Privacy policy

At **Construcción Verde** we respect your privacy. This policy explains clearly and transparently what personal data we collect when you visit this site, why we use it, who we share it with and what rights you have, in accordance with the General Data Protection Regulation (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights Guarantee (LOPDGDD).

The controller responsible for processing the personal data collected through this website is the **Construcción Verde** editorial team. For any questions related to the processing of your data, you can contact us through the contact form available on this website.

**2.1 Comments form** When you leave a comment on an article, we collect: - **Name**: to identify you in the public comment. - **Email address**: to notify you of replies to your comment. The email is **never displayed publicly**. - **Comment text**: to publish it on the site after moderation. - **Date and time**: automatically recorded at the time of submission. Legal basis: **consent** (Art. 6.1.a GDPR). --- **2.2 Contact form** When you send us a message through the contact form, we collect: - **Name** and **email address**: to identify you and reply to you. - **Subject and message body**: to address your enquiry. This information is used exclusively to respond to your enquiry and is not stored in any database beyond the time needed to manage the response. Legal basis: **legitimate interest** in responding to user enquiries (Art. 6.1.f GDPR). --- **2.3 Newsletter subscription** If you choose to subscribe to our newsletter, we collect: - **Email address**: to send you content updates. We do not send third-party advertising. Emails are limited to summaries of new articles published on the blog. Legal basis: **explicit consent** (Art. 6.1.a GDPR). You can unsubscribe at any time via the link included in each email. --- **2.4 Analytics data** We record visit statistics to improve the site. Our analytics solution: - **Does not use** tracking cookies. - **Does not record** visitors' IP addresses. - **Does not perform** fingerprinting or any individual identification technique. - Data is completely anonymous and **automatically deleted after 90 days**. Legal basis: **legitimate interest** in understanding site performance using aggregated, anonymous data (Art. 6.1.f GDPR).

Data is retained for the minimum time necessary according to its purpose: - **Comments**: retained while the article is published. If you request deletion of your comment, we will process it within 30 days. - **Contact form**: messages are retained until the enquiry is resolved, and for a maximum of 12 months in case context needs to be recovered. - **Newsletter subscription**: the email is retained indefinitely until you unsubscribe. You can do so at any time from any email received. - **Analytics**: aggregated data is automatically deleted after 90 days.

**We do not sell or transfer your personal data to third parties** for advertising or commercial purposes. We may share data with technical service providers that are essential for the operation of the site (for example, the web hosting provider), always under a data processing agreement and ensuring GDPR compliance. None of these providers is authorised to use your data for their own purposes. If required by law, we may be obliged to provide data to competent public authorities.

To the extent possible, data is processed within the European Economic Area (EEA). In the event that any technical service provider is located outside the EEA, we ensure that adequate safeguards exist in accordance with the GDPR (standard contractual clauses of the European Commission or other equivalent mechanisms).

In accordance with the GDPR and LOPDGDD, you have the following rights over your personal data: - **Right of access**: to know what data we process about you. - **Right of rectification**: to correct inaccurate or incomplete data. - **Right of erasure** ("right to be forgotten"): to request deletion of your data when it is no longer necessary or you withdraw consent. - **Right to object**: to object to processing based on legitimate interest. - **Right to restriction of processing**: to request that use of your data be restricted in certain circumstances. - **Right to data portability**: to receive your data in a structured, commonly used format. - **Right to withdraw consent** at any time, without affecting the lawfulness of prior processing. To exercise any of these rights, contact us through the contact form. We will respond within a maximum of one month (extendable to three months in complex cases). If you consider that the processing of your data does not comply with the regulations, you have the right to lodge a complaint with the **Spanish Data Protection Agency** (www.aepd.es).

We adopt appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These measures include HTTPS encryption of communications, restricted access controls to systems and periodic security reviews. However, no internet transmission system is completely secure. In the unlikely event of a security breach affecting your rights and freedoms, we will notify you in accordance with the GDPR.

We may update this privacy policy at any time. When we make significant changes, we will indicate them on the page and update the last revision date. We recommend reviewing this document periodically to stay informed about how we protect your data. *Last revised: April 2025.*