Legal

Privacy Policy

Last updated: January 2026

ARRETIA Networks & Company ("ARRETIA", "we", "our", or "us") is committed to ensuring the privacy, integrity, and security of the personal data entrusted to us. This Privacy Policy describes how we collect, use, store, and protect your information when you visit our website or interact with us through forms, communications, or services available on it.

We process your personal data in accordance with applicable data protection regulations, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other relevant legislation.

1. Data Controller

The data controller for the purposes of this Privacy Policy is ARRETIA Networks & Company, headquartered in Madrid, Spain. You can contact us at: contact@arretia.com

2. Categories of Data We Collect

When you interact with our site or submit information through our contact form, we may collect and process the following categories of personal data:

a) Directly Provided Data

  • Full name
  • Email address
  • Organisation or company name (if applicable)
  • Type of interest or enquiry
  • Any message or content you voluntarily provide

b) Automatically Collected Data

Through standard web technologies and our service providers, we may collect:

  • IP address
  • Device and browser type and version
  • Language preferences
  • Operating system
  • Referrer URLs
  • Date, time, and duration of visits
  • Interaction data (e.g., pages visited, scroll depth)

This information is collected in aggregate and used exclusively to understand how our site is used and to improve it. It is not used to identify individual visitors.

3. Purposes and Legal Bases for Processing

We process your personal data for the following purposes and on the following legal bases:

  • Responding to enquiries — processing data you submit via our contact form, on the legal basis of our legitimate interest in communicating with interested parties (Article 6(1)(f) GDPR).
  • Site improvement and analytics — understanding usage patterns to improve our website, on the legal basis of our legitimate interest (Article 6(1)(f) GDPR).
  • Legal compliance — where applicable, processing necessary to comply with legal obligations (Article 6(1)(c) GDPR).

We do not use your personal data for automated decision-making or profiling.

4. Data Retention

We retain personal data submitted via our contact form for a period of 24 months from the date of submission, unless a longer retention period is required or permitted by law, or unless you request deletion of your data before that period expires.

Automatically collected analytics data is retained in aggregate, anonymised form and is not subject to individual retention limits.

5. Data Sharing and Third Parties

We do not sell, rent, or otherwise transfer your personal data to third parties for commercial purposes. We may share your data with:

  • Form processing providers — we use Formspree to process contact form submissions. Formspree acts as a data processor on our behalf and is subject to its own privacy policy and GDPR-compliant data processing terms.
  • Legal or regulatory authorities — where required by applicable law or regulation.

All third-party service providers we engage are required to handle personal data in accordance with applicable data protection legislation.

6. International Transfers

Your data may be processed in countries outside the European Economic Area (EEA) by our service providers. Where this occurs, we ensure that appropriate safeguards are in place, including standard contractual clauses approved by the European Commission, in accordance with Chapter V of the GDPR.

7. Your Rights

Under the GDPR and applicable national law, you have the following rights regarding your personal data:

  • Right of access — to obtain a copy of the personal data we hold about you.
  • Right to rectification — to correct inaccurate or incomplete personal data.
  • Right to erasure — to request deletion of your personal data, subject to legal retention obligations.
  • Right to restriction of processing — to limit how we use your data in certain circumstances.
  • Right to data portability — to receive your personal data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interests.

To exercise any of these rights, please contact us at contact@arretia.com. We will respond within 30 days of receipt of your request. You also have the right to lodge a complaint with your national data protection authority.

8. Cookies

Our website does not use advertising or tracking cookies. We may use minimal functional cookies necessary for the operation of the site. No third-party advertising networks or data brokers receive information about your visit to this site.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include encrypted data transmission (TLS), access controls, and regular security reviews of our service providers.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date of the most recent revision will always be shown at the top of this page. We encourage you to review this policy periodically.

11. Contact

For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact us at: contact@arretia.com