Skip to main content
IberiaIntel — IA y Ciberinteligencia

Privacy Policy

Last updated: April 15, 2026 · Version 3.0

Courtesy translation. The Spanish version is the legally binding one (Spanish company, Spanish jurisdiction).

At IberiaIntel we protect personal and corporate data with the highest rigor. This Privacy Policy transparently explains what data we collect, for what purpose, on what legal basis, for how long, and what rights you have. It applies to all IberiaIntel services (website, ErisAI and ArgesAI interactive demos, automations, Digital Marketing and multilingual SEO).

1. Data Controller

  • Name: IberiaIntel
  • Address: Campo de Gibraltar, Cádiz (Spain)
  • Contact email: contact@iberiaintel.com
  • Data Protection Officer (DPO): dpo@iberiaintel.com
  • Phone: +34 711 229 129

2. Applicable Regulations

We comply with Regulation (EU) 2016/679 General Data Protection (GDPR), Spanish Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD), Law 34/2002 on Information Society Services (LSSI-CE), and the ePrivacy Directive regarding cookies and electronic communications.

3. Data We Process

3.1. Data provided voluntarily

  • Identification: first name, last name, company, role.
  • Contact: corporate email, phone.
  • Inquiry content: message, service interest, estimated budget.

3.2. Browsing and usage data

  • IP address, device and browser identifiers, preferred language.
  • Pages visited, time spent, and visit origin (referer).
  • Technical, analytics and preference cookies (see Cookie Policy).

3.3. Data entered in our Interactive Demos (ErisAI, ArgesAI, Automations)

Demos are simulated environments (sandbox). The data you enter (e.g. domains, OSINT queries, agent prompts) is processed in volatile memory, is not persisted in real databases, does not train our models, and is purged when the session ends. Do not upload real sensitive data or credentials to the demos.

4. Purposes and Legal Bases

PurposeLegal basis (GDPR)
Respond to contact forms and diagnosticsArt. 6.1.b — Pre-contractual measures
Provision of contracted services (AI, cyber intelligence, SEO)Art. 6.1.b — Contract execution
Newsletter and commercial contentArt. 6.1.a — Express consent
Compliance with tax and accounting obligationsArt. 6.1.c — Legal obligation
Web analytics and service improvementArt. 6.1.f — Legitimate interest + consent (cookies)
Fraud prevention and securityArt. 6.1.f — Legitimate interest

5. Retention Periods

  • Leads and forms: 24 months since last contact.
  • Active customers: during the contractual relationship and 6 years after its termination (commercial obligations).
  • Newsletter: until you withdraw your consent.
  • Security logs: maximum 12 months.
  • Demo data: volatile, purged in real time.

6. Recipients and Data Processors

We do not sell your data. We only share information with technology providers necessary for service delivery, all of them with signed data processing agreements (Art. 28 GDPR):

  • Cloud hosting and infrastructure (European servers and providers with standard contractual clauses).
  • Transactional email providers (to respond to your inquiries).
  • Anonymized analytics (Google Analytics with anonymized IP and prior consent).
  • AI providers (OpenAI, Anthropic and our own models) only when the contracted service requires it, with no-retention and no-training clauses.
  • Tax authorities when there is a legal obligation.

7. International Transfers

We prioritize providers with EU data centers. When transfers to third countries exceptionally occur, they will be carried out under Adequacy Decisions or Standard Contractual Clauses approved by the European Commission, with supplementary measures (encryption in transit and at rest, pseudonymization).

8. Automated Decisions and Profiling

We do not make automated decisions with significant legal effects on you. The AI systems we use (ErisAI, ArgesAI, multilingual SEO agents) generate recommendations that are reviewed by human analysts before being delivered to the client.

9. Data Subject Rights

You may exercise the following rights at any time:

  • Access: obtain a copy of the data we process.
  • Rectification: correct inaccurate data.
  • Erasure (right to be forgotten): delete your data when no longer needed.
  • Objection: object to processing based on legitimate interest.
  • Restriction: restrict processing while a claim is verified.
  • Portability: receive your data in a structured, readable format.
  • Withdrawal of consent: with no retroactive effect.
  • Not to be subject to automated decisions with legal effects.

Send your request to dpo@iberiaintel.com attaching a copy of an ID. We will respond within a maximum of one month. You have the right to file a complaint with the Spanish Data Protection Agency (www.aepd.es) if you believe your rights have not been respected.

10. Security Measures

We apply technical and organizational measures appropriate to the risk (Art. 32 GDPR): TLS 1.3 encryption in transit, AES-256 encryption at rest, role-based access control (RBAC), mandatory multi-factor authentication, event logging and auditing, encrypted daily backup, and periodic recovery tests. We conduct internal offensive audits (red team) and annual reviews of our Management System.

11. Minors

Our services are intended for professionals and organizations. We do not knowingly collect data from minors under 14. If you detect that a minor has provided us with data, contact us and we will delete it.

12. Cookies

We use technical, analytics, and preference cookies. You can configure your preferences at any time from our banner or check the Cookie Policy for the full list, purpose, provider, and duration of each cookie.

13. Security Breach Notification

In the unlikely event of a security breach with risk to your rights, we will notify the AEPD within 72 hours and affected parties without undue delay, in accordance with Arts. 33 and 34 of GDPR.

14. Policy Modifications

We may update this policy to reflect regulatory or service changes. We will publish any change on this page with the update date. Substantial changes will be communicated to registered users by email.

15. Contact

For any questions about this policy or the processing of your data, write to dpo@iberiaintel.com or use our contact form.