Contact us

Privacy Policy

1. Privacy and data protection policy

Respecting the provisions of the legislation in force, LaHoz Abogados (hereinafter, also Website) undertakes to adopt the necessary technical and organizational measures, according to the level of security. to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the appropriate to the risk of the data collected.

Laws incorporated into this privacy policy

This privacy policy complies with current Spanish and European regulations on the protection of personal data on the internet. Specifically, it adheres to the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR).
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD).
  • Royal Decree 1720/2007, of December 21, approving the implementing regulations of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the Data Controller

The data controller responsible for processing personal data collected by LaHoz Abogados is Mario LaHoz Marco, with NIF: 48404032A (hereinafter, the “Data Controller”). His contact details are as follows:

Personal Data Record

In compliance with the GDPR and the LOPD-GDD, we inform you that personal data collected by LaHoz Abogados through forms on its website will be incorporated into our database. The data will be processed to facilitate, expedite, and fulfill the commitments established between LaHoz Abogados and the User, maintain the relationship defined in the completed forms, or respond to inquiries.

Additionally, as required by the GDPR and LOPD-GDD, unless an exception applies under Article 30.5 of the GDPR, a record of processing activities is maintained. This record specifies, according to their purpose, the data processing activities carried out and other circumstances established by the GDPR.

Principles Applicable to the Processing of Personal Data

The processing of the User’s personal data is subject to the principles outlined in Article 5 of the GDPR and Article 4 and subsequent articles of Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights:

  • Lawfulness, Fairness, and Transparency: User consent will always be required, with full transparency regarding the purposes of data collection.
  • Purpose Limitation: Data will be collected for specific, explicit, and legitimate purposes.
  • Data Minimization: Only the data strictly necessary for the intended purposes will be collected.
  • Accuracy: Personal data must be accurate and kept up to date.
  • Storage Limitation: Data will only be retained for as long as necessary for its intended purposes.
  • Integrity and Confidentiality: Data will be processed securely to ensure its confidentiality.
  • Accountability: The Data Controller is responsible for ensuring compliance with these principles.

Categories of Personal Data

LaHoz Abogados processes only identifying data. No special categories of personal data, as defined in Article 9 of the GDPR, are processed.

Legal Basis for Data Processing

The legal basis for processing personal data is User consent. LaHoz Abogados ensures that explicit and verifiable consent is obtained before processing any data for specific purposes.

Users have the right to withdraw their consent at any time, and the process for withdrawal will be as simple as granting consent. As a general rule, withdrawing consent will not affect the User’s ability to use the website.

When Users are required to provide personal data via forms for inquiries, information requests, or interactions with the website, they will be informed if any fields are mandatory due to their necessity for the intended service.

Purposes of Data Processing

Personal data is collected and managed by LaHoz Abogados to facilitate, streamline, and fulfill the commitments established between the Website and the User or to maintain the relationship initiated through the forms the User completes. Additionally, data may be used for commercial, operational, and statistical purposes, as well as for marketing studies aimed at improving the quality, functionality, and navigation of the Website.

At the time of data collection, the User will be informed of the specific purpose(s) of the processing, meaning how their information will be used.

Data Retention Periods

Personal data will only be retained for the minimum time necessary to fulfill its purpose, and in any case, for a maximum of 12 months unless the User requests its deletion earlier.

At the time of data collection, the User will be informed of the retention period or, if not possible, the criteria used to determine it.

Recipients of Personal Data

The User’s personal data may be shared with the following recipients or categories of recipients:

  • Internal personnel and legal representatives of LaHoz Abogados.
  • Third parties or organizations where data transfer is legally required.

If the Data Controller intends to transfer personal data to a third country or international organization, the User will be informed at the time of collection about:

  • The destination country or organization.
  • Whether an adequacy decision by the European Commission exists.

Personal Data of Minors

In compliance with Article 8 of the GDPR and Article 7 of Organic Law 3/2018, only individuals over 14 years old may lawfully consent to their personal data processing by LaHoz Abogados.

