Privacy Policy

At CANARY ISLANDS CONSULTING, S.L.P.U. (hereinafter, "JAIZME") we are committed to protecting your privacy and the responsible processing of your personal data. This Privacy Policy describes how we collect, use, store and protect your personal information.

1. Data Controller

In accordance with the provisions of Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 (GDPR), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD), we inform you:

2. Personal Data We Collect

Depending on your interaction with our services, we may collect the following categories of personal data:

2.1 Identification data

• Full name
• National ID/Foreigner ID/Passport (DNI/NIE/Passport)
• Postal address
• Email address
• Phone number

2.2 Professional and financial data

• Company name and tax ID (companies)
• Job title
• Tax and fiscal information
• Bank details for invoicing
• Employment and Social Security information

2.3 Browsing data

• IP address
• Browser and device type
• Pages visited and browsing time
• Cookies and similar technologies (see Cookies Policy)

3. Purposes of Processing

Your personal data will be processed for the following purposes:

4. Legal Basis for Processing

The legal basis for processing your personal data is:

• Consent of the data subject: When you provide us with your data via forms or agree to receive communications.
• Performance of a contract: When processing is necessary to provide you with the contracted services.
• Compliance with legal obligations: Tax, accounting, anti-money laundering obligations, etc.
• Legitimate interest: For the improvement of our services and the management of our business relationship.

5. Data Retention Period

Your personal data will be retained for the following periods:

• Client data: For the duration of the contractual relationship and subsequently for the applicable legal limitation periods (5-10 years depending on the type of obligation).
• Tax and accounting data: 6 years in accordance with the Commercial Code.
• Anti-money laundering data: 10 years in accordance with Law 10/2010.
• Enquiries and requests: Until the enquiry is resolved and for 1 additional year.
• Marketing communications: Until you withdraw your consent.
• Browsing data: As indicated in our Cookies Policy.

6. Recipients of the Data

Your personal data may be disclosed to:

• Public Authorities: The Tax Agency, Social Security, the Commercial Registry and other bodies in compliance with legal obligations.
• Financial institutions: For the management of payments and collections.
• Service providers (data processors): Companies that provide us with technology services and act as data processors under a contract pursuant to Article 28 of the GDPR. In particular: Google LLC (web analytics — policy), Resend, Inc. (sending of contact-form emails — policy) and Railway Corp. (hosting of the website and content manager — policy).
• Professional associations: When necessary for the provision of services.

6.1 International transfers

Some of our providers (specifically Google LLC, Resend, Inc. and Railway Corp.) are located in the United States, outside the European Economic Area. In these cases we guarantee that the adequate safeguards provided for in the GDPR are in place:

• Adherence to the EU-US Data Privacy Framework and/or standard contractual clauses approved by the European Commission.
• Adequacy decisions of the European Commission where applicable.
• Additional technical and organisational measures to protect your data.

7. Rights of the Data Subject

The GDPR grants you the following rights over your personal data:

To exercise these rights, you can contact us at:

• Email: info@jaizme.com
• Postal mail: Calle Castillo 15, 1st Floor, 38002 Santa Cruz de Tenerife

You must enclose a copy of your national ID or equivalent identification document. We will respond to your request within a maximum period of one month, which may be extended by a further two months in the case of complex or numerous requests, in accordance with Article 12.3 of the GDPR.

You also have the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if you consider that the processing of your data does not comply with the regulations.

8. Data Processing by Artificial Intelligence

In compliance with the EU Artificial Intelligence Act (Regulation (EU) 2024/1689), we inform you that:

• We use AI systems to offer services such as chatbots, process automation and virtual assistants.
• AI systems do not make automated decisions that produce significant legal effects without human oversight.
• You have the right to be informed when you interact with an AI system.
• You may request human intervention at any time.
• Data processed by AI systems is subject to the same safeguards as all other processing.

9. Security Measures

We have implemented appropriate technical and organisational measures to protect your personal data:

• Encryption of data in transit and at rest.
• Role-based access control.
• Intrusion detection and prevention systems.
• Regular backups.
• Ongoing staff training in data protection.
• Periodic security audits.
• Security incident response procedures.

10. Minors

Our services are aimed at persons over 18 years of age. We do not knowingly collect data from children under 14 years of age. If we detect that we have collected data from a minor without the consent of their parents or guardians, we will proceed to delete it.

11. Updates to this Policy

We may update this Privacy Policy periodically to reflect changes in our data processing practices or in applicable legislation. We will notify you of any significant changes through our website or by email.

12. Contact

For any matter relating to this Privacy Policy or the processing of your personal data, you can contact us:

• Email: info@jaizme.com
• Phone: +34 922 82 18 77
• Address: Calle Castillo 15, 1st Floor, 38002 Santa Cruz de Tenerife