Privacy Policy

1. Data controller

The controller of your personal data is AGILE DIGITAL SOLUTIONS, S.L. (hereinafter, “AGDS”), Tax ID B72527815, with registered office at Calle Valle de Enmedio 2, Escalera E, Piso 1C, Madrid (Spain). Registered with the Madrid Mercantile Registry, Volume 44068, Folio 128, Sheet M-777335, Entry 1. You can contact us about data protection at clientes@agdigitals.com or by phone at +34 644 216 451.

2. Data we collect

Depending on how you interact with our site and services, we may collect the following categories of personal data:

• Identification data: first name, last name, email address, phone number and company.
• Contact-form data: the message you sent, the interaction language, a timestamp and the IP address recorded at the moment consent was granted (required to evidence GDPR compliance).
• Browsing data: IP address, browser type, pages visited, time spent and cookie data (only if you accept analytics cookies).
• Data voluntarily provided: information included in contact forms, session bookings, quote requests or direct communications.

3. Purposes of processing

We use the personal data we collect for the following purposes:

• To manage and respond to requests received through the contact form and other channels.
• To confirm and manage sessions booked through the site.
• To deliver the consulting and digital-transformation services you have engaged.
• To send commercial communications related to our services, always with your prior consent.
• To improve the browsing experience and site operation through statistical analysis, only when authorized by the user.
• To comply with applicable legal obligations, including evidencing the consent provided.

Providing your data through the form is voluntary. Without it we cannot respond to your enquiry, but there is no legal or contractual obligation to provide it.

4. Lawful basis for processing

We process your data on the following lawful bases under the General Data Protection Regulation (GDPR): the data subject's consent for contact-form communications, non-essential cookies and commercial communications; the performance of a contract or pre-contractual measures when you request our services; the legitimate interest of AGDS in improving site security and preventing abuse; and the compliance with legal obligations when required by applicable regulations.

5. Data retention

Personal data will be kept for as long as necessary to fulfil the purpose for which it was collected and, thereafter, for the statutory periods that may apply.

Data submitted through the contact form will be kept for a maximum of 2 years from the last interaction, unless the conversation gives rise to a contractual relationship. The consent record (timestamp + IP) is kept for the same period as evidence of GDPR compliance.

Client data will be kept for the duration of the contractual relationship and, afterwards, for a period of 5 years in accordance with applicable commercial and tax laws.

6. Recipients and processors

AGDS does not transfer your data to third parties for purposes other than those described. We do use technology providers that process data on behalf of AGDS as data processors, under contract and with the safeguards required by Article 28 GDPR:

• Amazon Web Services (AWS Amplify, AWS SES) (website hosting and email notifications in the eu-west-1 Ireland region). Processes technical browsing data and contact-form data in transit to our inbox.
• Sumo Group / TidyCal (calendar for booking free sessions). Processes the data the user enters when booking.

Competent public authorities may also access the data where a legal obligation exists.

7. International data transfers

Some of the processors listed above are established outside the European Economic Area: TidyCal . These international transfers are made with the appropriate safeguards required by the GDPR: Standard Contractual Clauses approved by the European Commission, EU-US Data Privacy Framework certification where applicable, and Data Processing Agreements (DPA) signed with each provider.

You can request a copy of the safeguards applied by writing to clientes@agdigitals.com.

8. Automated decision-making and profiling

AGDS does not take automated decisions, including profiling, that produce legal effects or similarly significantly affect the user. All processing of your data involves human review.

9. User rights

As the owner of your personal data, you have the right to:

• Access: know which of your personal data is being processed.
• Rectification: request the correction of inaccurate or incomplete data.
• Erasure: request the deletion of your data when it is no longer needed for the purpose for which it was collected.
• Portability: receive your data in a structured, commonly used format to transmit it to another controller.
• Objection: object to the processing of your data in certain circumstances.
• Restriction of processing: request the restriction of processing in the cases provided by law.
• Withdrawal of consent: withdraw previously granted consent, without affecting the lawfulness of prior processing.

To exercise any of these rights, write to clientes@agdigitals.com, stating your identity and the right you wish to exercise. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) if you believe your rights have not been properly addressed.

10. Data security

AGDS implements appropriate technical and organisational measures to ensure the security of your personal data and to prevent its alteration, loss, unauthorised processing or access, taking into account the state of the art, the nature of the data and the associated risks.

11. Changes to this policy

AGDS reserves the right to update this Privacy Policy to adapt it to legal or case-law developments, as well as to changes in our data-processing practices. Any change will be published on this page together with its update date.