Talk to an expert

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 (General Data Protection Regulation, GDPR), and Spanish Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD), NEXUMIA SL informs the Users of this Website about its personal data processing policy.

1. Data controller

  • Company name: NEXUMIA SL
  • Tax ID (NIF): B24755589
  • Address: Calle De Güell I Ferrer 57, ESC. 1, P. 1, Pta. A, 08203 Sabadell (Barcelona), Spain
  • Email: business@nexumia.eu
  • Phone: +34 930 485 363

2. Data Protection Officer (DPO)

NEXUMIA SL is not required to appoint a Data Protection Officer under Article 37 GDPR or Article 34 LOPDGDD, and has therefore not designated one. For any data protection enquiries, Users may contact business@nexumia.eu.

3. Purposes, legal bases and data processed

3.1 Contact form

  • Purpose: manage queries, requests for information and quotes submitted via the Website’s form.
  • Data processed: name, email, phone number (if provided) and message content.
  • Legal basis: the data subject’s consent (Art. 6(1)(a) GDPR) and pre-contractual measures requested by the data subject (Art. 6(1)(b) GDPR).
  • Retention period: 1 year from the last communication, unless it leads to a contractual relationship.

3.2 Customer relationships

  • Purpose: provision of contracted services, administrative management, invoicing and after-sales support.
  • Data processed: identifying, tax and contact data, plus any data necessary to perform the contract.
  • Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and compliance with applicable legal obligations, including tax and commercial law (Art. 6(1)(c) GDPR).
  • Retention period: for the duration of the contractual relationship and 6 years after its termination, in accordance with Article 66 of the Spanish General Tax Law.

3.3 CVs received

  • Purpose: management of staff selection processes.
  • Data processed: data contained in the CV submitted by the candidate.
  • Legal basis: the data subject’s consent (Art. 6(1)(a) GDPR).
  • Retention period: 1 year from receipt, unless an earlier deletion request is received.

4. Recipients

NEXUMIA SL does not transfer personal data to third parties except where required by law.

All technological infrastructure used by NEXUMIA SL for data processing (web server, corporate email and the Dolibarr ERP/CRM system) is hosted on its own servers (VPS) under the direct control of NEXUMIA SL. No external data processors are used for hosting or processing the information.

5. International transfers

NEXUMIA SL does not carry out international transfers of personal data outside the European Economic Area (EEA).

6. Data subject rights

Users may exercise, free of charge and at any time, the following rights:

  • Access: learn which personal data are being processed.
  • Rectification: request the correction of inaccurate or incomplete data.
  • Erasure: request deletion of data when no longer necessary.
  • Objection: object to processing on grounds relating to your particular situation.
  • Restriction of processing: request restriction of processing in certain circumstances.
  • Portability: receive the data provided in a structured, commonly used and machine-readable format.
  • Withdrawal of consent: revoke consent previously granted, without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise these rights, Users must send a written request to business@nexumia.eu, attaching a copy of their national ID card or equivalent document proving their identity.

7. Supervisory authority

If Users believe that the processing of their personal data does not comply with the applicable regulations, they have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6, 28001 Madrid, or via its e-office at https://www.aepd.es.

8. Security measures

NEXUMIA SL has adopted the technical and organisational measures necessary to safeguard the security of the personal data processed and prevent their alteration, loss, unauthorised processing or access, taking into account the state of the art, implementation costs and the nature, scope, context and purposes of processing, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons.

9. Changes to the policy

NEXUMIA SL reserves the right to amend this Privacy Policy to reflect new legislation or case law. Any changes will be published on this same page.

Last updated: 17 April 2026.