Privacy Policy

Privacy Policy of Fribourg & Partners

In the context of the service provision relationship under Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (hereinafter, LOPD-GDD), as well as Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter, GDPR) and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (hereinafter, LSSI-CE), Fribourg & Partners EAF S.L., guarantees the protection and confidentiality of personal data, of any kind provided by our clients, in accordance with the provisions of the General Data Protection Regulation.

The Data Protection Policy is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework, being able to demonstrate it to the corresponding supervisory authorities.

The data provided will be processed in accordance with the terms established in the GDPR, in this sense, Fribourg & Partners EAFI S.L., has adopted the levels of protection legally required, and has installed all the technical measures at its disposal to prevent loss, misuse, alteration, unauthorized access by third parties, as detailed below. However, the user should be aware that security measures on the Internet are not impregnable. 

Data Controller: Who are we?

  • Identity of the data controller: Fribourg & Partners EAF S.L.,
  • Trade name: Fribourg & Partners
  • VAT: B87420758
  • Address: C/ Juan Esplandiu, 15, 5. 28007
  • Phone: (+34) 915572213

Purpose of Processing: Why do we use your data? 

All data provided by our clients and/or visitors to the website (hereinafter the website) or to its staff will be included in the personal data processing activity register, created and maintained under the responsibility of the website owner, essential to provide the services requested by users, or to address doubts or questions raised by our visitors.

Fribourg & Partners, as the responsible party for this website, undertakes to process user and client information with full guarantees and to comply with the national and European requirements regulating the collection and use of personal data.

Legitimacy of Processing: Why do we need your data? 

  1. Contractual Relationship: This applies when contracting any of our services.
  2. Legitimate Interest: To address inquiries and complaints and to manage the collection of outstanding amounts.
  3. Your Consent: If you are a user of our website, by checking the box on the contact form, you authorize us to send you the necessary communications to respond to the query or request for information made.

Recipients: Who do we share your data with?

We do not transfer your personal data to anyone, except to those public or private entities to which we are obliged to provide your personal data in compliance with the law. For example, the Tax Law requires us to provide certain information about economic transactions exceeding a certain amount to the Tax Agency.

In cases other than those mentioned, if we need to disclose your personal information to other entities, we will request your permission beforehand through clear options that will allow you to decide in this regard.

Communication: Where might we send your data?

We will not make international transfers of your personal data for any of the purposes indicated.

Retention: How long will we keep your data?

We will only retain your personal data for as long as necessary to achieve the purposes for which they were collected. When determining the appropriate retention period, we consider the risks involved in the processing, as well as our contractual, legal, and regulatory obligations, internal data retention policies, and our legitimate business interests described in this Privacy Notice and Cookie Policy.

In this regard, the website will keep personal data once its relationship with you has ended, duly blocked, for the period of prescription of the actions that may arise from the relationship maintained with the interested party. Once blocked, your data will be inaccessible to the website, and will not be processed except for making them available to the Public Administrations, Judges, and Courts, for the attention of possible responsibilities arising from the processing, as well as for the exercise and defense of claims before the Spanish Data Protection Agency.

Security: How will we protect your data?

We make every reasonable effort to maintain the confidentiality of the personal information processed in our systems. We maintain strict security levels to protect the personal data we process against accidental loss and unauthorized access, processing, or disclosure, given the state of technology, the nature, and the risks to which the data is exposed. However, we cannot be held responsible for any use you

 make of the data (including username and password) used on our website. Our staff follows strict privacy rules and in the event that we hire third parties to provide support services, we require them to adhere to the same rules and allow us to audit them to verify their compliance.

Your Rights: What rights can you exercise as a data subject? 

We inform you that you may exercise the following rights:

  1. Right of access to your personal data, to know which data are being processed and the processing operations carried out with them;
  2. Right to rectification of any inaccurate personal data;
  3. Right to erasure of your personal data, where this is possible (for example, by legal imperative);
  4. Right to restriction of processing of your personal data when the accuracy, legality, or necessity of the processing of the data is questionable, in which case, we may retain them for the exercise or defense of claims.
  5. Right to object to the processing of your personal data, when the legal basis that enables us to process them is our legitimate interest. The website will stop processing your data unless it has a legitimate interest or it is necessary for the defense of claims.
  6. Right to data portability, when the legal basis that enables us to process them is the existence of a contractual relationship or your consent.
  7. Right to withdraw the consent given to the website.

