Ledo | Privacy Policy

1. Data Controller

Soluciones Virtuales en la Red S.L. (trading as Ledo) is the data controller responsible for your personal data under Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 (LOPDGDD).

Legal Name: Soluciones Virtuales en la Red S.L.
Tax ID (CIF): B85627750
Address: AV/ Monforte de Lemos, 79 – 28029 Madrid
Incorporation Date: 03/02/2009
Email: legal@ledo.net

2. What Personal Data We Collect

A) Contact Data

Name, work email, company name, role, and the content of your messages when you reach out to us.

B) Business Data

Project information, constraints, and requirements voluntarily shared during discovery.

C) Technical Data

IP address, browser type, device information, and anonymous analytics events.

3. Lawful Bases for Processing (GDPR Art. 6)

Purpose	Legal Basis
Respond to inquiries	Consent (Art. 6.1.a)
Contract execution	Contract (Art. 6.1.b)
Legal compliance (Tax/Admin)	Legal Obligation (Art. 6.1.c)
Improve services & Security	Legitimate Interest (Art. 6.1.f)

Respond to inquiries

Consent (Art. 6.1.a)

Contract execution

Contract (Art. 6.1.b)

Legal compliance

Legal Obligation (Art. 6.1.c)

Improve services

Legitimate Interest (Art. 6.1.f)

We process your data primarily because you asked us to (Consent) or because we are working together (Contract). We also keep data to obey tax laws (Legal Obligation) and secure our site (Legitimate Interest).

4. How We Use Your Data

To respond to your contact requests and inquiries.
To manage client relationships and ongoing projects.
To deliver contracted services and deliverables.
To improve website experience and security.

We do not sell personal data.

5. Data Retention

Contact forms: Kept for up to 12 months if no commercial relationship follows.
Contractual data: Retained for the duration of the contract plus the legal retention period for liabilities (typically 5 years).
Invoices: Retained as required by Spanish tax law (up to 10 years).

6. Data Sharing & Processors

We may use trusted third-party processors to operate our services (hosting, email, analytics). All processors are bound by GDPR-compliant Data Processing Agreements (DPAs).

We use enterprise-grade cloud providers (e.g., Cloudflare, Vercel, AWS) to serve this website. They process IP addresses for security and delivery.

We use business email suites (e.g., Google Workspace, Microsoft 365) to communicate with you. Data is stored securely on their servers.

We may use privacy-preserving analytics (e.g., Plausible, Fathom) to understand site usage without tracking personal identities.

No data is shared for advertising resale purposes.

7. International Transfers

If a provider is located outside the European Economic Area (EEA), transfers are protected via adequacy decisions (such as the EU-US Data Privacy Framework) and/or Standard Contractual Clauses (SCC) approved by the European Commission.

8. Your Rights

Access

Rectification

Erasure

Restriction

Portability

Objection

How to exercise: Email legal@ledo.net with your request. We will respond within the statutory period (1 month).

You also have the right to file a complaint with the Agencia Española de Protección de Datos (AEPD) if you believe your rights have been violated.

9. Security Measures

HTTPS: All traffic is encrypted in transit.
Access Control: Strict least-privilege access for internal staff.
Data Minimization: We only collect what we need.
Secure Hosting: Infrastructure protected by industry-standard firewalls.

10. Cookies & Tracking

We use essential cookies to make the site work. We may use anonymous analytics cookies to improve our content. For full details on what we use and how to manage them, please see our Cookie Policy.

11. Changes to This Policy

We may update this policy periodically to reflect changes in our practices or legal requirements. The 'Last Updated' date at the top of this page will always reflect the latest version.

Privacy Policy

In Short