The purpose of this privacy policy is to explain, in a clear and transparent manner, how EFI SPED SL collects, uses, stores, and protects the personal data of users who access our website and the various associated communication channels.
Respect for privacy and information security is an essential principle of our organization. Therefore, all data processing we carry out complies with the provisions of Regulation (EU) 2016/679, General Data Protection Regulation (GDPR), Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), and Law 34/2002 on Information Society Services and Electronic Commerce (LSSICE).
📅 Last updated: September 2025
1. Identification of the Data Controller
In accordance with current regulations, we inform you that the personal data collected through this website and other electronic means will be processed by:
Company name: EFI SPED SL
Tax ID number: B72880198
Registered office: Diseminados 62, La Almunia de Doña Godina, 50100 Zaragoza
Contact telephone number: 640 905 844
Email: info@envo.es
Website: www.envo.es
EFI SPED SL acts as the data controller for the processing detailed in this document.
2. Concept and nature of personal data
Personal data is any information that allows a natural person to be identified, directly or indirectly. This category includes, among others:
Identification data: name, surname, ID number, postal address, telephone number, email address.
Professional data: CV, academic or employment history.
Browsing data: IP address, device identifiers, approximate location, browsing habits, or language preferences.
Financial or billing data in the case of clients or suppliers.
3. Origin of the data
The personal data we process at EFI SPED SL may come from the following sources:
Contact forms and website registration.
Subscription to newsletters or commercial communications.
Interactions on social media and linked platforms.
Submission of job applications or professional collaborations.
Cookies and similar technologies, as described in our Cookie Policy.
4. Purpose of processing
The data is collected for specific, explicit, and legitimate purposes and is not processed in a manner incompatible with those purposes. Specifically, we use the information to:
Manage inquiries, information requests, and provide customer service.
Maintain the contractual relationship with clients and suppliers.
Manage subscriptions to newsletters and informational communications.
Offer personalized content and improve the browsing experience.
Conduct statistical and analytical studies on website use.
Comply with applicable legal and regulatory obligations.
Manage selection processes and receive spontaneous applications.
Prevent misuse of the website and ensure its security.
5. Legal basis for processing
The legal basis for processing personal data is based on:
Express consent of the data subject in those cases where it is requested (cookies, newsletters, commercial mailings, resumes).
Performance of a contract or pre-contractual measures, when the data is processed to manage commercial or employment relationships.
Compliance with legal obligations, such as those arising from tax, labor, or transportation regulations.
Legitimate interest of the data controller: to improve the quality of the service and maintain the security of the website.
6. Data retention
The data will be retained for the periods strictly necessary to fulfill the stated purposes and, in any case, for the legally established periods. For guidance:
Contact information: until the query is resolved and, at most, for 3 years.
Newsletter and commercial communications: until consent is revoked.
Billing and customer information: 6 years (commercial and tax obligations).
Resumes and applications: 2 years from the last update.
Cookies: as indicated in the Cookie Policy.
7. Communication and transfer of data
In general, we do not share personal data with third parties, except as provided by law or when necessary for the provision of the service.
Your data may be accessed by:
Technology service providers (hosting, email, IT security).
Accounting, tax, and legal consultancies.
Financial institutions, for payment management.
Administrative or judicial authorities, when legally required to do so.
When data is transferred outside the European Economic Area, an adequate level of protection will be guaranteed in accordance with the GDPR, applying contractual clauses.