Privacy Policy

Last updated: May 12, 2026

1. Data Controller

Teciforp SL ("Teciforp", "we", "us") is the data controller responsible for processing the personal data collected through the website teciforp.com and any associated SaaS services.

  • Company name: Teciforp SL
  • Tax ID (NIF): B42618421
  • Registered office: Alicante, Spain
  • Contact email / Data Protection Officer (DPO): hola@teciforp.com

This Privacy Policy is governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the "GDPR"), by Spanish Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights ("LOPDGDD"), and by Spanish Law 34/2002 of 11 July on Information Society Services and Electronic Commerce ("LSSI-CE").

2. Categories of data we process

Depending on the user's interaction with Teciforp, we may process the following categories of personal data:

  • Contact data: name, surname, email address, phone number, and any other information voluntarily provided through contact forms, newsletter subscriptions or commercial requests.
  • Navigation data: IP address (anonymised where technically feasible), browser type and version, operating system, language, timestamps and pages visited. This data is collected through essential technical mechanisms and, where applicable, through analytical cookies previously consented to.
  • Customer data (when subscribing to a SaaS service): identification and tax data of the client company, data of authorised users, operational data introduced into the platform (estimates, invoices, work reports, property listings, accounting documents or other internal management information).
  • Communications data: content of messages exchanged by email, forms or support channels.

Teciforp does not, unless legally required or with explicit consent, process special categories of personal data (health data, ideology, religion, trade union membership, racial origin or sexual orientation).

3. Purposes of processing

We process personal data for the following purposes:

  • To respond to enquiries, information requests and commercial requests received through the website, forms or email.
  • To manage onboarding, maintenance, support and invoicing of subscribed SaaS services.
  • To comply with legal, tax and accounting obligations applicable to Teciforp.
  • To send informational communications about product launches, new features or events, exclusively where the user has given explicit consent.
  • To improve the quality of the website and services through aggregated and anonymous statistical analysis.
  • To prevent and detect fraud, abuse and unauthorised use of the platform.
  • To exercise and defend Teciforp's legitimate rights in the event of administrative or judicial claims.

4. Legal basis for processing

The legal basis for each processing activity depends on its specific purpose:

  • Consent of the data subject (Art. 6(1)(a) GDPR): for sending commercial communications, subscription to launch notifications and, where applicable, installation of non-essential cookies.
  • Performance of a contract (Art. 6(1)(b) GDPR): for the provision of subscribed SaaS services and related administrative management.
  • Compliance with a legal obligation (Art. 6(1)(c) GDPR): for the retention of accounting documentation, invoicing and response to administrative requirements.
  • Legitimate interests of the controller (Art. 6(1)(f) GDPR): for product improvement, platform security, fraud prevention and the handling of enquiries received through contact channels. In all cases, a balancing test has been carried out concluding that such interest does not override the fundamental rights and freedoms of the data subject.

5. Retention periods

Personal data will be retained for the period strictly necessary to fulfil the purpose for which it was collected and, where applicable, during the periods legally established:

  • Contact messages: up to 24 months from the last interaction, unless the user requests deletion.
  • SaaS customer data: for the duration of the contract and, subsequently, during the limitation periods for derived actions and applicable tax and accounting obligations (generally up to six years under the Spanish Commercial Code and tax regulations).
  • Newsletter subscriptions: until the user revokes consent.
  • Technical and security logs: up to 12 months, unless a longer legal retention obligation applies.

Upon expiration of such periods, data will be irreversibly deleted or anonymised.

6. Recipients and data sharing

Teciforp does not sell, rent or trade users' personal data.

For the provision of its services, Teciforp may rely on technology providers acting as data processors under Article 28 GDPR, always under a Data Processing Agreement (DPA):

  • Cloud infrastructure and web hosting providers (servers preferably located in the European Union).
  • Artificial intelligence model providers (including Anthropic PBC and, where applicable, OpenAI), exclusively for the operational processing required by the service, with contractual commitments of no training on customer data and deletion after the service.
  • Transactional email and support providers.
  • Legal, tax and accounting advisors bound by confidentiality obligations.

Data may also be communicated to judicial, administrative or supervisory authorities that legitimately request it.

7. International data transfers

Where international transfers of data outside the European Economic Area (EEA) are required, Teciforp will adopt the appropriate safeguards provided by the GDPR, in particular:

  • Adequacy decisions adopted by the European Commission, when available for the recipient country.
  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Additional technical and organisational measures where the Transfer Impact Assessment so requires.

Users may request detailed information on ongoing international transfers by emailing hola@teciforp.com.

8. Data subject rights

Pursuant to Articles 15 to 22 GDPR, users may exercise the following rights at any time:

  • Right of access to their personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") under the circumstances legally provided.
  • Right to restriction of processing under Article 18 GDPR.
  • Right to data portability in a structured, commonly used and machine-readable format.
  • Right to object to processing based on grounds relating to their particular situation.
  • Right not to be subject to automated individual decisions, including profiling, that produce legal effects or significantly affect them.
  • Right to withdraw consent at any time, without affecting the lawfulness of prior processing.

To exercise these rights, users may send a written request to hola@teciforp.com, clearly indicating the right being exercised and attaching a copy of an identification document. Teciforp will respond within a maximum of one month from receipt of the request, extendable by two additional months when the complexity or number of requests so justifies.

If the user believes their rights have not been properly addressed, they may file a complaint with the Spanish Data Protection Agency (AEPD), C/ Jorge Juan, 6, 28001 Madrid, or through its electronic office at www.aepd.es.

9. Data security

Teciforp has implemented reasonable and proportionate technical and organisational measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, in accordance with Article 32 GDPR. These measures include, among others: encryption in transit (TLS) and at rest where appropriate, access control through authentication, logical segregation of environments, regular backups, event logging and continuous vulnerability review.

Notwithstanding the above, no security measure can guarantee absolute protection against attacks or unauthorised access. The user acknowledges this risk inherent to the use of digital services.

10. Minors

Teciforp services are addressed exclusively to persons over 18 years of age or, where applicable, to professionals acting on behalf of legal entities. Teciforp does not knowingly collect data from minors. If it is detected that a minor has provided data without parental authorisation, Teciforp will proceed with its immediate deletion.

11. Automated decisions and artificial intelligence

Some Teciforp services incorporate artificial intelligence functionalities (text generation, document classification, predictive valuation, etc.). The user retains at all times control over decisions taken on the basis of these functionalities and has the right not to be subject to decisions based solely on automated processing that produce significant legal effects. For more information on the logic applied in each functionality, the user may contact hola@teciforp.com.

12. Modifications to the policy

Teciforp reserves the right to modify this Privacy Policy to adapt it to legislative, jurisprudential, technical or business changes. Where changes are material, they will be communicated to the user with a minimum notice period of 30 days through the website or by email. The version in force at any given time will always be available at teciforp.com/privacy.

13. Applicable law

This Policy is governed by Spanish and European Union law, in particular the GDPR, LOPDGDD and LSSI-CE.