Privacy Policy
Last updated: 9 jun 2026
1. Who we are (Data Controller)
Levantic (“we”, “us”, “our”) is responsible for the personal data collected through this website and in the course of our services.
- Controller: Richard van der Kroft, trading as Levantic
- Tax ID (NIF/NIE/CIF): XXXXXX
- Registered address: Calle Albalat, Moraira (Teulada), Alicante, Spain
- Website: levantic.es
- Email: info@levantic.es
If you have any question about this policy or about how we handle your data, write to us at hola@levantic.es.
2. What information we collect
We only collect the information we need to answer you, deliver our services and meet our legal obligations. Depending on how you interact with us, this may include:
Information you give us directly
- Contact and project-request forms: your name, email address, phone number, the company or context you’re writing about, and the details of your enquiry.
- The AI assistant (chatbot) on this site: the questions and messages you type, and any contact details you choose to share in the conversation.
- Email and messaging: anything you send us by email or via WhatsApp, including the contact details those channels reveal.
- Client engagements: the information needed to deliver a project and to invoice you (contact details, billing details, and the data we are given access to in order to do the work).
Information collected automatically
- Technical and usage data when you visit the site — IP address, browser type, device, pages viewed and similar — collected through our hosting and, where you consent, through analytics. See the Cookies section below.
We do not knowingly collect special categories of data (health, beliefs, etc.) through this website, and we ask that you do not send such information through our forms or chatbot.
3. Why we use your data, and our legal basis
| What we use it for | Legal basis (Art. 6 GDPR) |
|---|---|
| Answering your enquiry and following up | Steps taken at your request prior to a contract, and/or your consent |
| Providing the services you’ve engaged us for | Performance of a contract |
| Invoicing, accounting and tax records | Compliance with a legal obligation |
| Operating and securing this website | Our legitimate interest in running a safe, working site |
| Optional analytics and non-essential cookies | Your consent |
| Commercial communications (only if you’ve opted in) | Your prior consent (as required by the LSSI-CE) |
We do not send unsolicited commercial email. You will only receive commercial messages from us if you have given prior consent, and every such message includes an easy way to unsubscribe.
4. How long we keep your data
We keep personal data only for as long as it is needed for the purpose it was collected for, and then for any period required by law:
- Enquiries that don’t become projects: kept for the time needed to deal with them and a reasonable period afterwards, then deleted.
- Client and project data: kept for the duration of the engagement.
- Invoicing and accounting records: retained for the periods required by Spanish commercial and tax law (generally several years).
- Consent-based data (e.g. mailing list): kept until you withdraw your consent.
After the applicable period, data is securely deleted or anonymised.
5. Who we share your data with
We do not sell your personal data. We share it only with service providers who process it on our behalf (“data processors”), under a data-processing agreement, and only as far as needed to provide their service. Depending on the tools in use, these may include:
- Website hosting: WordPress
- Form and AI-assistant platform: Jotform
- Email and productivity tools: Arsys
- Messaging: WhatsApp (Meta)
- Translation tooling: DeepL
- Web analytics: Google Site Kit
We may also disclose data where we are legally required to (for example, to public authorities), or to professional advisers where necessary.
6. International data transfers
Some of the providers above are based outside the European Economic Area (EEA), or store data outside it — for example certain US-based platforms. Where personal data is transferred outside the EEA, we rely on a lawful transfer mechanism: an EU adequacy decision, the EU–US Data Privacy Framework, or the European Commission’s Standard Contractual Clauses, together with appropriate safeguards. You can ask us for more detail on the safeguards in place for any specific provider.
7. Your rights
Under the GDPR and the LOPDGDD you have the right to:
- Access the personal data we hold about you;
- Rectify data that is inaccurate or incomplete;
- Erase your data (“right to be forgotten”), where applicable;
- Restrict or object to our processing in certain circumstances;
- Data portability — receive your data in a structured, machine-readable format;
- Withdraw consent at any time, where processing is based on consent (this doesn’t affect processing already carried out).
To exercise any of these rights, email us at hola@levantic.es. We may ask you to confirm your identity. We will respond within the time limits set by law (normally one month).
If you believe we have not handled your data correctly, you also have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos, AEPD), www.aepd.es.
8. How we keep your data secure
We apply appropriate technical and organisational measures to protect your data against loss, misuse and unauthorised access — including secure hosting, access controls and encryption in transit. No system is perfectly secure, but we take security seriously and review our measures regularly.
If a data breach occurs that is likely to put your rights at risk, we will notify the AEPD within 72 hours of becoming aware of it, and will inform you directly where the law requires.
9. Cookies
This website uses cookies and similar technologies. Essential cookies are needed for the site to work and are set automatically. Non-essential cookies — such as analytics or advertising — are only set after you actively agree through our cookie banner. You can accept or reject non-essential cookies, and rejecting is as easy as accepting. Continuing to browse or scrolling does not count as consent.
10. Links to other websites
Our site may link to third-party websites. We are not responsible for their content or privacy practices; please check their own policies.
11. Children
This website and our services are not directed at children. We do not knowingly collect data from minors below the age of consent set by the LOPDGDD. If you believe a minor has provided us with data, contact us and we will delete it.
12. Changes to this policy
We may update this policy from time to time. The current version, with its “last updated” date, will always be available on this page. Significant changes will be communicated where appropriate.
13. Contact
Questions about this policy or your data: info@levantic.es.
English 
Español 
Nederlands