Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”) that we process, for what purposes, and to what extent in the course of providing our application.

The terms used are not gender-specific.

Last updated: 14 December 2025

Table of Contents

• Preamble
• Controller
• Overview of Processing Activities
• Relevant Legal Bases
• Security Measures
• International Data Transfers
• General Information on Data Storage and Deletion
• Rights of Data Subjects
• Business Services
• Use of Cookies
• Contact and Inquiry Management
• Social Media Presences
• Amendments and Updates
• Definitions

Controller

CAN TRUY, S’Olivera
Sant Anthoni de Portmany
Ibiza, Spain

Email address: hola@fincacantruy-ibiza.com

Legal notice: fincacantruy-ibiza.com/imprint

Overview of Processing Activities

The following overview summarizes the types of data processed, the purposes of processing, and refers to the data subjects concerned.

Types of processed data

• Inventory data.
• Payment data.
• Contact data.
• Content data.
• Contract data.
• Usage data.
• Meta, communication, and procedural data.

Categories of data subjects

• Service recipients and clients.
• Prospective customers.
• Communication partners.
• Users.
• Business and contractual partners.

Purposes of processing

• Provision of contractual services and fulfillment of contractual obligations.
• Communication.
• Office and organizational procedures.
• Organizational and administrative procedures.
• Feedback.
• Provision of our online services and user-friendliness.
• Public relations.
• Business processes and economic procedures.

Relevant Legal Bases

Relevant legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or establishment. If more specific legal bases apply in individual cases, we will inform you of these in this privacy policy.

• Consent (Art. 6(1)(a) GDPR): The data subject has given consent to the processing of their personal data for one or more specific purposes.
• Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
• Legal obligation (Art. 6(1)(c) GDPR): Processing is necessary for compliance with a legal obligation to which the controller is subject.
• Legitimate interests (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, provided that the interests or fundamental rights and freedoms of the data subject do not override those interests.

National data protection regulations in Germany: In addition to the GDPR, national data protection regulations apply in Germany, in particular the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains, among other things, special provisions on the right of access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and data transfers as well as automated individual decision-making including profiling. In addition, data protection laws of the individual federal states may apply.

Created with the free Datenschutz-Generator.de by Dr. Thomas Schwenke