Skip to main content

Privacy policy

Informa Consulting Compliance, S.L. makes this privacy policy available to you through the website in order to inform you, in detail, about how we treat your personal data and protect your privacy and the information you provide us with. We will notify you of any future changes to these terms and conditions via the website or by other means so that you are aware of the new conditions introduced.

In compliance with Regulation (EU) 2016/679, General Data Protection Regulation and Organic Law 3/2018, of 5 December, on Personal Data Protection and Guarantee of Digital Rights, we inform you of the following:

Data controller

Holder: Informa Consulting Compliance, S.L. – NIF: B95665816

Registered in the Mercantile Registry of Bizkaia Volume 5246, folio 196, Inscription 1 Sheet BI-59333.

Registered Ofice: Calle Heros 28, entreplanta derecha, 48009 – Bilbao

Telephone: 944244014 – Email:


If you have any queries, doubts or suggestions about how we use your personal data, you can contact the Data Protection Officer at the following e-mail address:

For what purposes do we process your personal data?

At Informa Consulting Compliance, S.L. we collect and process your personal data in general in order to manage our relationship with you. The main purposes and legal bases we have identified are as follows:

Management and contracting of the products and services offered by our company through contractual relations
Channelling of requests for information, suggestions and complaints that you may send us based on your consent
Keep you informed about events, offers, products and services that may be of interest to you through different communication channels as long as you have given your consent or based on legitimate interest
Management of the employment relationship, in the case of our employees, to comply with the contractual relationship
Management of the commercial relationship with our suppliers
Recruitment management (For pre-contractual measures)
How do we collect your information?

We collect your personal information by different means, but you will always be informed at the time of collection through informative clauses about the data controller, the purpose and legal basis of the processing, the recipients of the data and the period of conservation of your information, as well as the way in which you can exercise your data protection rights.

In general, the personal information we process is limited to identification data (name and surname, date of birth, address, ID number, telephone number and e-mail address), contracted services and payment and invoicing data.

In the cases of recruitment management, we collect academic and professional data in order to meet the obligations derived from the maintenance of the employment relationship or, where appropriate, to become part of our staff.

Informa Consulting Compliance, S.L. uses social networks, which is another way of reaching you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies explaining how they use and share your information, Informa Consulting Compliance, S.L. therefore recommends you to consult them before using them in order to confirm that you agree with the way in which your information is collected, processed and shared.

Through our website we collect personal information related to your browsing through the use of cookies. To find out clearly and precisely what cookies we use, what their purposes are and how you can configure or disable them, please see our Cookies Policy.

User responsibility

By providing us with their data through electronic channels, the users guarantee that they are over 14 years of age and that the data provided to Informa Consulting Compliance, S.L. are true, accurate, complete and up to date. In this way, the users confirm that they are responsible for the veracity of the data provided and that they will keep this information updated so that it corresponds to their real situation, taking responsibility for any false or inaccurate data that they may provide, as well as for any direct or indirect damages that may arise.

How long do we keep your information?

At Informa Consulting Compliance, S.L. we only keep your information for the period of time necessary to fulfil the purpose for which it was collected, to comply with the legal obligations imposed on us and to meet any possible liabilities that may arise from the fulfilment of the purpose for which the data was collected.

In the case that you wish to join our staff and apply for one of our jobs, the data provided will become part of our job bank and will be kept for the duration of the selection process and for a maximum of two years or until you exercise your right of deletion.

If at any time we have collected your data in order to address you as a potential customer of our services or to respond to a request for information from you, such data will be retained until the moment you request us to delete it.

In any case, and as a general rule, we will continue keeping your personal information as long as there is a contractual relationship that binds us or as long as you do not exercise your right to erasure and/or limitation of processing, in which case, the information will be blocked without any use beyond its conservation, while it may be necessary for the exercise or defense of claims or any type of liability that may arise that needs to be addressed.

To whom do we disclose your data?

In general, at Informa Consulting Compliance, S.L. we do not share your personal information, except for those transfers that we must make on the basis of legally imposed obligations.

Although it is not a transfer of data, in order to provide you with the requested service, there is the possibility that third party companies, acting as our suppliers, may access your information to carry out the service we have contracted from them. These third parties access your data following our instructions and without being able to use it for a different purpose and maintaining the strictest confidentiality.

Furthermore, your personal information will be at the disposal of the Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the processing.

International data transfers

There are no international transfers of your data to countries outside the European Economic Area (EEA).

We have agreed with our suppliers that, for the provision of the contracted service, they make use of servers located in the EEA and if, in the future, we need to make use of servers located outside the EU territory, appropriate measures will be taken, which will be incorporated into this Privacy Policy, ensuring that such suppliers are under the Privacy Shield agreement or that other appropriate safeguards are in place.

What are your rights in relation to the processing of your data and how can you exercise them?

Data protection regulations allow you to exercise your rights of access, rectification, erasure and portability of data and of objection and restriction of the processing of your data, as well as not to be subject to decisions based solely on automated processing of your data, where applicable.

These rights are characterised by the following:

The exercise of rights is free of charge, except in the case of manifestly unfounded or excessive requests (e.g. repetitive nature), in which case Informa Consulting Compliance, S.L. may charge a fee proportional to the administrative costs incurred or refuse to act.
You can exercise your rights directly or through your legal representative or volunteer.
We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline can be extended by a further two months.
We are obliged to inform you about the means of exercising these rights. They must be accessible and we cannot deny you the exercise of the right on the sole ground that you have chosen other mean. If the request is made by electronic means, the information will be provided by electronic means where possible, unless you ask us to do otherwise.
If Informa Consulting Compliance, S.L. does not comply with the request, it will inform you, within one month at the latest, of the reasons for its failure to act and the possibility of complaining to a Control Authority.
To exercise your rights Informa Consulting Compliance, S.L. makes the following means available to you:

By means of a written and signed request addressed to Informa Consulting Compliance, S.L., C/ Heros, 28 entreplanta derecho, Ref. Exercise of LOPD Rights.
By sending a scanned and signed request to the e-mail address indicating in the subject line Exercise of LOPD Rights.
In both cases, you must prove your identity by attaching a photocopy or, where appropriate, a scanned copy of your ID card or equivalent document in order to verify that we are only replying to the data subject or its legal representative, in which case, you must provide proof of representation.

Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may file a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, 6 – 28001 Madrid.

How do we protect your information?

At Informa Consulting Compliance, S.L. we are committed to protecting your personal information.

We use physical, organizational and technological measures, controls and procedures reasonably reliable and effective, oriented to preserving the integrity and security of your data and ensuring your privacy.

In addition, all staff with access to personal data has been trained and is aware of their obligations in relation to the processing of your personal data.

In the case of the contracts we sign with our suppliers, we include clauses in which they are required to maintain the duty of secrecy regarding the personal data to which they have had access by virtue of the order made, as well as to implement the necessary technical and organizational security measures to guarantee the confidentiality, integrity, availability and permanent resilience of the systems and services for the processing of personal data.

All of these security measures are periodically reviewed to ensure their adequacy and effectiveness.

However, absolute security cannot be guaranteed and no security system is impenetrable so, in the event that any information under our control and subject to processing is compromised as a result of a breach of security, we will take appropriate steps to investigate the incident, notify the Supervisory Authority and, where appropriate, notify those users who may have been affected to take appropriate action.