1. General Information for Customers. Controller's Identity

This privacy policy applies to the processing of personal data ("Data") that you provide us with in the context of our business relationship, in compliance with the provisions of Regulation 2016/679 ("GDPR") and its implementing regulations.

Controller of your data:

  • Owner: Epagado, S.L. (hereinafter referred to as "Controller" or "Owner")
  • VAT number: B85719904
  • Address: Calle José Ortega y Gasset, 25, Planta Baja, CP 28006, Madrid, Spain
  • Website:
  • Email:

Your Data will be processed by the Controller for the purpose of maintaining, developing, and monitoring our business relationship, which includes responding to your inquiries or requests for information or documentation, as well as sending you the requested information.

The legal basis for the Controller to process your data is your consent.

The categories of personal data processed by the Controller are: Identifying data (name, surname, telephone number, email address, and IP address).

It is necessary to provide all the requested data to access our services. The provided data must be accurate and up-to-date at the time of providing the information, and you guarantee its authenticity and accuracy. By submitting your data electronically, you confirm that you are at least 14 years old. Additionally, we ask you to promptly inform us of any changes to your data.

2. Communication of Your Personal Data

In general, the Controller will not share your personal information, except for those disclosures required by legal obligations. Additionally, your personal information will be made available to Public Administrations, Judges, and Courts for the handling of potential liabilities arising from the processing.

You expressly consent to the Controller disclosing your Data to companies within its group and collaborating companies if necessary to initiate, maintain, or conclude the provision of the services contracted by the user.

There are no international transfers of your data to countries outside the European Economic Area (EEA).

3. Retention of Your Personal Data

Your Data will be kept in our files as long as our commercial relationship is in effect and during the legal or contractually established periods for the exercise of any actions by You or the Controller. Once our commercial relationship is terminated, your Data will be duly blocked, in accordance with the applicable regulations. However, after our relationship ends, your Data may continue to be used for commercial purposes, under the conditions established in the previous provisions, until You revoke the consent you have provided.

4. Access to Data by Third Parties

We inform you that certain companies may have access to your Data solely for the purpose of providing the Controller with processing services, such as data hosting companies, IT service providers, etc., without these service providers being able to use your Data for other purposes or for their own interest. These companies may be located in countries outside the European Economic Area that do not offer a level of protection equivalent to that of the GDPR.

5. Confidentiality and Security Measures

Finally, we want to inform you that the Controller will treat your Data at all times in absolute confidentiality and in accordance with the expressly established purposes and uses.

Likewise, we inform you that the Controller has implemented the necessary technical and organizational measures to ensure the security of your Data and prevent its alteration, loss, unauthorized access, or processing, taking into account the state of technology, the nature of the stored data, and the risks to which they are exposed.

In addition, all personnel with access to personal data have been trained and are aware of their obligations regarding the processing of your personal data.

All these security measures are periodically reviewed to ensure their adequacy and effectiveness.

However, absolute security cannot be guaranteed, and there is no security system that is impregnable. Therefore, in the event that any information subject to processing under the control of the Controller is compromised due to a security breach, appropriate measures will be taken to investigate the incident and, if necessary, notify the Supervisory Authority and the affected users so that they can take appropriate measures.

6. Exercise of Rights

You may exercise your rights of access, rectification, cancellation, opposition, limitation, and portability of your Data at any time, as provided by law, by contacting the postal address of the Controller indicated above and providing a copy of the document proving your identity.

The Controller will respond to your request within one month, although, considering the complexity and number of requests, this period may be extended by an additional two months.

For your convenience, you can obtain information about exercising these rights by contacting us through the contact form available on our website or via email.

7. Cookie Policy

The purpose of this policy is to inform you clearly and in detail about what a cookie is, its purpose, what types of cookies we use, and how to configure or disable them, if applicable.

A cookie is a small text file that is stored in your browser when you visit our website and saves information about your browsing activities. Some cookies are essential for the proper functioning of websites, such as technical cookies or user interface customization cookies, while others, such as analytics cookies or behavioral advertising cookies, require us to inform you and obtain your consent to use them.

Below, we provide you with detailed information on the nature and purpose of each type of cookie used by the Controller:

Technical cookies are those that allow users to navigate a website, platform, or application and use the different options or services available, including the management and operation of the website and the enabling of its features and services. For example, they may include identifying a session, accessing restricted areas, remembering items in a shopping cart, completing a purchase process, managing payment, etc. The website cannot function properly without these cookies, so they are considered necessary and do not require your consent.

The Website is using its own technical cookies for the purposes described above, with an expiration of 24 hours.

If you disable cookies, you will still be able to access the website, but your browsing experience may not be optimal, and some of the offered services may not function correctly.

If the Controller were to use different types of cookies than those described in this Cookie Policy in the future to provide new services or if it were necessary to adapt to new legislative requirements, we will notify you accordingly.

You can allow, block, or delete the cookies installed on your device through the configuration menu of your internet browser, where you can set it to block cookies or notify you when a server wants to save them.