Contact
Contact

PRIVACY POLICY

1. Data Controller

  • Controller: Afirmare Auditores SLP (Tax ID No. B93063436)
  • Address: C/ Jacinto Verdaguer No. 11, Professional Office, 29002 Málaga (Málaga), Spain
  • Privacy contact email: info@afirmare.com

 

2. Personal data we process
Depending on how the website is used, we may process:

  • Identification and contact details: name, surname, email address, telephone number, company/entity.
  • Professional data: position, organisation, content of the enquiry.
  • Browsing data: IP address, online identifiers and data associated with the use of cookies/similar technologies. See Cookies Policy.

 

3. Purposes of processing
We process data for the following purposes:
a) To respond to enquiries and requests submitted through forms or by email.
b) To manage the professional or pre-contractual relationship when the data subject requests services or prior information.
c) To comply with applicable legal obligations, including accounting, commercial and tax obligations, as well as those specific to the professional practice.
d) Website security and prevention of fraud/improper use.
e) To send informational/commercial communications such as newsletters or similar communications, only where there is an appropriate legal basis.

4. Legal basis

  • Consent of the data subject under Article 6(1)(a) GDPR for forms and, where applicable, voluntary communications.
  • Pre-contractual measures or contract under Article 6(1)(b) GDPR where the request relates to the provision of services.
  • Legal obligation under Article 6(1)(c) GDPR where required by applicable regulations.
  • Legitimate interest under Article 6(1)(f) GDPR for website security, the management of general enquiries and the defence against possible claims, always balancing the rights of the data subject.

 

5. Recipients
Data will not be disclosed to third parties except in the following cases:

  • Legal obligation or requirement from competent authorities.
  • Service providers acting as data processors, such as hosting providers, corporate email providers, website maintenance providers and analytics/measurement tools, where used, with the corresponding contracts and safeguards.

 

6. International transfers
As a general rule, data will not be transferred outside the EEA. If providers involving international transfers are used, appropriate safeguards will be applied, such as standard contractual clauses or other measures recognised by the applicable regulations.

7. Retention periods

  • Enquiries and requests: for the time necessary to respond to them and, subsequently, for the applicable legal retention and limitation periods.
  • Professional documentation: retained in accordance with the legal periods applicable to the activity and, in particular, with the sector-specific rules on professional secrecy and the obligations for retaining/custody of audit documentation, where a specific legal period applies.
  • Cookies: as indicated in the Cookies Policy.

 

8. Rights of the data subject
You may request access, rectification, erasure, objection, restriction of processing, data portability and not to be subject to automated decisions, under the terms set out in the GDPR, by sending a request to info@afirmare.com and indicating “Data protection” in the subject line.
If you consider that your rights have not been properly addressed, you may lodge a complaint with the Spanish Data Protection Agency (AEPD).

9. Security
Afirmare Auditores SLP applies reasonable technical and organisational measures to protect data against loss, unauthorised access, alteration or disclosure, in accordance with the principles of the GDPR, including processing security measures.

10. Minors
This website is not intended for minors. If you are a minor, please do not submit personal data without authorisation from your legal representatives.

11. Changes to this policy
This policy may be updated to reflect legal changes or changes to the website. The version published on the website shall be the version in force.

  • 1. Professional confidentiality
    Afirmare Auditores SLP and the persons involved in professional engagements are subject to strict duties of confidentiality inherent to audit activity. In general, information obtained in the course of professional work may not be used for purposes other than those of the engagement itself, except in legally permitted cases, such as requests from competent authorities.
  • 2. Communications through the website / email
    Communications sent through contact forms or by email may not be fully secure channels. For this reason, we recommend that you do not send especially sensitive information through the website form. If you need to share confidential documentation, please request a secure channel, such as a platform or encrypted exchange system.
  • 3. Messages received in error
    If you receive a communication from Afirmare Auditores SLP in error, please notify the sender and delete it. Any unauthorised disclosure, copying or distribution is prohibited.
  • 4. No creation of a professional relationship
    The mere sending of a message through the website or by email does not imply acceptance of a professional engagement or the existence of a contractual relationship, which would require express confirmation and, where applicable, the signing of the corresponding engagement letter or contract.

 

DATA PROTECTION

Basic information under Article 13 GDPR

  • Controller: Afirmare Auditores SLP (Tax ID No. B93063436).
  • Purpose: to respond to your request/enquiry and, where applicable, to manage the professional or pre-contractual relationship arising from it.
  • Legal basis: your consent when submitting the form and/or the application of pre-contractual measures where you request services.
  • Recipients: data will not be disclosed to third parties except where legally required; service providers acting under contract as data processors may have access to the data in order to provide services to Afirmare Auditores SLP.
  • Rights: access, rectification, erasure and other GDPR rights, by sending a request to info@afirmare.com.
  • Additional information: available in the Privacy Policy of this website.

Economist and statutory auditor (ROAC No. 21,376), registered in the Register of Sustainability Verifiers. He holds a Degree in Business Administration and Management from Antonio de Nebrija University, is a member of the Málaga Association of Economists and acts as an insolvency administrator. He has been a member of the REA-REGA Quality Submission Committee and an audit quality control reviewer under the ICAC agreement between 2011 and 2022. He currently works as a consultant in Quality Management Systems for audit firms and delivers accredited training at universities, professional associations and professional bodies throughout Spain.

David García VegaROAC Audit Partner

Linkedin