Last updated: April 1, 2026
Schaper Consulting Solutions S.L. (“we”, “us”, “our”) is committed to protecting the privacy of individuals who visit our website and use our services. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y garantía de los derechos digitales (LOPDGDD), and Ley 34/2002 de Servicios de la Sociedad de la Información y de Comercio Electrónico (LSSI-CE).
1. Data Controller
| Field | Details |
|---|---|
| Company Name | Schaper Consulting Solutions S.L. |
| NIF | B26740696 |
| Registered Office | Carrer Vall de Ceta 31a, 03530 La Nucía, Alicante, Spain |
| info@schaper-consulting.com | |
| Website | www.schaper-consulting.com |
2. What Personal Data We Collect
We may collect and process the following categories of personal data:
2.1 Data You Provide Directly
- Contact form submissions: First name, last name, business email address, organisation name, sector, area of interest, and free-text message content.
- Email correspondence: Your name, email address, and any information you include in your communications with us.
- Engagement and contracts: Business contact details, billing information, and project-related data provided during a consulting engagement.
2.2 Data Collected Automatically
- Technical data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of access, and time spent on pages.
- Cookies and similar technologies: See Section 8 (Cookie Policy) below.
3. Purposes and Legal Basis for Processing
| Purpose | Legal Basis (Art. 6 GDPR) |
|---|---|
| Responding to enquiries submitted through our contact form or email | Art. 6(1)(b) – Performance of pre-contractual measures at your request |
| Providing AI consulting and agent development services under a contract | Art. 6(1)(b) – Performance of a contract |
| Sending service-related communications (project updates, deliverables) | Art. 6(1)(b) – Performance of a contract |
| Complying with legal and tax obligations (e.g., invoicing, accounting) | Art. 6(1)(c) – Legal obligation |
| Improving our website, services, and user experience | Art. 6(1)(f) – Legitimate interest |
| Sending marketing communications (only with your explicit consent) | Art. 6(1)(a) – Consent |
4. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Contact form enquiries: Up to 12 months from the date of your last communication, unless a contractual relationship is established.
- Contractual and billing data: For the duration of the contract plus the legally mandated retention period under Spanish tax and commercial law (generally 6 years under the Código de Comercio and applicable tax legislation).
- Marketing consent data: Until you withdraw your consent.
- Technical/log data: Up to 12 months.
5. Data Sharing and Recipients
We do not sell your personal data. We may share your data with the following categories of recipients only when necessary:
- Hosting providers with servers located in the European Union.
- Email service provider: [e.g., Google Workspace / Microsoft 365 / other] for processing email communications.
- Accounting and tax advisors: To comply with Spanish legal obligations.
- Public authorities: When required by law (e.g., Agencia Tributaria, judicial authorities).
All third-party processors are bound by Data Processing Agreements (DPAs) in accordance with Art. 28 GDPR.
6. International Data Transfers
Where personal data is transferred to countries outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- European Commission adequacy decisions (Art. 45 GDPR).
- Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46(2)(c) GDPR).
- The EU-US Data Privacy Framework, where applicable.
If any of our service providers process data outside the EEA (e.g., U.S.-based cloud services), we verify that appropriate transfer mechanisms are in place prior to any data transfer.
7. Your Rights
Under the GDPR and the LOPDGDD, you have the following rights regarding your personal data:
- Right of access (Art. 15 GDPR) – Obtain a copy of the data we hold about you.
- Right to rectification (Art. 16 GDPR) – Correct inaccurate or incomplete data.
- Right to erasure (Art. 17 GDPR) – Request deletion of your data (“right to be forgotten”).
- Right to restriction of processing (Art. 18 GDPR) – Limit how we use your data.
- Right to data portability (Art. 20 GDPR) – Receive your data in a structured, machine-readable format.
- Right to object (Art. 21 GDPR) – Object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent (Art. 7(3) GDPR) – Withdraw consent at any time without affecting the lawfulness of prior processing.
- Right not to be subject to automated decision-making (Art. 22 GDPR) – We do not make decisions based solely on automated processing that produce legal or similarly significant effects on you.
To exercise any of these rights, please contact us at: info@schaper-consulting.com
We will respond to your request within one month of receipt, in accordance with Art. 12(3) GDPR.
You also have the right to lodge a complaint with the Spanish Data Protection Authority:
Agencia Española de Protección de Datos (AEPD)
Website: www.aepd.es
C/ Jorge Juan 6, 28001 Madrid, Spain
8. Cookie Policy
Our website uses cookies and similar technologies. Cookies are small text files stored on your device when you visit our website.
8.1 Types of Cookies We Use
| Cookie Type | Purpose | Legal Basis |
|---|---|---|
| Strictly necessary cookies | Required for website functionality (e.g., session management, security). These cannot be disabled. | Art. 6(1)(f) GDPR – Legitimate interest |
| Analytics cookies | Help us understand how visitors use our website (e.g., pages visited, time on site). [e.g., Google Analytics / Matomo / Plausible — specify provider] | Art. 6(1)(a) GDPR – Consent |
| Functional cookies | Remember preferences such as language settings. | Art. 6(1)(a) GDPR – Consent |
8.2 Managing Cookies
When you first visit our website, a cookie consent banner will allow you to accept or reject non-essential cookies. You may change your cookie preferences at any time by clicking the cookie settings link in the footer or adjusting your browser settings.
You can also control cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.
9. Security Measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- SSL/TLS encryption for all data transmitted via our website.
- Access controls and authentication mechanisms for internal systems.
- Regular review of data processing activities and security protocols.
10. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to read their respective privacy policies.
11. Children’s Privacy
Our services are directed to businesses and professionals. We do not knowingly collect personal data from individuals under the age of 16. If we become aware that we have inadvertently collected such data, we will delete it promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable legislation. The updated version will be published on this page with a revised “Last updated” date. We encourage you to review this page periodically.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:
Schaper Consulting Solutions S.L.
Carrer Vall de Ceta 31a, 03530 La Nucía, Alicante, Spain
Email: info@schaper-consulting.com