en
Legal

Privacy & Cookies

We work with a lot of sensitive data on a daily basis. Therefore, we have established a privacy policy that explains how we handle your data.

Cookie Settings

Purpose of the Privacy Policy.

In accordance with the provisions of the General Data Protection Regulation (GDPR) and the Spanish Organic Law 3/2018 of December 5 on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD), by accepting this Privacy Policy, you give your informed, explicit, free and unambiguous consent to the processing of personal data collected through the Gestoraz websites or iOS app, hereinafter collectively the “Platform” or the “Website”).

The provision of personal data requires a minimum age of 18 years or, if applicable, having sufficient legal capacity to enter into a contract.

Therefore, this Privacy Policy applies to users who browse the Platform, as well as natural persons (consumers) or legal entities who register and purchase services from Gestoraz (hereinafter collectively “Users”).

Identification data of the administrator of the Platform

  • Company name: Gestoraz Gestores S.L. (hereinafter “Gestoraz” or “we”)
  • Address: Calle Las Barcas 2, Portal 2, Escalera 1, 46002 Valencia, Spain
  • NIF: B75247551.
  • E-mail: hola@gestoraz.com

Your duty to notify us of changes.

It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.

Links to third parties

The Websites may contain links to third-party websites, plug-ins and applications. If you click on these links or activate these connections, third parties may collect or share data about you. We have no control over these third-party websites and are not responsible for their privacy statements. When you leave our Websites, we encourage you to read the privacy policy of each website you visit.

The personal data we collect about you

Personal data is any information about an individual that identifies that person. It does not include data whose identity has been removed (anonymous data).

We may collect, use, store and transfer different categories and types of personal data about you.

We also collect, use and share aggregate data, such as statistical or demographic data, for any purpose. Aggregate data may be derived from your personal data, but is not considered personal data under the law, as it does not directly or indirectly reveal your identity. However, if we combine or link aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with this Privacy Policy.

Obligation to provide us with your personal data and consequences if you fail to do so

The personal data requested is necessary to manage your requests and/or provide you with the services you may purchase. If you do not provide this information to us, we may not be able to properly serve you or provide you with the services you have requested.

How is your personal data collected?

We use various methods to collect data from and about you, including:

  • Direct interactions: You may provide us with your identification, contact and financial information by filling out forms or by corresponding with us by mail, phone, email or otherwise. This includes personal data you provide when you:
    some text
    • Purchase a service through our platform;
    • Requests marketing to be sent to you;
    • Participates in a contest, promotion or survey;
    • Provides feedback to us or contacts us.‍
  • Automated technologies or interactions: As you interact with our Websites, we may automatically collect technical data about your devices, browsing actions and patterns. We collect this personal data through the use of cookies and other similar technologies. Please see our Cookie Policy for more details.

How we use your personal data (bases for processing).

We will only use your personal data where the law allows us to do so. Generally, we will use your personal data in the following circumstances:

  • Performance of a contract: When we need to perform the contract we are about to enter into or have entered into with you.‍
  • Legitimate interests: When it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not outweigh those interests.‍
  • Consent: When we have obtained your express consent, for example to send commercial communications.‍
  • Legal obligation: When we have to comply with a legal or regulatory obligation.

Purposes for which we will use your personal data

Below you will find, in tabular form, a description of all the ways in which we intend to use your personal data, and the legal basis on which we do so. We have also identified our legitimate interests, where applicable.


Purpose/Activity Data Category/Type Legal basis
Provision of services
  • Identifying information: First name/first names, Last name, Document number, Marital status, Gender, Date of birth, Place of birth, Nationality, Full name of your mother, Full name of your father, Address information, (future) NIE number, copies of identity documents.
  • Financial data: bank account information, payment details.
  • Execution of a contract
  • Legal obligation
Communication services
  • Identifying information: name, last name, phone number, email address.
  • Content of communication: messages, requests, questions.
  • Performance of a contract
  • Legitimate interest (to provide customer service)
Sending communications about the operation of the Platform (including SMS and email)
  • Identification data: name, last name, phone number, email address.
  • Legitimate interest (to keep you informed about our services)
  • Enforcement of a contract
Sending advertising or commercial communications (Newsletter)
  • Identifying information: name, last name, e-mail address.
  • Consent
Handling questions, requests and incidents
  • Identifying data: name, last name, phone number, email address.
  • Other data: information you provide to us in your requests.
  • Legitimate interest
  • Enforcement of a contract
  • Legal obligation
Analysis of Platform usage (Cookies)
  • Technical data: IP address, browser type, time zone settings, location, browser plug-in types and versions, operating system and platform.
  • Consent

Choice to object to processing.

You can ask us to stop sending you marketing messages at any time by following the opt-out link in any marketing message sent to you or by contacting us at hola@gestoraz.com.


