Privacy Policy
This page explains how we handle personal data when you contact us, request services, or use our website. You can switch between the full legal text and a plain-language summary at any time.
Full Legal Text
Detailed information for compliance and transparency.
1) Data controller
We process personal data in accordance with the GDPR (Regulation (EU) 2016/679) and applicable Spanish laws. The data controller is Auto Repair Shop in Spain. You can contact us at [email protected].
2) What data we collect
- Data you provide: name, email, phone number, vehicle details, appointment preferences, messages sent via forms or email, and information shared during calls.
- Service-related data: diagnostics notes, work orders, invoices, warranty records, and communications necessary to deliver services.
- Technical and usage data: IP address, device identifiers, browser type, approximate location, and logs used for security, fraud prevention, and analytics.
3) Purposes and legal bases
Purposes include: responding to inquiries, booking and providing services, invoicing and accounting, compliance with legal obligations, preventing misuse or fraud, and improving service quality.
Legal bases include: contract (service delivery), consent (where required), legitimate interests (security, service improvement), and legal obligations (tax, consumer protection, record-keeping).
4) Retention periods
We retain personal data only for as long as necessary to fulfill the purposes described above, including statutory retention requirements (e.g., accounting/tax obligations). When no longer needed, we securely delete or anonymize data.
5) Sharing and processors
We may share personal data with trusted third parties who help us run our business, such as:
- Payment and invoicing providers
- IT hosting, security, and communications service providers
- Professional advisors (e.g., accountants) where necessary
- Authorities and courts when legally required
Where third parties act as processors, we use agreements designed to ensure appropriate confidentiality and security.
6) International transfers
If any personal data is transferred outside the European Economic Area, we apply appropriate safeguards such as adequacy decisions or standard contractual clauses, where applicable.
7) Your rights
Your rights include: access, rectification, erasure, restriction, portability, objection, and the right to withdraw consent (where processing is based on consent). You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).
To exercise your rights, contact: [email protected].
8) Security measures
We implement technical and organizational measures to protect your data, including encryption in transit, access controls, least-privilege principles, logging, and staff training. No system is 100% secure; however, we continuously improve protections aligned with risk.
9) Updates
We may update this Privacy Policy to reflect changes in legal requirements or our practices. The latest version will always be available on this page.
Contact
For privacy requests and questions.