Legal

Privacy policy.

How we collect, process and protect your personal data, in accordance with the GDPR (EU Regulation 2016/679) and Spanish Organic Law 3/2018 on Data Protection (LOPDGDD).

Note: this is an English translation provided for convenience. The Spanish version is the legally binding text.

Last updated: 23 April 2026

At A-digital we take your privacy and the protection of your personal data seriously. This Privacy Policy is designed to inform you clearly and transparently about how we process the data you provide through this website, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR) and Spanish Organic Law 3/2018 of 5 December on Personal Data Protection and digital rights guarantees (LOPDGDD).

1. Data controller

The controller of personal data collected through this website is:

  • Owner / Titular: Alain Corulla Sorondo (trading as «A-digital»), sole trader.
  • Tax ID / NIF: 14305036W
  • Registered address / Domicilio fiscal: Calle Santa Escolástica, 49 · 07702 Mahón · Illes Balears · España.
  • Office: ZeroEsTres Coworking, Office 2 · Av. d'es Castell · 07720 Es Castell · Menorca.
  • Phone: +34 639 568 353
  • Email: team@a-digital.net
  • Website: https://a-digital.net

As the controller is a sole trader who does not carry out large-scale processing or processing of special categories of data, the appointment of a Data Protection Officer (DPO) is not required under Article 37 GDPR. Any data-protection queries may be directed to the email address above.

2. Purposes of processing

We process your personal data for the following purposes:

  • Handling enquiries and audit requests: responding to queries, information requests and free-audit requests received through the website contact form or by email.
  • Providing contracted services: managing the contractual relationship with clients (digital marketing, SEO, GEO, web development, hosting, chatbots), including operational communications, invoicing and project follow-up.
  • Sending commercial communications (newsletter): if you give your consent, sending you updates, content, resources and A-digital services that may be of interest to you.
  • Compliance with legal obligations: fulfilling applicable accounting, tax and administrative obligations.
  • Web analytics and site security: measuring, in an aggregated and anonymised way, site activity to improve it, and protecting its integrity against attacks, fraud and misuse.

3. Legal basis for processing

Each of the above purposes rests on a specific legal basis under Article 6 GDPR:

  • Consent of the data subject (Art. 6(1)(a) GDPR): for data provided through the contact/audit form and for newsletter subscriptions. Consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal.
  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR): for providing contracted services and managing the contractual relationship.
  • Compliance with a legal obligation (Art. 6(1)(c) GDPR): for accounting, tax and invoicing purposes.
  • Legitimate interests of the controller (Art. 6(1)(f) GDPR): for aggregated and anonymised website analytics and for the technical security of the site. This interest has been weighed against the rights and freedoms of data subjects and the impact on privacy is considered minimal.

4. Categories of data collected

The personal data we process depends on your relationship with A-digital and may include:

  • Identity data: first and last name.
  • Contact data: email address, phone number.
  • Professional and business data: company name, website, sector, job title and any other information you voluntarily provide in relation to your project.
  • Billing data (clients only): business or personal name, VAT/Tax ID, registered address.
  • Browsing data: IP address, technical cookies and technical browser/device data. See Cookies Policy.

We do not collect special categories of data (health, ethnic origin, political opinions, etc.) or data relating to criminal offences or convictions.

5. Retention periods

We will retain your personal data for the minimum period necessary to fulfil the stated purposes and, in any case, subject to the following indicative retention periods:

  • Contact / audit form enquiries: up to 1 year from the last interaction, unless the enquiry gives rise to a contractual relationship.
  • Contracted-service clients: throughout the duration of the contractual relationship and, once it ends, for a minimum of 6 years to comply with legal obligations in tax and accounting matters (Article 30 of the Spanish Commercial Code and applicable tax regulations).
  • Newsletter subscriptions: until the data subject unsubscribes or withdraws consent.
  • Browsing data: as set out in the Cookies Policy.

