings, pages visited and actions taken, recorded in our server logs.
  • Access data: identification codes or keys for accessing the platform.
  • Commercial information: data related to requests for information or communications about our courses and services.
  • Certain browsing data is obtained through the use of cookies. You can find detailed information in the Cookie Policy.

 

3. Purposes of processing

LegalSpain It processes personal data for the following purposes:

  • To provide and manage the contracted services.
  • To handle inquiries, requests for information, suggestions or complaints.
  • Manage invoicing, collections and compliance with accounting, tax and administrative obligations.
  • Ensuring the security of the platforms, preventing fraud, and resolving technical issues.
  • Send informative communications, commercials and news from LegalSpain when the user has expressly requested it or there is a prior contractual relationship that allows it in accordance with current regulations.
  • No automated decisions or profiling with legal effects for the user are carried out.

 

4. Legitimation of the treatment

The legal bases that allow the processing of your personal data are:

  • Execution of a contract or application of pre-contractual measures: management of enrollments, provision of training services and handling of requests.
  • Compliance with legal obligations: fiscal, accounting and tax obligations.
  • Legitimate interest: maintaining platform security, improving services, preventing fraud, and technical management. In these cases, the corresponding balancing of interests has been carried out in accordance with the GDPR.
  • Consent of the interested party: sending electronic commercial communications, use of certain cookies and processing not covered by the above bases.
  • The user may withdraw their consent at any time, without this affecting the lawfulness of the processing carried out previously.

 

5. Conservation periods

Personal data will be kept for the time necessary to fulfill the stated purposes and, subsequently, for the legally required periods to address possible liabilities.

In general:

  • Data related to the contractual relationship for the contracted service: while the relationship is maintained and, subsequently, during the legal periods.
  • Tax and accounting data: for the period required by current tax regulations (currently, in general, four years).
  • Data for commercial communications: as long as the user does not withdraw their consent or object to the processing.
  • Once the applicable time limits have expired, the data will be blocked and subsequently securely deleted.

 

6. Recipients and processors

Your data may be shared with:

  • Accounting, tax and legal advice: REMEDIOS ARANCE (NIF 50695647J), with address at Avda. Mediterráneo 34, 1ºB, 28007 Madrid, for the provision of professional services.
  • Competent public authorities, when there is a legal obligation.
  • Likewise, certain technological providers necessary for the development of the activity (web hosting, educational platform)
  • Email services, technical support, payment gateways, or other digital services may act as data processors pursuant to Article 28 of the GDPR, under contract and following the instructions of LegalSpainUnder no circumstances will data be transferred to third parties for their own commercial purposes without the prior consent of the interested party.

 

7. International data transfers

In the event that certain technology providers are located outside the European Economic Area, data processing will be carried out in accordance with the provisions of Articles 44 et seq. of the GDPR, adopting appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or other legally valid mechanisms.

 

8. Origin of the data

Personal data is sourced from:

  • Direct communication from the interested party through the website, email, telephone or other means.
  • Collaborating academies or companies, with prior authorization from the interested party.
  • LegalSpain It does not obtain personal data from publicly accessible sources for the purposes described.

 

9 Security measures

LegalSpain It applies appropriate technical and organizational measures to ensure the security and integrity of personal data, including:

  • Perimeter protection systems and firewalls.
  • Antivirus programs and security updates.
  • Access restricted to authorized personnel subject to confidentiality.

 

10. Rights of the interested parties

The user may exercise the following rights:

  • Access
  • Rectification
  • Erasure
  • Opposition
  • Restriction of processing
  • Portability
  • Withdrawal of consent

 

In this ambit, LegalSpain:

  • It will respond to requests within a maximum period of one month, extendable by another two months in cases of special complexity.
  • It has an account deletion system from the user's private area, without prejudice to the maintenance of blocked data when there is a legal obligation.

 

11. Exercise of rights

To exercise your rights, you can contact:

  • info@legalspain.es
  • C/José Bielsa, 18, 2C, 28026 (Madrid)

Proof of identity may be requested when necessary to verify the application.

 

12. Complaints to the supervisory authority

If you believe your rights have been violated, you can file a complaint with the Spanish Data Protection Agency (AEPD). You can find more information at:

  • https://www.aepd.es
  • C/ Jorge Juan 6, 28001 Madrid

 

Furthermore, you may resort to the competent courts in accordance with the applicable regulations.

 

13. Policy Update

LegalSpain This Privacy Policy may be modified to adapt it to new legislation or changes in data processing. When the modification is substantial, users will be informed in a visible manner and, where appropriate, their consent will be requested again.

 

Version: March 4, 2026