Privacy Policy



Last updated: 21/11/2025

This Privacy Policy describes how we collect, process and protect personal data from users who interact with the website www.iatuagency.io and with the services offered by IATU AGENCY.

This document combines GDPR legal requirements with the standard WordPress/Complianz structure, adapted to the actual activities of IATU AGENCY.

1. Who we are

The data controller responsible for processing your personal data is:

Carlos Torres Serrano
NIF: 39923477P
Address: Venda de ses Roques, 3781, Sant Ferran de ses Roques, 07871, Illes Balears, Spain
Contact email: central@iatuagency.io

IATU AGENCY operates as a professional activity under self-employment, therefore the data controller is the same person indicated above.

Website address: https://www.iatuagency.io

2. Personal data we collect

We may collect the following data when users interact with our forms or contact us:

  • Name
  • Email
  • Phone number
  • Company name
  • Business sector
  • Number of employees
  • Digital maturity level
  • Preferences selected in the form
  • Tools currently used (optional)
  • Additional message provided by the user

We also collect technical information related to the use of the website, such as:

  • IP address
  • Browser technical information
  • Cookies (managed through Complianz)

We do not process special categories of personal data.

3. Comments

(This section is included for compatibility with the WordPress structure, even though we normally do not manage comments.)

When visitors leave comments on the site, we collect the data shown in the comments form, the visitor’s IP address, and browser user agent string to help detect spam.

An anonymized string created from your email address (hash) may be sent to the Gravatar service. The Gravatar Privacy Policy is available at: https://automattic.com/privacy/.
After approval of your comment, your profile image becomes visible to the public.

4. Media

If you upload images to the website, you should avoid uploading images containing embedded location data (EXIF GPS). Visitors may download and extract such data.

5. Cookies

Cookies are managed through Complianz, which displays the required consent banner and maintains an updated cookies policy.
You can consult the full Cookie Policy via the footer link.

6. Embedded content from other websites

Articles or pages may include embedded content (videos, images, articles, etc.). Embedded content from other websites behaves exactly as if you were visiting that website directly.

These websites may collect data, use cookies, embed third-party tracking, and monitor your interaction with the embedded content.

7. Purposes of data processing

Your data will be used for:

7.1 Managing contact requests

Responding to enquiries or messages submitted through the form.

7.2 Sending commercial information (lead nurturing)

Providing useful, educational or informative content related to AI and automation.

7.3 Preparing free audits

Analyzing the information provided to prepare a personalised assessment.

7.4 Creating personalised proposals

Providing tailored recommendations, flows or proposals according to your business needs.

7.5 Pre-contractual communication

Maintaining the necessary communication required before entering into a service agreement.

7.6 Service quality improvement

Using aggregated, non-identifiable data for internal analysis and service improvement.

8. Lawful bases for processing

The processing of your data is based on:

  • Your explicit consent (Art. 6.1.a GDPR) when ticking the acceptance checkbox in the form.
  • Pre-contractual measures (Art. 6.1.b GDPR) when preparing audits or proposals at your request.
  • Legitimate interest (Art. 6.1.f GDPR) for aggregated internal analytics that do not identify the user.

You may withdraw your consent at any time by emailing: central@iatuagency.io.

9. Who we share your data with

Your data may be processed by service providers acting as data processors, always located within the European Union, including:

  • WordPress (EU hosting)
  • Elementor / Elementor Pro
  • Google Workspace Europe (email and storage)
  • n8n self-hosted in the EU (internal automation workflows)
  • WhatsApp Business / Meta EU servers (only if you contact us through that channel)
  • Complianz (cookie management)

No international data transfers outside the EEA are carried out.

10. How long we retain your data

Data will be retained:

  • As long as pre-contractual communication remains active
  • As long as there is demonstrated interest from the user
  • Until the user requests deletion
  • According to legal and fiscal retention obligations

11. Your rights over your data

You may exercise the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction
  • Right to portability
  • Right to object
  • Right to withdraw consent

Send your request to: central@iatuagency.io
You may also file a complaint with the Spanish Data Protection Agency (AEPD).

12. Where your data is sent

Data submitted through forms may be processed using European-based tools and automatic spam detection systems.

13. Security

We apply appropriate technical and organisational measures to protect personal data, including SSL encryption, EU-based servers, access control, and GDPR compliance.

14. Changes to this policy

This Privacy Policy may be updated. The most recent version will always be available on this page.

Last updated: [insert date]

This Privacy Policy describes how we collect, process and protect personal data from users who interact with the website www.iatuagency.io and with the services offered by IATU AGENCY.

This document combines GDPR legal requirements with the standard WordPress/Complianz structure, adapted to the actual activities of IATU AGENCY.

 

Scroll to Top