Trip Tours MAD

Privacy policy

Last updated: 2026-05-14

At Trip Tours Madrid we respect your privacy and take data protection seriously. This policy explains what data we collect, why, how long we keep it, and what rights you have. It complies with EU Regulation 2016/679 (GDPR) and Spanish LOPDGDD 3/2018.

1. Data controller

Controller: Trip Tours Madrid Tax ID: [NIF de la empresa] Address: [Dirección fiscal completa] Data Protection Officer: [email DPD] Contact: WhatsApp +34 642 78 47 32 · Website https://recomendaciones.triptours.eu

2. Data we collect

We collect the following personal data:

· Business form (/para-negocios): business name, contact person, email, phone (optional), neighborhood, category, and free message. · Automatic technical data: IP address, browser, OS, language, pages visited, and referrer (via hosting provider).

We do NOT collect data from guide visitors: browsing and activating discounts requires no registration or email.

3. Purpose

· B2B form: process your request to join the guide, contact you for a visit, and where applicable formalize a commercial agreement. · Technical data: ensure the site works, prevent abuse, and measure performance in aggregate and anonymously.

No profiling, automated decisions, or international transfers outside the EEA.

4. Legal basis

· B2B form: execution of pre-contractual measures at the data subject's request (art. 6.1.b GDPR). · Technical data: legitimate interest in service security and improvement (art. 6.1.f GDPR).

5. Retention

· B2B form data: until the commercial conversation ends. If an agreement is signed, for its duration plus the legal statute of limitations. · Technical data: maximum 12 months in provider logs.

6. Recipients

We do not transfer your data to third parties, except by legal obligation. As processors we use:

· Vercel Inc. — hosting and serverless · Transactional email provider (when activated)

These processors act only under our instructions and may not use your data for their own purposes.

7. Your rights

You have the right to:

· Access your data · Rectify inaccurate data · Erase data when no longer needed · Restrict processing · Object to processing · Data portability · Not be subject to automated decisions

To exercise them, write to [email DPD] attaching ID or equivalent. You may also file a complaint with the Spanish Data Protection Agency (aepd.es).

8. Security

We apply reasonable technical and organizational measures: site-wide HTTPS encryption, access controls, and data minimization (we don't ask for what we don't need).

9. Changes

We may update this policy. The last revision date appears at the top. We will visibly announce substantial changes on the site.