To exercise your rights, you can do so free of charge and at any time by contacting us at the address C/ Juan Esplandiu, 15, 5. 28007 – Madrid, attaching a copy of your ID card or by sending an email to

Purpose of Processing of your Personal Data: 

When a user connects with this website, for example, to make a hiring, they are providing personal information for which the website is responsible. This information may include personal data such as your IP address, name, physical address, email address, telephone number, and other information. By providing this information, the user consents to its collection, use, management, and storage by the website, only as described in the Legal Notice and this Privacy Policy.

The website has different systems for capturing personal information and processes the information provided by interested parties for the following purpose for each capture system (forms):

There are other purposes for which we process your personal data:

  • To ensure compliance with the terms of use and applicable law. This may include the development of tools and algorithms that help this website ensure the confidentiality of the personal data it collects.
  • To support and improve the services offered by this website.
  • Non-identifying data obtained through some cookies downloaded onto the user’s computer while browsing this website are also collected, as detailed in the cookie policy.
  • To manage social networks. The website may have a presence on social networks. The processing of the data of individuals who become followers on the social networks of the official pages of the website will be governed by this section. As well as by those terms of use, privacy policies, and access regulations that belong to the social network in each case and were previously accepted by the user.
  • The website will process the data for the purposes of properly administering its presence on the social network, informing about activities, products, or services of the website. As well as for any other purpose permitted by the regulations of social networks.
  • In no case will we use social media follower profiles to send individual advertising.

According to the provisions of the European General Data Protection Regulation (GDPR) 2016/679, the website will be responsible for processing the data corresponding to users of the website.

The owner of the website does not sell, rent, or lease personal data that may identify the user, nor will it do so in the future, to third parties without prior consent. However, in some cases, collaborations with other professionals may be made, in which case, user consent will be required, informing about the identity of the collaborator and the purpose of the collaboration. It will always be carried out with the strictest security standards. 

Data Confidentiality and Security:

The website is committed to the use and treatment of personal data of users, respecting their confidentiality and to use them in accordance with the purpose thereof, as well as to fulfill their obligation to store them and adapt all measures to prevent alteration, loss, treatment, or unauthorized access, in accordance with the provisions of current data protection regulations.

The website cannot guarantee the absolute impregnability of the Internet network and therefore the violation of data through fraudulent access to them by third parties.

With regard to the confidentiality of processing, the website will ensure that any person authorized by the website owner to process client data (including its staff, collaborators, and service providers) will be under the appropriate obligation of confidentiality (whether a contractual or legal duty).

In the event of a security incident, once the website owner becomes aware of it, they must notify the Client without undue delay and provide timely information related to the Security Incident as it becomes known or when reasonably requested by the Client.

Accuracy and Truthfulness of Data:

As a user, you are solely responsible for the accuracy and correctness of the data you submit to the website, absolving it of any responsibility in this regard.

Users guarantee and respond, in any case, to the accuracy, validity, and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the contact or subscription form. 

Acceptance and Consent:

The user declares to have been informed of the conditions regarding the protection of personal data, accepting and consenting to the processing thereof by the website in the manner and for the purposes indicated in this privacy policy.


The consent given, both for the processing and for the transfer of the data of the interested parties, is revocable at any time by notifying the website owner, in the terms established in this Policy for the exercise of ARCO rights. This revocation will in no case be retroactive.

Protection of Rights: Where can a complaint be filed?

In the event that you believe that your rights have been disregarded by our entity, you may file a complaint with the Spanish Data Protection Agency, through any of the following means:

  • Electronic headquarters:
  • Postal mail: Spanish Data Protection Agency, C/ Jorge Juan, 6, 28001, Madrid
  • Telephone: 901.100.099 and 912.663.517

Filing a complaint with the Spanish Data Protection Agency is free of charge and legal representation by a lawyer or solicitor is not necessary.

Updates: What changes may occur in this privacy policy?

The website reserves the right to modify this policy to adapt it to legislative or jurisprudential developments that may affect compliance with it.