Recipients of your personal data

We may share your personal data with third parties for the purposes set out in the table above. Specifically, these may be external third parties in the following categories:

  • Service providers: who provide IT and system management services.‍
  • Professional consultants: including lawyers, bankers, auditors and insurers who provide consulting, banking, legal, insurance and accounting services.‍
  • Government agencies: such as government agencies, tax authorities and other agencies requiring regulation and compliance.‍
  • Third parties: to whom we may sell, transfer or merge parts of our business or assets.

We require all third parties to respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only allow them to process your personal data for specific purposes and in accordance with our instructions.


International transfers

Some of our third party external service providers are located outside the European Economic Area (EEA), so processing your personal data may involve a transfer of data outside the EEA.

Whenever we transfer your personal data outside the EEA, we ensure that a comparable level of protection is provided by ensuring that at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that the European Commission considers to provide an adequate level of protection for personal data.
  • When we use certain service providers, we may use specific contracts approved by the European Commission that provide personal data with the same protection as in Europe.

Please contact us if you would like more information about the specific mechanism we use when transferring your personal data outside the EEA.


Security of Personal Data

We have implemented appropriate security measures to prevent the accidental loss, use or unauthorized access, alteration or disclosure of your personal data. In addition, we restrict access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They process your personal data only according to our instructions and are subject to a duty of confidentiality.


We have established procedures to address any suspected personal data breaches and will notify you and any applicable supervisory authorities of a breach when we are legally required to do so.


How long will we use your personal data?

We will keep your personal data only as long as reasonably necessary to fulfill the purposes for which we collected it, including to comply with legal, regulatory, tax, accounting or reporting requirements. We may keep your personal data longer in the event of a complaint or if we reasonably believe there is a risk of legal action regarding our relationship with you.


In determining the appropriate retention period for personal data, we take into account the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes by other means, and applicable legal requirements.


Your rights

You have the right to:

  • Request access to your personal data.
  • Request correction of the personal data we hold about you.
  • Request deletion of your personal data.
  • Object to the processing of your personal data.
  • Request restriction of processing of your personal data.
  • Request portability of your personal data to yourself or a third party.
  • Withdraw consent at any time when we depend on your consent to process your personal data.

Where and how to exercise your rights

You can exercise your rights by contacting us at our mailing address or email address (listed in Section 1), using the reference “Personal Data”, specifying the right you wish to exercise and with respect to which personal data.


If you are not satisfied with the way we process your data, you may file a complaint with the Spanish Data Protection Authority (www.aepd.es).


Deadline to respond

We try to respond to all legitimate requests within one month. Sometimes it may take longer than a month if your request is particularly complex or if you have made multiple requests. In that case, we will notify you and keep you informed.


Physical Documents.

Physical documents that we receive but do not use, or that later prove to be unnecessary, are destroyed by us according to the guidelines of security level P-4 (DIN 66399).

Cookies

Cookies are very small files designed to recognize the user when they visit the Website. They help us provide you with a good experience, improve our website, and analyze performance. We only use them if you give your consent. Rejecting cookies may limit the functionality of the website.

Below, you will find a table overview of the cookies we may place. You can always change your cookie preferences via the button below.

Cookie Settings
Name Category Purpose Duration Provider
_ga Performance Registers a unique ID for a website visitor to track how the visitor uses the website. The data is used for statistics. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which ensures that your rights as a data subject can be guaranteed. 2 years 4 days 23 hours 59 minutes 57 seconds Google
_ga_******** Performance This cookie stores a unique ID for a website visitor and tracks how the visitor uses the website. The data is used for statistics. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which ensures that your rights as a data subject can be guaranteed. 2 years 4 days 23 hours 59 minutes 57 seconds Google
_gcl_au Ads This cookie is placed by Google Adsense for experiments with 'cross-website' ads. 2 months 4 weeks 1 day 23 hours 59 minutes 57 seconds Google
IDE Ads Cookie from DoubleClick (Google) that helps us analyze and optimize our ad campaigns. 1 year 3 weeks 3 days 23 hours 59 minutes 58 seconds Google
sp_landing Ads Used to implement Spotify audio content on the website. It can also be used to record user interaction and preferences in conjunction with audio content. This may serve statistical and marketing purposes. 23 hours 59 minutes 49 seconds Spotify
sp_t Ads Used to implement Spotify audio content on the website. It can also be used to record user interaction and preferences in conjunction with audio content. This may serve statistical and marketing purposes. 1 year 4 days 23 hours 59 minutes 49 seconds Spotify
wf-csrf Necessary Ensures browser security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor. Session Webflow
wf-csrf.sig Necessary Ensures browser security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor. Session Webflow

Do you need assistance?

We understand that the information can be overwhelming. Things often work differently abroad than you are used to. That's why we are here to answer your questions.

Chat with us