Privacy Policy

Last updated: February 2026

1. Data Controller

In accordance with Regulation (EU) 2016/679 (GDPR) and the Spanish Organic Law 3/2018 (LOPDGDD), we inform you that the personal data you provide will be processed by:

2. For what purposes do we process your data?

At AdViral, we process the information provided by interested parties for the following purposes:

• Contact management and customer service: To respond to requests for information, queries, or requests for complimentary audits submitted via our website forms or email.
• Provision of services: Should you contract our marketing services, to manage the administrative, financial, and accounting relationship.
• Commercial communications (Newsletter): Only if you have given us your express consent, we will send you information regarding updates, blog articles, and promotions.

3. What is the legal basis for processing?

The legal basis that allows us to process your data depends on your interaction with us:

• Consent of the data subject: This is the basis for responding to your enquiries sent via form or email, as well as for sending commercial communications if you have subscribed to them.
• Performance of a contract: Mandatory for managing the agency service if you become a client.
• Legitimate interest: To conduct satisfaction surveys or ensure network security.
• Legal obligation: To comply with tax and accounting regulations (e.g., invoicing).

4. How long will we keep your data?

Personal data will be retained for as long as the commercial relationship is maintained or until you request its deletion. Once the relationship has ended, we will proceed to block the data.

This means the data will be stored securely with restricted access, available exclusively to judges and courts, the Public Prosecutor’s Office, or the competent authorities, during the statutory limitation periods for liabilities (typically between 4 and 6 years). After this time, it will be permanently deleted.

5. Recipients: Who do we share your data with?

Your data will not be transferred to third parties unless there is a legal obligation to do so. However, to provide our services, we use technology providers who act as data processors under strict confidentiality agreements:

• Web hosting service providers.
• Email marketing and customer relationship management (CRM) platforms.
• Accounting and administrative services.

International Transfers

We use services from technology providers such as Google LLC (for analytics and advertising) that may involve international data transfers to the USA. These transfers are carried out under the EU-US Data Privacy Framework (DPF), ensuring an adequate level of protection in accordance with European regulations.

6. Your Rights

As a user, you have the right to exercise control over your personal information:

• Access: To know whether we are processing your data and to obtain a copy.
• Rectification: To correct inaccurate data.
• Erasure (Right to be Forgotten): To request that we delete your data when it is no longer necessary.
• Restriction: To request that the processing of your data be suspended under certain circumstances.
• Portability: To receive your data in a structured, commonly used format.
• Objection: To object to the processing, especially if it is for marketing purposes.

To exercise these rights, you can send an email to info@adviral.es, attaching a copy of your ID. You also have the right to file a complaint with the Spanish Data Protection Agency (AEPD) if you believe we have not handled your data correctly.

7. Data Security

AdViral is committed to fulfilling its obligation of secrecy regarding personal data and its duty to safeguard it, adopting the necessary technical and organisational measures to prevent its alteration, loss, unauthorised processing, or access, taking into account the state of technology at all times.