Privacy Policy — Lumeo Global SL (EN)

1) Data Controller
    •    Controller: Lumeo Global SL
    •    Address: c/ Zurbano 45, 1º, 28010 Madrid, Spain
    •    Email (privacy): info@lumeo-global.com

 

2) Scope

This policy applies to website visitors, prospects, clients, suppliers and partners who interact with us via our website forms, email, or other channels referenced here.

 

3) Purposes & Legal Bases (GDPR)

We process your data to:
    •    Respond to enquiries and manage requests (contact forms, “Evaluate my operation”, scheduling).
Legal basis: performance of pre-contract/contract (Art. 6.1.b) and, where applicable, consent (Art. 6.1.a).
    •    Commercial and contractual management (operation assessment, term sheets, documentation/logistics coordination).
Legal basis: contract (Art. 6.1.b) and legal obligation (Art. 6.1.c) for applicable regulations.
    •    Informational/marketing communications (only if you subscribe/consent; opt-out anytime).
Legal basis: consent (Art. 6.1.a) or legitimate interest (Art. 6.1.f) for similar services to existing clients, in line with EU e-privacy rules.
    •    Security, fraud prevention & compliance (KYC/AML/sanctions when applicable).
Legal basis: legal obligation (Art. 6.1.c) and legitimate interest (Art. 6.1.f).
    •    Site analytics & improvement (cookies/Similar Tech — see Cookies Policy).
Legal basis: consent (Art. 6.1.a), except strictly necessary cookies.

 

4) Categories of Data

Identification/contact (name, corporate email, phone, company, country), professional/commercial data (role, operation details; LOI/Proforma/contract files you upload), usage/navigation data (IP, device IDs, pages), and compliance data if required by law.

 

5) Sources

Mainly provided by you; for compliance we may verify against public/official lists (e.g., sanctions) where mandatory.

 

6) Mandatory Fields

Marked fields are required to process your request. If not provided, we may be unable to respond.

 

7) Retention

For the duration of the request/relationship; then blocked for statutory limitation periods (e.g., tax/accounting) and to address potential claims. Marketing data is kept until you withdraw consent or object.

 

8) Recipients & Processors

Service providers acting under Art. 28 GDPR (hosting, CRM, analytics, scheduling, document management, logistics/inspection), and—when necessary for an operation—financial institutions, credit insurers and collaborators. Public authorities where legally required.

 

9) International Transfers

If data leaves the EEA, we rely on adequacy decisions or Standard Contractual Clauses (SCCs) with supplementary measures where appropriate. Request details at info@lumeo-global.com.

 

10) Your Rights

Access, rectification, erasure, restriction, objection, portability, and consent withdrawal (no retroactive effect).
To exercise: info@lumeo-global.com (subject: “GDPR Rights”). You may lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

 

11) Security

We apply appropriate technical and organisational measures to protect personal data against loss, misuse and unauthorised access.

 

12) Minors

Our services are not directed to children under 14. If we detect data from minors without valid consent, we will delete it.

 

13) Cookies

See our Cookies Policy for details and preference management.

 

14) Changes

We may update this policy to reflect legal or processing changes. Material changes will be communicated via the usual channels.