Once the stated periods have elapsed, data will be deleted or anonymised, unless a legal obligation requires a longer retention period.

6. Recipients and data transfers

As a general rule, we do not share your personal data with third parties, unless required to do so by law (public authorities, tax administration, law enforcement, courts, etc.).

To provide our services, A-digital works with providers acting as data processors under Article 28 GDPR, with whom data-processing agreements ensuring regulatory compliance have been put in place. Current providers are:

  • Hetzner Online GmbH (Germany, European Union) — hosting provider for the website and the endpoint that receives form submissions.
  • Dinahosting S.L.U. (Spain, European Union) — corporate email provider.
  • Google Ireland Ltd. (Ireland, European Union) — Google Fonts service used to load typefaces on the website, and potentially Google Analytics if activated in the future.

All these providers comply with the GDPR and offer sufficient guarantees to implement appropriate technical and organisational measures.

7. International data transfers

As of the date of the last update to this Policy, no international transfers of data outside the European Economic Area (EEA) take place. All data processors listed above are located in EU member states.

Should we use a provider located outside the EEA in the future (e.g. OpenAI, Anthropic or Cloudflare), we would apply the Standard Contractual Clauses (SCCs) approved by the European Commission under Implementing Decision (EU) 2021/914, along with any supplementary measures necessary to ensure a level of protection equivalent to that within the EEA. This Policy would be updated accordingly.

8. Your rights

Data protection law grants you the following rights over your personal data:

  • Access: to know which of your personal data are being processed and to receive a copy.
  • Rectification: to request correction of inaccurate or incomplete data.
  • Erasure (right to be forgotten): to request deletion of data when it is no longer necessary or when you withdraw consent.
  • Objection: to object to the processing of your data on grounds relating to your particular situation.
  • Restriction of processing: to request that processing be restricted in certain circumstances.
  • Data portability: to receive the data you have provided in a structured, commonly used and machine-readable format and transmit it to another controller.
  • Not to be subject to automated decisions: not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or similarly significantly affect you.
  • Withdrawal of consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please send a request by email to team@a-digital.net or by post to the address in section 1. Your request must include a copy of your national ID, NIE, passport or equivalent document to verify your identity. We will respond within a maximum of one month of receipt, extendable by a further two months in cases of particular complexity.

9. Complaint to the supervisory authority

If you believe that the processing of your personal data does not comply with applicable law, or have not received a satisfactory response to the exercise of your rights, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD):

  • Website: www.aepd.es
  • Address: C/ Jorge Juan, 6 · 28001 Madrid · España
  • Phone: 901 100 099 / 912 663 517

10. Security measures

A-digital applies reasonable, necessary and appropriate technical and organisational measures to ensure a level of security adequate to the risk, in particular to prevent destruction, loss, alteration, disclosure or unauthorised access to personal data. These measures include, among others:

  • TLS-certificate (HTTPS) encryption of all communications across the entire website.
  • Data hosted on servers located within the European Union.
  • Access controls using strong passwords and two-factor authentication (2FA) on internal systems.
  • Regular encrypted backups.
  • Regular software updates for both the website and the server.

11. Minors

This website and its services are not directed at children under 14 years of age. We do not knowingly collect personal data from children of that age. If you are under 14, please do not submit personal data through the website. If we become aware that we have received data from a child under 14 without verifiable parental or guardian consent, we will delete it immediately.

12. Policy updates

A-digital reserves the right to update this Privacy Policy to reflect legislative or case-law developments or changes in professional practice. Any changes will be published on this page and will take effect upon publication. The last-updated date will always be shown. We recommend reviewing this Policy periodically.

13. Contact

For any questions, clarifications or to exercise your data-protection rights, please contact us at:

  • Email: team@a-digital.net
  • Phone: +34 639 568 353
  • Postal address: Calle Santa Escolástica, 49 · 07702 Mahón · Illes Balears