Privacy Policy

Last Updated: January 17, 2026

DualMind S.L. (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website https://dualmind.com or use our IT services.

This policy complies with:

• GDPR (EU General Data Protection Regulation 2016/679)
• LOPDGDD (Spanish Organic Law 3/2018 on Data Protection)
• ePrivacy Directive (2002/58/EC)
• CCPA (California Consumer Privacy Act) for US residents

1. Data Controller

DualMind S.L.
NIF: B62392196
Sant Antoni nº 8
08180 – Moià, Barcelona, Spain
Email: [email protected]
Phone: +34 932 988 997

2. Information We Collect

2.1 Information You Provide Directly

When you use our website or services, you may provide:

• Contact Information: Name, email address, phone number, company name
• Business Information: Industry, number of employees, IT infrastructure details
• Communication Data: Messages, inquiries, audit requests
• Service Data: Information provided during IT support, security audits, or consulting services
• Payment Information: Billing address, payment method details (processed by third-party payment processors)

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent, click behavior, referral source
• Cookies: See our Cookie Policy for details
• Log Data: Server logs, error reports, access times

2.3 Information from Third Parties

• LinkedIn: Profile information if you contact us via LinkedIn
• WhatsApp: Contact details if you message us via WhatsApp
• Email Providers: Header information from emails you send us

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

3.1 Consent (Article 6(1)(a) GDPR)

• Newsletter subscriptions
• Marketing communications
• Non-essential cookies

3.2 Contract Performance (Article 6(1)(b) GDPR)

• Providing IT services, cybersecurity audits, and support
• Processing service requests
• Managing monthly retainer agreements

3.3 Legitimate Interest (Article 6(1)(f) GDPR)

• Website analytics and improvement
• Security monitoring and fraud prevention
• Business communications with existing clients
• Direct marketing to business contacts

3.4 Legal Obligation (Article 6(1)(c) GDPR)

• Tax and accounting requirements
• Compliance with Spanish and EU regulations
• Responding to legal requests

4. How We Use Your Information

We use your data to:

4.1 Provide Services

• Deliver IT support, cybersecurity, and managed services
• Conduct security audits and provide recommendations
• Monitor and maintain client IT infrastructure
• Respond to service requests and inquiries

4.2 Communication

• Send service updates and technical notifications
• Provide customer support
• Send appointment reminders and follow-ups
• Deliver requested information about our services

4.3 Business Operations

• Process payments and maintain financial records
• Manage contracts and service agreements
• Improve our services and website
• Analyze usage patterns and trends

4.4 Marketing (with consent)

• Send newsletters and promotional content
• Provide information about new services
• Share relevant industry insights

4.5 Legal and Security

• Comply with legal obligations
• Detect and prevent fraud or security incidents
• Enforce our terms and conditions
• Protect our rights and property

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share data with:

5.1 Service Providers

• Hosting: Website hosting and cloud infrastructure providers
• Email: Email service providers (Google Workspace)
• Analytics: Google Analytics (with IP anonymization)
• Payment Processors: Secure payment gateways for invoicing
• Communication: WhatsApp, LinkedIn (when you contact us via these platforms)

5.2 Legal Requirements

We may disclose data when required by:

• Spanish or EU law
• Court orders or legal processes
• Law enforcement requests
• Protection of rights, safety, or property

5.3 Business Transfers

In case of merger, acquisition, or sale, your data may be transferred to the new entity (with notice to you).

5.4 With Your Consent

We may share data with third parties when you explicitly authorize us.

6. International Data Transfers

6.1 Within EU/EEA

Your data is primarily processed within the European Union.

6.2 Outside EU/EEA

Some service providers (e.g., cloud services) may process data outside the EU. We ensure adequate safeguards:

• Standard Contractual Clauses (SCC) approved by EU Commission
• Adequacy Decisions for countries with equivalent protection
• Privacy Shield or equivalent frameworks

7. Data Retention

We retain your data for:

• Active Clients: Duration of service relationship + 6 years (tax/legal requirements in Spain)
• Inquiries: 2 years from last contact
• Marketing Consent: Until you withdraw consent or 3 years of inactivity
• Website Logs: 12 months
• Cookies: See Cookie Policy
• Legal Hold: Longer retention if required by law or legal proceedings

8. Your Rights (GDPR & CCPA)

8.1 GDPR Rights (EU/EEA residents)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure (“Right to be Forgotten”): Request deletion of your data
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interest or direct marketing
• Withdraw Consent: Withdraw consent at any time (without affecting lawfulness of prior processing)
• Lodge a Complaint: Contact Spanish Data Protection Agency (AEPD) or your local authority

8.2 CCPA Rights (California residents)

You have the right to:

• Know: What personal information we collect, use, and share
• Delete: Request deletion of your personal information
• Opt-Out: Opt-out of sale of personal data (Note: we do NOT sell data)
• Non-Discrimination: Not receive discriminatory treatment for exercising your rights

8.3 How to Exercise Your Rights

Contact us:

• Email: [email protected] (Subject: “Privacy Rights Request”)
• Phone: +34 932 988 997
• Mail: Sant Antoni nº 8, 08180 Moià, Barcelona, Spain

We will respond within 30 days (GDPR) or 45 days (CCPA).

9. Security Measures

We implement technical and organizational measures:

• Encryption: TLS/SSL for data transmission, encrypted storage
• Access Controls: Role-based access, strong authentication
• Monitoring: Security logging, intrusion detection
• Regular Audits: Vulnerability assessments and penetration testing
• Employee Training: Data protection and security awareness
• Backup: Regular encrypted backups with tested restoration

Despite our efforts, no system is 100% secure. We will notify you of breaches as required by law.

10. Children’s Privacy

Our services are NOT directed to individuals under 16 (EU) or 13 (US). We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately.

11. Third-Party Links

Our website may contain links to third-party sites. We are NOT responsible for their privacy practices. Review their policies before providing information.

12. Marketing and Communications

12.1 Opt-In

We only send marketing emails with your consent.

12.2 Opt-Out

Unsubscribe via:

• Link in every marketing email
• Email to [email protected] with “Unsubscribe”
• Account settings (if applicable)

12.3 Service Communications

We may still send non-marketing communications (e.g., service updates, invoices).

13. Cookies

See our Cookie Policy for detailed information about cookies and tracking technologies.

14. Changes to Privacy Policy

We may update this policy. Changes are effective upon posting. We will notify you of material changes via:

• Email (for registered users)
• Website notice
• Updated “Last Updated” date

Continued use after changes constitutes acceptance.

15. Contact and Complaints

15.1 Contact Us

DualMind S.L. B62392196
Email: [email protected]
Phone: +34 932 988 997
Address: Sant Antoni nº 8, 08180 Moià, Barcelona, Spain

15.2 Data Protection Authority

If unsatisfied with our response, contact:

Spanish Data Protection Agency (AEPD)
C/ Jorge Juan, 6
28001 Madrid, Spain
Website: https://www.aepd.es
Phone: +34 901 100 099

California residents: California Attorney General’s Office
Website: https://oag.ca.gov/privacy/ccpa

---

Last review date: January 17, 2026