Privacy Policy

Last updated: January 2026

Introduction

PrimeBeacon S.A. ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, use our services, or interact with us in any way.

Data Controller Information

PrimeBeacon S.A. is the data controller responsible for your personal data. Our contact details are:

Data We Collect

We may collect and process the following types of personal data:

Information You Provide Directly

When you use our services or contact us, we collect data you provide directly, including:

  • Contact information (name, email address, phone number, company details)
  • Business information (company size, industry, financial planning needs)
  • Communication records (emails, phone calls, meeting notes)
  • Service preferences and requirements
  • Payment information (processed securely through third-party providers)

Automatically Collected Information

When you visit our website, we automatically collect certain technical data collection includes:

  • Device and browser information
  • IP address and location data
  • Website usage patterns and analytics
  • Cookie data and tracking preferences

How We Use Your Information

We use your personal data for legitimate business purposes and with your consent where required. Our use of your data includes providing our financial planning services, responding to your enquiries, and improving our offerings. Specifically, we process your information to:

  • Provide and deliver our financial planning services
  • Respond to your enquiries and provide customer support
  • Process payments and manage billing
  • Improve our services and develop new offerings
  • Comply with legal obligations and regulatory requirements
  • Protect our business interests and prevent fraud
  • Send relevant business communications (with your consent)

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract: To perform our services and fulfil contractual obligations
  • Legitimate Interest: To operate our business, improve services, and communicate with clients
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our cookie usage, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service providers who assist in delivering our services
  • Professional advisors (lawyers, accountants, auditors)
  • Regulatory authorities when legally required
  • Business partners with your explicit consent
  • Potential acquirers in case of business transfer

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, including adequacy decisions, standard contractual clauses, or other approved mechanisms under GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Generally, we keep client data for seven years after the end of our business relationship to comply with legal obligations. Marketing data is retained until you withdraw consent. Technical data and cookies are retained according to their specific purposes and legal requirements.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request information about how we process your data
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your personal data in certain circumstances
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing at any time

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes through our website or direct communication. The "last updated" date at the top of this policy indicates when the most recent changes were made.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

Supervisory Authority

You have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos) if you believe we have not handled your personal data in accordance with data protection laws.

Note: This Privacy Policy is governed by Spanish and EU law. For any disputes arising from this policy, Spanish courts shall have jurisdiction.