Privacy Policy

Data Controller Information

PixelHarbor S.L. is the data controller for the personal data we process. Our contact details are:

Data We Collect

The types of personal data we collect and process depend on how you interact with our services. Our data collection practices include gathering information necessary to provide our financial advisory services and improve your experience with our website.

Personal Information You Provide

• Contact details (name, email address, phone number, postal address)
• Company information (business name, industry, size, registration details)
• Financial information relevant to our advisory services
• Communication preferences and enquiry details
• Professional background and business objectives

Information Automatically Collected

• Website usage data (pages visited, time spent, click patterns)
• Device information (IP address, browser type, operating system)
• Cookies and tracking technologies data
• Referral sources and marketing campaign effectiveness data

How We Use Your Information

We process your personal data for various purposes, each based on a lawful basis under GDPR. Our use of your data is essential for providing our financial advisory services and maintaining our business relationship with you.

Service Provision

• Providing financial advisory and consultation services
• Responding to your enquiries and service requests
• Processing and managing client engagements
• Delivering customised financial strategies and recommendations

Communication and Support

• Sending service-related communications and updates
• Providing customer support and technical assistance
• Notifying you about changes to our services or policies

Business Operations

• Improving our website functionality and user experience
• Conducting business analysis and service development
• Ensuring compliance with legal and regulatory requirements
• Protecting against fraud and maintaining security

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following lawful bases:

• Contract Performance: Processing necessary to fulfil our service agreements with you
• Legitimate Interests: Processing for our business operations, website improvement, and fraud prevention
• Consent: Processing based on your explicit consent, particularly for marketing communications
• Legal Obligation: Processing required to comply with legal and regulatory requirements

Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information in the following limited circumstances:

• With professional service providers who assist in delivering our services (under strict confidentiality agreements)
• With regulatory authorities when required by law or legal process
• With our legal and professional advisors for compliance and business purposes
• In connection with a business transfer, merger, or acquisition (with appropriate safeguards)

International Data Transfers

As we operate primarily within the European Union, your data is generally processed within the EU/EEA. If we need to transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Our data retention periods include:

• Client Records: 7 years after the end of our business relationship (for regulatory compliance)
• Marketing Data: Until you withdraw consent or 3 years of inactivity
• Website Analytics: 26 months from collection
• Communication Records: 3 years from last contact

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

Access and Portability

• Right to access your personal data and receive information about our processing activities
• Right to receive your data in a structured, machine-readable format

Correction and Deletion

• Right to correct inaccurate or incomplete personal data
• Right to request deletion of your personal data (subject to legal obligations)

Processing Restrictions

• Right to restrict processing in certain circumstances
• Right to object to processing based on legitimate interests
• Right to withdraw consent for consent-based processing

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Complaints and Supervisory Authority

If you believe we have not handled your personal data in accordance with this policy or applicable data protection laws, you have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos - AEPD) or your local supervisory authority.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your information.