Privacy & Data-Protection Notice
This notice is issued in accordance with Regulation (EU) 2016/679 (GDPR), the Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights (LOPDGDD), and Law 34/2002 on Information-Society Services and E-Commerce (LSSI-CE). As an autónomo registrado (self-employed under Law 20/2007), I explain below how I collect, use and safeguard your personal data.
1. Controller
Denis Moskalets (StartupVisa.Barcelona) — NIF ESY5209213M
C/ Example 123, 08002 Barcelona, Spain
info@startupvisa.barcelona
2. Purpose & Legal Basis
- Deliver and invoice relocation/visa-consultancy services (Art. 6 (1)(b) GDPR).
- Comply with bookkeeping & tax duties (Art. 6 (1)(c) GDPR; Ley 58/2003).
- Send newsletters or offers with your express consent (Art. 6 (1)(a) GDPR; Art. 21 LSSI-CE).
3. Retention Periods
Data are kept while our contractual relationship lasts and, once ended, for the statutory limitation periods (generally 6 years per Art. 30 of the Spanish Commercial Code and 4 years for tax files).
4. Recipients
I only disclose data to public authorities when legally obliged (e.g. Agencia Tributaria, UGE, ENISA) and to trusted service providers (hosting, e-mail, CRM) bound by a Data-Processing Agreement (Art. 28 GDPR). Data are never sold.
5. International Transfers
Any storage or processing outside the EEA will rely on an adequacy decision or the EU Standard Contractual Clauses (Art. 46 GDPR).
6. Your Rights
- Access — know whether I hold your data.
- Rectification — correct inaccurate data.
- Erasure — request deletion ("derecho al olvido").
- Objection — to processing or direct marketing.
- Restriction — limit processing while a challenge is resolved.
- Portability — receive data in a structured, machine-readable form.
To exercise any right, e-mail info@startupvisa.barcelona with a copy of your ID.
7. Supervisory Authority
You may lodge a complaint with the Agencia Española de Protección de Datos (AEPD) if you believe your rights have been infringed (www.aepd.es).
Last update: 16 June 2025