Privacy Policy

Last updated: 15 January 2026

This Privacy Policy explains how Creative Directors S.L. ("we", "us", "our") collects, uses, and protects your personal information when you visit our website creativedirectores.pro or use our legal consulting services.

Data Controller Information

Creative Directors S.L. is the data controller responsible for your personal data. You can contact us using the details provided in the contact section below.

Data Collection

We collect various types of personal data when you interact with our website and services. The data we collect includes:

Information You Provide Directly

• Contact information (name, email address, phone number)
• Professional details and legal matter descriptions when you request consultations
• Communication preferences and correspondence with us
• Any other information you choose to provide through our contact forms or direct communication

Information We Collect Automatically

• Website usage data through cookies and similar technologies
• IP address, browser type, and device information
• Pages visited, time spent on our website, and referral sources
• Analytics data to improve our website performance and user experience

How We Use Your Information

We use your personal data for legitimate business purposes and in accordance with applicable data protection laws. How we use your information includes:

• Providing legal consulting services and responding to your enquiries
• Communicating with you about our services and your legal matters
• Improving our website functionality and user experience
• Complying with legal obligations and professional requirements
• Marketing our services (only with your consent where required)
• Protecting our legitimate business interests and legal rights

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: When you have given clear consent for specific processing activities
• Contract: When processing is necessary to provide our legal services to you
• Legal Obligation: When we must process your data to comply with legal requirements
• Legitimate Interests: When processing is necessary for our legitimate business interests, balanced against your privacy rights

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

• With trusted service providers who assist in delivering our services
• When required by law or to comply with legal proceedings
• To protect our rights, property, or safety, or that of others
• With your explicit consent for specific purposes
• In connection with business transfers or corporate restructuring

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Data retention periods vary depending on the type of information and the purpose for processing, but typically range from 3 to 7 years for legal consulting records, in accordance with professional legal requirements.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

• Right of Access: Request information about how we process your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the details provided below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other legally recognised transfer mechanisms to protect your data.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please reach out to us:

Supervisory Authority

If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority. In Spain, this is the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD).