Privacy Policy
Last updated: 18 Sep 2025
Data Controller
FOTOPOSTIGO — Álvaro Postigo Armendáriz (NIREIDA CONSULTING LTD)
Contact: info@fotopostigo.com · +34 617 892 731 / +357 97 845 207
What data we collect
-
Contact form (CF7): name, email, phone (optional), message, IP/time.
-
Email: messages you send us and our replies.
-
Security logs: Wordfence/WP Armour may store IPs/events to prevent attacks.
-
Cookies: see Cookie Policy.
Why we process your data (legal bases, GDPR)
-
Reply to enquiries / pre-contract steps: Art. 6(1)(b).
-
Send quotes and manage clients: performance of a contract: Art. 6(1)(b).
-
Security / fraud prevention: legitimate interest: Art. 6(1)(f).
-
Legal obligations (invoicing/tax): Art. 6(1)(c) — only if you become a client.
-
Consent for optional communications (if any): Art. 6(1)(a).
How long we keep it
-
Enquiries: up to 12 months after last contact (or earlier if you ask us to delete).
-
Clients / invoicing: 6–10 years (legal obligations).
-
Security logs: typically 14–90 days (plugin defaults).
Who receives your data
-
Hosting & email providers (in the EEA or with adequate safeguards).
-
Security/anti-spam plugins (Wordfence, WP Armour, Akismet) to block abuse.
We do not sell your data.
International transfers
If a provider operates outside the EEA, we ensure appropriate safeguards (e.g., SCCs/EU adequacy).
Your rights
Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent at any time.
How: email info@fotopostigo.com
You may lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus) or the AEPD (Spain).
Contact
For any privacy matter: info@fotopostigo.com