Skip to main contentSkip to footer

Privacy policy

1. Data Controller

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – “GDPR”) and Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights, personal data provided through this website shall be processed by:

SIRSON LEGACY, S.L.
Tax Identification Number (CIF): ESB72860828
Registered Office: C/ Santa Leonor 65, Building D, 3rd Floor, Office 10, 28037 Madrid, Spain
Email: info@sirsonlegacy.es

(hereinafter, the “Company” or the “Controller”).

The content hosted on this website is protected by the applicable intellectual property legislation. The copying, modification, reproduction, downloading, transmission, distribution, or transformation of the website’s content is expressly prohibited without the prior authorization of the holder of the relevant rights, unless legally permitted.

Access to the website does not imply the acquisition by users of any ownership rights over the content displayed therein.

Any user who becomes aware of any infringement of the intellectual or industrial property rights relating to this website shall immediately notify the publisher and shall provide full cooperation in the defense of such rights.

2. Purposes of Processing and Legal Basis

Personal data shall be processed for the following purposes:

2.1 Handling of Enquiries

To respond to requests for information submitted via contact forms, email, or other communication channels.

Legal basis: consent of the data subject (Article 6(1)(a) GDPR).

2.2 Provision of Professional Services

To manage pre-contractual communications and to provide international tax advisory and global mobility services.

This includes client identification, compliance procedures, tax structuring advisory, and related professional services.

Legal basis: performance of a contract or implementation of pre-contractual measures at the request of the data subject (Article 6(1)(b) GDPR).

2.3 Compliance with Legal Obligations

To comply with tax, accounting, anti-money laundering, and other regulatory obligations applicable to the Company.

Legal basis: compliance with a legal obligation (Article 6(1)(c) GDPR).

2.4 Newsletter and Professional Communications

To send newsletters, legal updates, technical briefings, and corporate communications related to international taxation and mobility.

Legal basis: explicit consent of the data subject (Article 6(1)(a) GDPR).

Consent may be withdrawn at any time without affecting the lawfulness of processing carried out prior to withdrawal.

2.5 Website Analytics (If Implemented)

If analytical tools are implemented (e.g., Google Analytics), browsing data may be processed for statistical and service improvement purposes.

Legal basis: consent obtained through the cookie management system (Article 6(1)(a) GDPR).

3. Categories of Personal Data Processed

Depending on the purpose, the Company may process:

  • Identification data (name, surname)
  • Contact details (email address, telephone number)
  • Professional data
  • Tax and financial data necessary for advisory services
  • Browsing data (where applicable)

The Company does not intentionally process special categories of personal data under Article 9 GDPR unless strictly necessary for the provision of services and subject to appropriate safeguards.

4. Data Retention Period

Personal data shall be retained in accordance with the following criteria:

  • Enquiry data: up to 12 months from the last interaction.
  • Client data: for the duration of the contractual relationship and thereafter for the statutory limitation periods established under Spanish tax and commercial legislation (minimum six years pursuant to the Spanish Commercial Code).
  • Newsletter data: until consent is withdrawn.

Data shall not be retained longer than necessary for the purposes for which it was collected.

5. Recipients of Data

Personal data may be disclosed to:

  • Public authorities and tax agencies where legally required.
  • Professional advisers (accounting, legal, compliance) where necessary.
  • IT and hosting service providers acting as data processors under appropriate data processing agreements pursuant to Article 28 GDPR.

No data shall be sold or disclosed for commercial purposes to third parties.

6. International Data Transfers

Given the international scope of the Company’s advisory services, personal data may be transferred outside the European Economic Area (EEA).

Where such transfers occur, they shall be carried out:

  • To countries subject to an adequacy decision by the European Commission; or
  • Subject to appropriate safeguards, including Standard Contractual Clauses adopted by the European Commission, or other lawful transfer mechanisms under Articles 44–49 GDPR.

7. Data Subject Rights

Data subjects are entitled to exercise the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent at any time

Requests may be submitted in writing to: info@sirsonlegacy.es.

Data subjects also have the right to lodge a complaint with the Agencia Española de Protección de Datos or with the competent supervisory authority in their country of residence.

8. Security Measures

The Company implements appropriate technical and organisational measures in accordance with Article 32 GDPR to ensure a level of security appropriate to the risk, including measures designed to safeguard confidentiality, integrity, and availability of personal data.

9. Policy Updates

This Privacy Policy may be updated to reflect legislative changes, regulatory guidance, or modifications in the Company’s data processing activities.

Cookies policy

1. What Are Cookies?

Cookies are files downloaded onto the user’s device when accessing certain websites, allowing the storage and retrieval of information about browsing behavior.

2. Types of Cookies Used on This Website

Currently, the website does not use advertising or profiling cookies.

The following categories may be used:

a) Technical (Strictly Necessary) Cookies

These cookies enable basic website navigation and essential functionality.

Legal basis: legitimate interest (Article 6(1)(f) GDPR).

These cookies do not require user consent.

b) Analytical Cookies (If Implemented in the Future)

Should analytical tools such as Google LLC Analytics be implemented, they will allow measurement of website usage and statistical analysis.

Such implementation may involve international data transfers to the United States.

Appropriate safeguards will be applied in accordance with the General Data Protection Regulation (GDPR).

Legal basis: user consent (Article 6(1)(a) GDPR).

Analytical cookies will not be installed until the user has provided explicit consent through the cookie configuration banner.

3. Consent Management

Upon accessing the website, users may:

  • Accept all cookies.
  • Reject non-essential cookies.
  • Configure their preferences on a granular basis.

Consent may be withdrawn at any time via the cookie settings panel available on the website.

4. Cookie Retention Period

Technical cookies shall be retained only for the time necessary to provide the requested service.

Analytical cookies, where applicable, shall not exceed a maximum duration of 24 months, or the retention period established by the provider, always in accordance with data minimization principles.

5. How to Disable Cookies via Browser Settings

Users may allow, block, or delete cookies through their browser settings (Chrome, Firefox, Safari, Edge, etc.).

Disabling cookies may affect website functionality.

6. Policy Updates

This Cookies Policy may be updated to reflect legislative changes or technical modifications to the website.

SirsonLegacy
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.