Privacy Policy

1. Data Protection at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data Collection on this Website

Who is responsible for data collection on this website? The data processing on this website is carried out by the website operator. You can find their contact details in the “Note on the Responsible Party” section of this privacy policy.

How do we collect your data? On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form. Other data is collected automatically or after your consent when you visit the website by our IT systems. This is primarily technical data (e.g., internet browser, operating system, or time of the page view). This data is collected automatically as soon as you enter this website.

What do we use your data for? Part of the data is collected to ensure the error-free provision of the website. Other data can be used to analyze your user behavior. Insofar as contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other order inquiries.

What rights do you have regarding your data? You have the right at any time to receive information free of charge about the origin, recipient, and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have a right of appeal to the competent supervisory authority (the Information Commissioner’s Office – ICO).

2. Hosting

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the host(s). This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access, and other data generated via a website.

External hosting is for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) UK GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 (1) (f) UK GDPR).

Host used: Netcup We have concluded a Data Processing Agreement (DPA) with the provider, ensuring they process data only according to our instructions and in compliance with UK data protection standards.

3. General Notes and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

Note on the Responsible Party

The responsible party (Controller) for data processing on this website is: Lukas Thies Email: info@expatandalucia.com

Legal Basis for Data Processing

Under the UK GDPR, we process data based on:

  • Consent: Art. 6 (1) (a).
  • Contractual necessity: Art. 6 (1) (b).
  • Legal obligation: Art. 6 (1) (c).
  • Legitimate interests: Art. 6 (1) (f).

Your Rights (UK GDPR)

  • Right to Withdraw Consent: Revoke your consent at any time.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right of Access: Request a copy of your stored data.
  • Right to Rectification: Correct inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data.
  • Right to Data Portability: Receive your data in a machine-readable format.
  • Right to Complain: You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

4. Data Collection & Tools

Cookies

Our website uses “cookies”. These are small text files that do not cause any damage to your device. Some are technically necessary (Functional), others are used for analysis or marketing with your consent. For details, please see our specific Cookie Policy.

Server Log Files

The provider automatically collects information that your browser transmits to us:

  • Browser type/version
  • Operating system
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request
  • IP address

Contact Form & Email Inquiries

If you send us inquiries via the contact form or email, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

Comments Function

When you leave a comment, we store your IP address (to protect against illegal content), your email address, and your username.

5. Social Media & Third-Party Tools

Shariff Solution

We use the “Shariff” solution for social media buttons (Facebook, Instagram, LinkedIn). This prevents your data from being sent to social networks automatically when you visit the page; data is only transferred if you actively click the button.

Facebook / Instagram (Meta)

We use elements from Meta Platforms Ireland Limited. Data may be transferred to the US. Meta is certified under the EU-US Data Privacy Framework, which the UK government recognizes through the UK Extension (UK-US Data Bridge).

YouTube / Google Maps / reCAPTCHA

These services are provided by Google Ireland Limited. We use YouTube in “enhanced privacy mode” to minimize data collection. Google is also certified under the UK-US Data Bridge.

WP Statistics

We use WP Statistics for local, anonymized analysis of user behavior. Data is stored exclusively on our own server; no data is passed to the provider in Estonia in a personally identifiable way.

6. Newsletter

If you subscribe to our newsletter, we use your email address based on your consent. You can unsubscribe at any time via the link in the email. We may use a “blacklist” of unsubscribed emails to ensure you are not contacted again, fulfilling our legal obligation under the Privacy and Electronic Communications Regulations (PECR).

7. Affiliate Programs

We participate in affiliate partner programs. If you click on an affiliate link and make a purchase, we receive a commission. This is based on our legitimate interest in financing our website (Art. 6 (1) (f) UK GDPR).

Contact: If you have questions regarding your data, please contact info@expatandalucia.com.

Would you like me to create a specific “Contact Us” page template in English to go along with these legal documents?