Privacy Policy | Data Protection & GDPR Compliance Guide

Marbella Tech Solutions (“we”, “our”, “us”)

Last updated: 27 September 2025

Contents

  1. Scope
  2. Data We Collect
  3. How We Use Your Data
  4. Lawful Bases for Processing
  5. Who We Share Data With
  6. Data Retention
  7. Security
  8. International Transfers
  9. Your GDPR Rights
  10. Cookies & Analytics
  11. Changes to This Policy

1. Scope

This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit https://www.marbellatechsolutions.com/, contact us, or use our services.

2. Data We Collect

2.1 Information you provide

  • Contact details such as name, email address, and phone number (e.g., when submitting a contact form).
  • Business/project information you share when enquiring about or using our services.

2.2 Information we collect automatically

  • Technical data including IP address, device and browser type, pages viewed, and actions taken (via cookies and analytics).
  • Usage data such as time on page, referral source, and general interaction with our site.

3. How We Use Your Data

  • To respond to enquiries, provide quotations, and deliver services you request.
  • To operate, maintain, and improve our website and user experience.
  • To manage relationships, invoicing, and service communications.
  • To comply with legal obligations and enforce our terms.
  • With your consent, to send service updates or marketing communications (you can opt out at any time).

4. Lawful Bases for Processing

We process personal data under the EU/UK GDPR on the following bases:

  • Consent (e.g., form submissions, non-essential cookies).
  • Contract (to provide or prepare to provide services you request).
  • Legitimate interests (website operation, security, preventing misuse).
  • Legal obligation (record-keeping, tax, regulatory requirements).

5. Who We Share Data With

We do not sell personal data. We may share limited data with:

  • Service providers (e.g., secure hosting, analytics, email and CRM tools) bound by confidentiality and data-processing agreements.
  • Professional advisers (e.g., accountants, legal counsel) where necessary.
  • Authorities when required to comply with law or protect rights and safety.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, including to satisfy legal, accounting, or reporting requirements. We periodically review retention needs and securely delete data that is no longer required.

7. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. While no method of transmission or storage is completely secure, we continually improve our safeguards.

8. International Transfers

Where personal data is transferred outside the EU/EEA/UK, we use lawful safeguards such as Standard Contractual Clauses or equivalent mechanisms to ensure adequate protection.

9. Your GDPR Rights

Subject to conditions and exemptions in law, you have the right to:

  • Access, rectify, or erase your personal data.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your supervisory authority.

To exercise your rights, please contact us using the details below.

10. Cookies & Analytics

We use essential cookies to make the site work and, with your consent, analytics cookies to understand site performance and improve our services. For details, see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or our practices. Material changes will be highlighted on this page.