Privacy Policy
Last updated: 10 April 2026
At Consultoría Vacacional, S.L. we take the privacy and protection of personal data of users of the website optimizabnb.es very seriously. This Privacy Policy describes, in compliance with Regulation (EU) 2016/679 General Data Protection Regulation (GDPR) and Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), how we collect and process your information.
1. Data controller
Controller: Consultoría Vacacional, S.L.
Tax ID (CIF): B19449552
Address: Calle Esperanza 6, Bajo B, 41009 Seville, Spain
Email: travelcapitales@gmail.com
Phone: +34 685 32 89 88
2. Purposes of processing
We process the personal data you provide to us for the following purposes:
- To respond to your free audit request or any other inquiry sent via the contact form, email, WhatsApp or phone.
- To manage the contractual relationship if you decide to hire our optimization services.
- To send commercial communications related to our services, only when you have given explicit consent or there is a legitimate interest derived from a prior relationship.
- To comply with legal obligations on the controller (tax, accounting, commercial).
3. Legal basis for processing
The legal bases legitimizing the processing of your data are:
- Consent of the data subject (Art. 6.1.a GDPR): by ticking the acceptance box on the contact form or by starting a conversation with us on WhatsApp, you expressly accept the processing of your data for the purposes indicated.
- Performance of a contract (Art. 6.1.b GDPR): when processing is necessary to provide a contracted service.
- Legal obligation (Art. 6.1.c GDPR): to comply with tax, accounting and commercial obligations.
- Legitimate interest (Art. 6.1.f GDPR): for commercial communications to existing clients about services similar to those already contracted, and for fraud prevention.
4. Categories of data processed
The personal data we process is strictly necessary for the purposes indicated:
- Identification data: name.
- Contact data: email, phone, WhatsApp.
- Listing information: URL of the Airbnb, Booking or other platform listing you wish to optimize.
- Billing data (only if hired): tax address, VAT/Tax ID.
- Technical metadata: IP address, browser type and browsing data, only if you have consented to analytics cookies.
We do not process special categories of data (health, sexual orientation, religion, political opinions, etc.).
5. Retention period
Personal data will be kept for the time strictly necessary to fulfill the purpose for which it was collected and, in any case:
- Form user data without subsequent contract: up to 12 months from the last communication, at which point it will be deleted or anonymized.
- Client data with contract: during the validity of the commercial relationship and, subsequently, up to 6 years for tax, accounting and commercial obligations (Art. 30 of the Spanish Commercial Code and Law 58/2003 General Tax Law).
- Data processed on the basis of consent for commercial communications: until the data subject withdraws said consent.
6. Recipients and international transfers
Data may be communicated to the following recipients exclusively for the provision of the service:
| Recipient | Purpose | Country / Safeguards |
|---|---|---|
| FormSubmit.co | Technical processing of the contact form. | United States. Transfer covered by Standard Contractual Clauses approved by the European Commission and/or adherence to the EU-US Data Privacy Framework. |
| Google LLC (Gmail / Google Workspace) | Receipt and storage of emails. | United States. Adherent to the EU-US Data Privacy Framework. |
| Meta Platforms Ireland Ltd. (WhatsApp) | Messaging communication when the user initiates contact. | Ireland (EU) and internal transfers to the group with appropriate safeguards. |
| Hostinger International Ltd. | Website hosting. | Lithuania / European Union. |
| Public administrations, judges and courts | When there is a legal obligation. | Spain / European Union. |
Beyond the recipients indicated, we do not sell or transfer your data to third parties for commercial purposes.
7. Rights of the data subject
As data subject, the GDPR and LOPDGDD grant you the following rights:
- Access: to know what personal data of yours we process.
- Rectification: to request the modification of inaccurate or incomplete data.
- Erasure ("right to be forgotten"): to request the deletion of your data when it is no longer necessary.
- Restriction of processing: to request that we restrict processing in certain cases.
- Objection: to object to processing based on legitimate interest.
- Portability: to receive your data in a structured, commonly used and machine-readable format and transmit it to another controller.
- Withdraw consent at any time, without affecting the lawfulness of prior processing.
- Not to be subject to automated individual decisions that produce legal or significant effects on you.
- To lodge a complaint with the Spanish Data Protection Agency (AEPD) if you consider that the processing does not comply with current regulations: www.aepd.es.
To exercise any of these rights, send us an email to travelcapitales@gmail.com with the subject "GDPR rights request" and attach a copy of your ID or equivalent identification document. We will respond within a maximum of 30 days from receipt of your request.
8. Security measures
We have implemented the technical and organizational measures necessary to guarantee the security of your data and prevent its alteration, loss, unauthorized processing or access, in accordance with Article 32 of the GDPR. Among others, we use HTTPS encryption throughout the website, credential-restricted access to the mailbox and periodic backups.
9. Minors
The Website and services are exclusively directed at adults over 18 years of age. We do not intentionally process data of minors. If we detect that we have received data from a minor without the consent of their legal representative, we will delete it immediately.
10. Changes to this policy
We reserve the right to modify this Privacy Policy to adapt it to legislative, jurisprudential or professional practice changes. In such cases, we will announce changes with reasonable advance notice on this same page and update the "Last updated" date. We recommend reviewing it periodically.