Legal Document

Privacy Policy

Last updated: May 21, 2026

1. Data Controller

Company: FLOO GLOBAL S.L.

Tax ID (NIF/CIF): B24940405

Registered address: Barcelona, Spain.

Privacy contact: admin@floo.es

Phone: +34 622 290 182

2. Applicable Regulations and Scope

This policy applies to personal data collected through FLOO websites, forms, and direct communications. Processing is carried out according to Regulation (EU) 2016/679 (GDPR), Spanish Organic Law 3/2018 on Personal Data Protection and guarantee of digital rights (LOPDGDD), and Law 34/2002 on Information Society Services and Electronic Commerce (LSSI-CE) when electronic communications or online services are involved.

3. Data We Process

  • Identification and contact data provided by users (name, surname, company, email, phone, message).
  • Commercial and pre-contractual data related to product or service requests.
  • Administrative, billing or delivery data when a commercial relationship exists.
  • Technical and security data generated during browsing (IP address, device/browser metadata, events and logs).
  • Marketing preferences and consent records when newsletter communications are enabled.

FLOO does not intentionally collect special categories of personal data through this website. Please do not include health, biometric, political, religious or other sensitive information in open text fields.

4. Sources of Data

Data is mainly obtained directly from the user through website forms, email, telephone or other communications with FLOO. Some technical data is generated automatically when the website is accessed, as described in this policy and in the Cookie Policy.

5. Purposes and Legal Bases

  • Handling requests and inquiries: pre-contractual measures requested by the user and FLOO's legitimate interest in responding to communications (Art. 6(1)(b) and 6(1)(f) GDPR).
  • Preparing quotes, orders and business relationships: contract performance or pre-contractual measures (Art. 6(1)(b) GDPR).
  • Administrative, accounting and tax management: compliance with legal obligations applicable to FLOO (Art. 6(1)(c) GDPR).
  • Sending commercial communications: user consent or, where legally permitted, FLOO's legitimate interest in sending communications about similar products or services to existing customers (Art. 6(1)(a) and 6(1)(f) GDPR; LSSI-CE).
  • Website operation, fraud prevention and security: FLOO's legitimate interest in keeping the website secure, available and protected against misuse (Art. 6(1)(f) GDPR).

Consent may be withdrawn at any time without affecting the lawfulness of processing carried out before withdrawal.

6. Retention Periods

  • Inquiry data: up to 12 months from the last meaningful interaction.
  • Pre-contractual and contractual data: for the duration of the relationship and the applicable limitation periods for potential liabilities.
  • Accounting, tax and commercial documents: for the periods required by Spanish commercial and tax regulations, generally up to 6 years for accounting/commercial records and 4 years for tax purposes, unless a longer period is legally required.
  • Marketing data: until consent is withdrawn or an objection is received.
  • Security logs: for the time necessary to ensure website security, investigate incidents and comply with applicable duties.

7. Recipients and Processors

FLOO may give access to personal data to service providers acting as data processors, such as hosting, email, infrastructure, maintenance, CRM, billing, analytics or support providers. These providers must process the data under written instructions and data processing agreements compliant with Article 28 GDPR.

Personal data may also be disclosed to public authorities, courts, banks, payment providers, professional advisers or insurers when necessary to comply with legal obligations, manage contractual relationships or defend FLOO's rights. FLOO does not sell personal data.

8. International Transfers

FLOO aims to process personal data within the European Economic Area. If a provider or technical service requires an international transfer, FLOO will ensure that one of the safeguards permitted by the GDPR applies, such as an adequacy decision, Standard Contractual Clauses, binding corporate rules or another valid transfer mechanism.

9. Automated Decisions

FLOO does not use the personal data collected through this website to make decisions based solely on automated processing that produce legal effects or similarly significant effects for users.

10. Your Rights

You may exercise your rights of access, rectification, erasure, objection, restriction of processing, portability and withdrawal of consent by contacting admin@floo.es. To protect your privacy, FLOO may ask for information reasonably necessary to verify your identity before processing the request.

FLOO will respond within the legally applicable period. You may also lodge a complaint with the Spanish Data Protection Authority (AEPD): www.aepd.es, especially if you believe that your rights have not been properly addressed.

11. Minors

FLOO services are not intended for children under 14 years old. If unauthorized minor data is detected, it will be deleted without undue delay. If a parent or guardian believes a minor has provided personal data to FLOO, they may contact admin@floo.es.

12. Security

FLOO applies appropriate technical and organizational measures to protect data confidentiality, integrity and availability. These measures are reviewed in line with the nature of the data, the risks of processing and the available technology. If a personal data breach creates a legally reportable risk, FLOO will follow the notification duties established by the GDPR.

13. Cookies and Similar Technologies

The website may use cookies or similar technologies. Information about cookie categories, purposes, retention periods and user controls is available in the Cookie Policy.

14. Policy Updates

FLOO may update this Privacy Policy due to legal, technical or operational changes. The current version is always the one published on this page.

FLOO | Privacy Policy