Privacy Policy

1. Data Controller

The data controller responsible for processing your personal data is:

Monverento
Senda de Granada, 31
30100 Murcia, Spain
NIF: E45794900
Email: info@monverento.com
Phone: +34 868 289 754

This Privacy Policy applies to the website monverento.com and all related subpages. It has been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation, "GDPR") and Organic Law 3/2018 of 5 December on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD).

2. Data We Collect

2.1 Data you provide directly

When you use the contact form on this website, we collect the following information that you voluntarily provide:

• Full name
• Email address
• Subject of your enquiry
• Content of your message

We do not collect sensitive personal data as defined in Article 9 of the GDPR (such as health data, racial or ethnic origin, political opinions, religious beliefs, or biometric data).

2.2 Data collected automatically

When you visit this website, certain technical data is collected automatically by our hosting infrastructure and analytics systems. This may include your IP address (in anonymised form where possible), browser type, operating system, referring URL, pages visited, and time and date of your visit. This data is used solely for the purpose of maintaining the security and performance of the website and, where consent has been given, for understanding how visitors use the site.

2.3 Cookie data

This website uses cookies. Please refer to our Cookie Policy for full details of the cookies we use, their purposes, and how to manage your preferences.

3. Purposes of Processing

We process your personal data for the following purposes:

• Responding to enquiries: When you submit the contact form, we use the information you provide to respond to your question or request. This is the primary purpose of data collection on this website.
• Website operation and security: Technical data is processed to ensure the website functions correctly, to detect and prevent security threats, and to maintain service continuity.
• Analytics (with consent): Where you have given your consent via the cookie preference centre, we may use analytics cookies to understand aggregate patterns of website use. This data is not used to identify individual users.
• Legal compliance: We may process data where necessary to comply with applicable legal obligations.

We do not use your personal data for automated decision-making or profiling as described in Article 22 of the GDPR.

4. Legal Basis for Processing

The legal bases on which we rely to process your personal data are as follows:

• Consent (Article 6(1)(a) GDPR): For analytics and marketing cookies, and for the processing of your contact form submission, we rely on your freely given, specific, informed, and unambiguous consent. You may withdraw your consent at any time by contacting us or adjusting your cookie preferences.
• Legitimate interests (Article 6(1)(f) GDPR): For the technical operation and security of the website, we rely on our legitimate interest in maintaining a functional and secure online presence. We have assessed that this interest does not override your fundamental rights and freedoms.
• Legal obligation (Article 6(1)(c) GDPR): Where we are required to retain or disclose data to comply with a legal obligation under EU or Spanish law.

5. Retention Periods

We retain personal data only for as long as is necessary for the purpose for which it was collected, or as required by applicable law.

• Contact form data: Retained for a maximum of 12 months from the date of the enquiry, unless an ongoing relationship or legal obligation requires a longer retention period.
• Technical and server logs: Retained for a maximum of 30 days, after which they are deleted or anonymised.
• Cookie consent records: Retained for 12 months, consistent with the cookie consent validity period.

At the end of the applicable retention period, data is securely deleted or anonymised so that it can no longer be attributed to an identified or identifiable individual.

6. Recipients and International Transfers

Your personal data is not sold, rented, or shared with third parties for their own marketing purposes.

We may share your data with the following categories of recipients where necessary:

• Hosting and infrastructure providers: Our website is hosted on servers located within the European Economic Area (EEA). The hosting provider processes technical data as a data processor acting on our instructions.
• Email service providers: Contact form submissions may be transmitted via an email service provider. Such providers act as data processors and are bound by data processing agreements consistent with GDPR requirements.
• Public authorities: We may disclose data to competent authorities where required to do so by law, court order, or regulatory requirement.

Where any transfer of personal data outside the EEA is involved, we ensure that appropriate safeguards are in place as required by Chapter V of the GDPR, such as Standard Contractual Clauses approved by the European Commission.

7. Your Rights

Under the GDPR and LOPDGDD, you have the following rights with respect to your personal data:

• Right of access (Article 15 GDPR): You may request confirmation of whether we process your personal data and, if so, a copy of that data and information about how it is processed.
• Right to rectification (Article 16 GDPR): You may request that inaccurate personal data be corrected or incomplete data be completed.
• Right to erasure (Article 17 GDPR): You may request the deletion of your personal data where there is no longer a lawful basis for its processing.
• Right to restriction of processing (Article 18 GDPR): You may request that we restrict the processing of your data in certain circumstances.
• Right to data portability (Article 20 GDPR): Where processing is based on consent or contract and carried out by automated means, you may request a copy of your data in a structured, commonly used, machine-readable format.
• Right to object (Article 21 GDPR): You may object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
• Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us at info@monverento.com. We will respond within one month of receiving your request. If you believe your rights have not been respected, you have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos, AEPD) at www.aepd.es.

8. Cookies

This website uses cookies and similar tracking technologies. We operate a cookie consent mechanism that allows you to accept, reject, or customise your preferences by category (necessary, analytics, marketing). Necessary cookies are required for the website to function and cannot be disabled.

For full information about the cookies we use, their names, purposes, and duration, please read our Cookie Policy. You can change your cookie preferences at any time by clicking the "Cookie preferences" link in the bottom-left corner of any page.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include:

• Transmission of data over encrypted connections (HTTPS/TLS)
• Access controls limiting who can access personal data
• Regular review of our security practices
• Data minimisation - we collect only what is necessary

No method of transmission over the internet is entirely secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Where changes are material, we will take reasonable steps to bring them to your attention.

11. Contact

For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact us:

Monverento
Senda de Granada, 31, 30100 Murcia, Spain
Email: info@monverento.com
Phone: +34 868 289 754

You also have the right to lodge a complaint with the supervisory authority. In Spain, this is the Agencia Española de Protección de Datos (AEPD), C/ Jorge Juan, 6, 28001 Madrid, www.aepd.es.