Data protection policy

PRIVACY POLICY, owned by Lloyd James Oliver Weston with tax identification number Y2795722V (hereinafter jointly referred to as the “Data Controller”) is responsible for the treatment of personal data and is the proprietor of the website (hereinafter referred to as the “Website”).

A person who has access to the Website via the internet and visits or uses the site in any way is hereinafter referred to as the “User” or “Users”.

The Data Controller guarantees the protection of all personal data provided by the User on the website.

In accordance with the provisions of the previous paragraph, the User is hereby informed that:

In compliance with the provisions of Organic Law 3/2018, of 5 December, on Data Protection and Guarantee of Digital Rights, as well as with the current legislation in force on data protection provided for in Regulation (EU) 2016/679 of the European Parliament and of the Council, the User, by completing this form, is giving their express consent, as well as all personal data provided by the user on the website, to be included and processed in a register of personal data processing activities for this purpose and maintained under the responsibility of the Data Controller.

Identity of the Data Controller: Lloyd James Oliver Weston

VAT Number: Y2795722V

E-mail address:


What makes the processing of personal data legitimate?

The legal basis for the processing of your data as described herein is your consent in filling in the forms or through providing your data by any other means made available on the Website.

In the collection and processing of personal data, appropriate security measures have been adopted to prevent loss, unauthorised access, and manipulation of such data, in accordance with the provisions of the legislation in force.

Users of this website undertakes to protect the confidential information to which they have access.



What does the Website use your data for, and for how long is it kept?

The purposes for the conservation and handling of personal data are:

to attend, manage, and resolve queries (via the contact form)—such data will be kept for the duration of the processing for the management of queries;

to maintain the commercial relationship with the client—the time of conservation will be the time necessary for their handling, which for contracts and invoices is five and ten years, respectively;

for subscription to the site and to receive the newsletter and/or new blog entries, being conserved for the duration of the processing, unless the User exercises their cancellation rights beforehand; and

for the collection and automated processing of personal data that occurs as a result of browsing the pages of the website (see the Website’s cookies policy).


Who will have access to my data?

The Data Controller undertakes that personal data will not be shared or transferred to third parties without the express consent of the Users. The provision of certain services, however, may require the transfer of data to third countries or entities for the management of infrastructures or the provision of services, such as, for example, the management of electronic newsletters. In these cases, it is guaranteed to be hosted in countries within the European Union (and therefore in compliance with the European General Data Protection Regulation) or that are covered by the EU-US Privacy Shield agreement, approved by the European Data Protection Committee (see further information here:

In no event shall the transfer of the User’s data involve a use beyond the consent expressed for the purposes and under the conditions set out in this privacy policy.


If the User provides us with personal data of another person without indicating this to the Data Controller, the User does so with said person’s express consent and hereby guarantees to have informed said person or people, in advance, of the points contained in this clause. Likewise, the User is requested to inform us of any variation that may occur in the data provided.

The Data Controller is not responsible for the transfer of data from third parties who have not given their consent nor have knowledge of the contents of this clause. Such an event shall be the responsibility of the User who transfers such data to the Data Controller.

In the event of failure to provide the required data, the services of the website may not be fully available. For example, if the required data is not provided through the contact form, it may not be possible to carry out the services requested. Refusal to accept the cookies policy may result in the Website not functioning properly.

The User certifies that they are over 14 years of age and therefore has the necessary legal capacity to consent to the processing of his/her personal data in accordance with the provisions of this Privacy Policy.

The user may, at all times, exercise the rights corresponding their personal data by getting in touch with the Data Controller at

The User has the right to request the personal data concerning them, which they has provided to the Data Controller, in a structured, commonly used and machine-readable format, and has the right to transmit such data to another data controller without hindrance from the data controller to whom he/she has provided the data.

In certain circumstances, Users may request that the Data Controller restrict the processing of their data, in which case only the data necessary for the purpose of pursuing or defending claims shall be conserved.

Where consent has been given for a specific purpose, the User has the right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on consent prior to its withdrawal.

Users may lodge a complaint with the competent Data Protection Supervisory Authority in the event that they have not received a satisfactory solution to the exercising of their rights.

The express consent given by filling in the contact form also includes the following:

The Data Controller reserves the right to hire and subcontract employees, organisations, freelance workers, and any other legitimate service provider for the provision of services of various kinds for the appropriate development and organisation of the Website’s activity.

Likewise, the Data Controller reserves the right to contract third parties for the processing and management of legislative matters in general and, specifically, those relating to data protection. In all these cases, the Data Controller will ensure that the contracted company and/or private professional—and those responsible for the management of the processing of such personal data—sign a document of confidentiality of personal data to ensure the privacy of such information.

The User hereby consents to the transfer of their personal data when it is so required by the competent administrative authorities or by court order.

The User hereby authorises the processing of the personal data transferred to the Data Controller under the terms set out in this clause.