For minors under 14 years old, parental or legal guardian consent is required. In such cases, data processing will only be considered lawful if it has been explicitly authorized by the parent or guardian.

Confidentiality & Security of Personal Data

LaHoz Abogados commits to implementing the technical and organizational measures necessary to ensure an appropriate level of security and to prevent:

  • Accidental or unlawful destruction, loss, or alteration of personal data.
  • Unauthorized access or disclosure of personal data.

The Website is equipped with an SSL (Secure Socket Layer) certificate, ensuring that personal data is securely transmitted in encrypted form between the User and the server.

However, due to the inherent vulnerabilities of the internet, LaHoz Abogados cannot fully guarantee the absence of cyberattacks or fraudulent access to personal data. If a security breach occurs that is likely to pose a high risk to Users’ rights and freedoms, LaHoz Abogados commits to:

  • Notifying Users without undue delay.
  • Taking all necessary measures to mitigate risks.

In compliance with Article 4 of the GDPR, a security breach includes any unauthorized access, loss, alteration, or disclosure of personal data.

All personal data will be treated as strictly confidential, and LaHoz Abogados ensures that employees, associates, and any individuals with access to such data are legally or contractually bound to maintain its confidentiality.

Rights Derived from the Processing of Personal Data

The User can exercise the following rights against LaHoz Abogados, as recognized in the General Data Protection Regulation (GDPR) and the Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights:

1. Right of Access

The User has the right to obtain confirmation as to whether LaHoz Abogados is processing their personal data. If so, the User can access the following information:

  • Personal data being processed.
  • Origin of the data.
  • Purpose of the processing.
  • Recipients of the data, if shared.

2. Right of Rectification

The User can request the modification of their personal data if it is inaccurate or incomplete.

3. Right to Erasure (“Right to be Forgotten”)

The User can request the deletion of their personal data, except in the following cases:

  • When the data is necessary for compliance with a legal obligation.
  • When the data is necessary for the performance of a contract.
  • When there are legitimate reasons for keeping the data.

If the data has been published or shared with third parties, LaHoz Abogados will make reasonable efforts to inform them of the deletion request.

Links to Third-Party Websites

The Website may include hyperlinks or links that allow access to third-party websites that are not operated by LaHoz Abogados. The owners of these websites will have their own privacy policies, and they are responsible for their own files and privacy practices.

Complaints to the Control Authority

If the User considers that there is a problem or infringement of the applicable regulations regarding the processing of their personal data, they have the right to effective judicial protection and to file a complaint with a control authority. This can be done particularly in the country where the User has their habitual residence, workplace, or where the alleged infringement took place. In Spain, the control authority is the Spanish Data Protection Agency (https://www.aepd.es/).

2. Acceptance and Changes to This Privacy Policy

It is necessary for the User to have read and agreed to the terms regarding the protection of personal data contained in this Privacy Policy, as well as to accept the processing of their personal data for the Data Controller to proceed with it in the manner, within the timeframes, and for the purposes indicated. The use of the Website implies acceptance of this Privacy Policy.

LaHoz Abogados reserves the right to modify its Privacy Policy, at its own discretion or due to changes in legislation, case law, or guidance from the Spanish Data Protection Agency. Changes or updates to this Privacy Policy will not be explicitly communicated to the User. The User is encouraged to consult this page periodically to stay informed about the latest changes or updates.

This Privacy Policy was updated to comply with Regulation (EU) 2016/679 of the European Parliament and Council, dated April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR), and with Organic Law 3/2018, dated December 5, 2018, on the protection of personal data and guarantee of digital rights.

This Privacy Policy document for a website was created using the free online web privacy policy template generator on March 4, 2025.

Do you need legal help?

Contact us now and get the expert advice you need to resolve your case effectively.

Contact us
Logo lahoz abogados
Contact us