Roca Studio · Legal information
Privacy Policy
A clear explanation of what data we may receive, what we use it for and how you can exercise your rights.
Last update · July 12, 2026
Responsible for the treatment
- Responsable
- Mario Carlos Roca Peñafiel, under the commercial name Roca Studio
- NIF/NIE
- Y6921439V
- Domicilio
- Calle Ronda 4, Yuncler, 45529, Toledo, Spain
- Privacy and rights
- contacto@roca.studio
Data that we can process
We only process the information necessary to attend a conversation or provide a service. Depending on the channel and relationship, it may include:
- name, email, telephone number and professional information;
- company, website, services of interest, budget and deadlines;
- messages, documentation and materials that you decide to share;
- contractual, billing and payment data when there is a professional relationship;
- minimum technical data that the hosting provider can register to serve and protect the site, such as IP address, date, requested browser or security incidents.
Purposes and legal bases
Inquiries and budgets
We use the data to respond, assess the fit, prepare a proposal and maintain pre-project conversations. The base legal is the application of pre-contractual measures requested by the person concerned and, where applicable, his or her consent to the chosen channel.
Service provision
If a project is formalized, we process the data to manage the scope, communication, deliveries, billing and compliance with agreed obligations. The legal bases are the execution of the contract and compliance with legal obligations.
Security and defense of rights
We may retain evidence of communications or incidents when necessary to protect the site, prevent abuse or address a claim. The basis is the legitimate interest in maintaining security and defend rights, weighed against the interests of the people.
Commercial communications
The website does not currently include a newsletter subscription nor does it send automatic commercial communications. If enabled, it would ask the corresponding consent or another permitted basis would apply by law, always offering a simple way to stop receive them.
Conservation periods
Queries that do not become a project will be kept for the time necessary to attend to them and, in general, no more than twelve months since the last interaction, unless there is a reason legitimate to keep them for longer.
When there is a contractual relationship, the data will be kept while it is active and then blocked during the legal deadlines tax, accounting and liability. The data will be deleted or They will be anonymized when they are no longer necessary.
Recipients and suppliers
We do not sell personal data. They can be accessed by providers who help operate mail, hosting, storage, billing or work tools, always under the required guarantees. Also may be communicated to consultancies, financial entities or public administrations when necessary for the service or requires the law.
If you choose to contact us through WhatsApp, Instagram or another platform external, that company will process the data in accordance with its own conditions. Some providers may operate outside the Space European Economic; In that case, mechanisms of transfer recognized by the applicable regulations when they are necessary.
Your rights
You can request access, rectification, deletion, opposition, limitation or portability of your data, and withdraw consent without affecting the legality of the prior treatment. you also have right not to be subject to decisions based solely on automated treatments; Roca Studio does not carry out this type of decisions or create automated profiles.
To exercise them, write to contacto@roca.studio and indicate which right you wish to exercise. Only additional information will be requested if necessary to verify identity. The exercise is free in the legal terms.
If you consider that your request has not been attended to correctly, you can file a claim with the Spanish Data Protection Agency .
Safety, minors and changes
Reasonable measures are taken to protect information from unauthorized access, loss or alteration. No system is infallible, so it is advisable not to send information especially sensitive that is not necessary to evaluate or develop a project.
The services are directed to professionals and organizations, not to under fourteen years old. If data sent by a minor is detected without authorization, they will be deleted where appropriate.
This policy will be updated if channels, providers, treatments or legal requirements. The upper date identifies the current version.