This legal text gives you details of how we collect and process your personal data through the use of our website, including any information you can provide us through the site when you provide us with your contact information through the enabled form for that end.

By providing us with the data, we inform you that our services are not possible for those people whose regulations prevent them from giving consent, so when you send us the forms, you guarantee that you have sufficient capacity to grant consent.

Below we inform you about the data protection policy of: Frapa, S.L

1. Responsible for the treatment.

Contact details of the person in charge:

Frapa, S.L, with CIF: B29179769 and address at: C / Amadeo Vives, 2 – 10º 2 29002 Malaga  – Málaga and telephone: +34 952 35 42 53. Email:

Registered in the Mercantile Registry of Malaga, Volume 808, book 628, section 3, page 119, sheet 6065, first registration.

Frapa, S.L, is responsible for your data. (Hereinafter we or our).

2. What data do we collect?

The General Data Protection Regulation defines personal data as any information about an identified or identifiable natural person, that is, any information capable of identifying a person. This would not include anonymous or percentage data.

The personal data that could be collected directly from the interested party will be treated confidentially and will be incorporated into the corresponding treatment activities, owned by Frapa, S.L.

On our website we can process certain types of personal data, which may include:

  • Identity data: name and surname.
  • Contact information: email and telephone.

We do not collect any data related to special categories of personal data (those that reveal their ethnic or racial origin, political opinions, religious or philosophical beliefs, union affiliation and health information, genetic or biometric data).

In case you are asked to collect personal data by law or according to the terms of contract between us and you refuse to provide it to us, we may not be able to make such a contract or provide the service, and you must notify us in advance.

3. How do we collect your personal data?

The means we use to collect personal data are:

  • Through the form on our website, through our contact email, by phone or postal mail, when:

o Request information about our products or services

o Hire the provision of our services or products

o Request budgets

  • Through automated technology or interactions: on our site we can automatically collect technical data about your equipment, navigation actions and usage patterns. This data is collected through cookies or similar technologies. If you want to expand the information, you can consult our cookies policy here (link cookies policy)
  • Through third parties:

o Google: analytical data or search data. Outside the European Union.


4. Purpose and legitimacy for the use of your data.

The most common uses of your personal data are:

– For the formalization of a contract between Frapa, S.L and you.

– When you consent to the processing of your data

– When we need them to comply with a legal or regulatory obligation

– When necessary for our legitimate interest or that of a third party.

The User may revoke the consent given at any time by sending an email to or by consulting the section on exercising rights later.

Below we attach a table in which you can consult the ways in which we will use your personal data and the legitimacy for its use, in addition to knowing what type of personal data we will treat. We can process some personal data for some additional legal reason, so if you need details about it you can send an email to


Purpose Type of data Legitimacy for processing

To request information through the contact form – Name- Surname- Email- Telephone Consent of the interested party

To work with us – Name- Surname- Email- Telephone- Consent of the interested party Compliance with a pre-contractual obligation Legitimate interest


Purpose: We will only use your data for the purposes for which we collect it, unless we reasonably consider that we must use it for another reason, notifying you previously so that you are informed of the legal reason for its processing and as long as the purpose is compatible with the purpose original.


5. How long will we keep your data?

They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible s responsibilities that could be derived from said purpose and the processing of the data. The provisions of the different regulations regarding the term of conservation shall apply, in what is applicable to this treatment.


6. Exercise of Data Protection Rights:

How to exercise these rights? Users may send a communication to the registered office of Frapa, S.L or email address, including in both cases a photocopy of their ID or other similar identification document, to request the exercise of the following rights:

– Access to your personal data: you can ask Frapa, S.L if you are using your personal data.

– To request its rectification, if they were not correct, or to exercise the right to be forgotten with respect to them.

– To request the limitation of the treatment, in this case, they will only be kept by Frapa, S.L for the exercise or defense of claims

– To oppose its treatment: Frapa, S.L will let the data be processed in the manner you indicate, unless for legitimate reasons or for the exercise or defense of possible claims, these must continue to be treated.

– To the portability of the data: in case you want your data to be treated by another firm, Frapa, S.L, it will facilitate the portability of your data to the new person in charge.

You can use the models made available by the Spanish Agency for Data Protection, to exercise your previous rights: Here

Claim before the AEPD: if you consider that there is a problem with the way in which Frapa, SL is treating your data, you can direct your claims to the corresponding control authority, being in Spain, the competent one for it: Spanish Agency for Data Protection .

We will request specific information to help us confirm your identity and guarantee your right to access your personal data (or exercise any other of the rights mentioned above). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

All applications will be solved within the indicated legal period of one month. However, it may take more than a month if your request is particularly complex. In this case, we will notify you and keep you updated.




7. Transfer of personal data

It is possible that, in the performance of our work, we need the help of third parties, who only process the data to provide the contracted service, and with which we have the corresponding measures to guarantee their rights:

– Service providers that provide systems administration and information technology services.

– Professional advisors that include lawyers, auditors and insurers that provide banking, legal, insurance and accounting consulting services

All data controllers to whom we transfer your data will respect the security of your personal data and will treat it according to the GDPR.

We only allow those managers to process your data for certain purposes and in accordance with our instructions. However, you can request, in compliance with transparency, a list of who these companies are that provide services to us, you can do so by email:


8. Data Security

We have implemented the appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized manner, modified or disclosed. In addition, we limit access to your personal data to those employees, contracting agents and other third parties who have a commercial need to know such data. They will only process your personal data according to our instructions and will be subject to a duty of confidentiality.

We have implemented procedures to deal with any suspected violation of your personal data and we will notify you and the Control Authority in the event that it occurs, as is regulated in the GDPR in its articles 33 and 34, a security breach.