Privacy Policy
Last updated: January 2026
1. Data controller
Fiduciaryrt Inversiones S.L. (hereinafter, "Fiduciaryrt"), with Tax ID B-87654321 and registered office at Calle de Serrano 45, 3rd Floor, 28001 Madrid, Spain, is the data controller for personal data collected through this digital platform. You may contact our Data Protection Officer at dpd@fiduciaryrt.com.
2. Personal data we collect
We collect the data you provide directly when using our services: full name, email address, and the content of messages you send through the contact form. Additionally, we may automatically collect technical data such as your IP address, browser type, operating system, pages visited, and time spent on the site, through cookies and similar technologies.
3. Purposes of data processing
Your personal data is processed for the following purposes: responding to inquiries and requests sent through the contact form; providing information about our real estate crowdlending services; complying with legal and regulatory obligations applicable to our activity as a participative financing platform; improving the browsing experience and functionality of our platform; and, where applicable, sending commercial communications about our services provided you have given your express consent.
4. Legal basis for processing
The processing of your data is based on: your explicit consent when completing and submitting the contact form (Art. 6.1.a GDPR); the execution or application of pre-contractual measures (Art. 6.1.b GDPR); compliance with legal obligations, including CNMV regulations and Law 5/2015 on the promotion of business financing (Art. 6.1.c GDPR); and our legitimate interest in improving our services and preventing fraud (Art. 6.1.f GDPR).
5. Data retention
Personal data provided through the contact form will be retained for as long as necessary to manage your inquiry and, once resolved, for the legally required period to address potential liabilities. Browsing data is retained for a maximum period of 13 months in accordance with AEPD guidelines.
6. Data recipients
We do not transfer your personal data to third parties, except when legally required. We may share data with service providers acting as data processors (for example, web hosting and email service providers), always under contracts that ensure the protection of your data in accordance with the GDPR.
7. International transfers
We do not carry out international data transfers outside the European Economic Area. In the exceptional case that this becomes necessary, appropriate safeguards would be adopted in accordance with Chapter V of the GDPR, such as Standard Contractual Clauses approved by the European Commission.
8. Data subject rights
You have the right to access, rectify, delete, object to the processing, request restriction, and portability of your personal data. To exercise these rights, send an email to dpd@fiduciaryrt.com attaching a copy of your ID or equivalent identification document. If you believe your rights have been violated, you may file a complaint with the Spanish Data Protection Agency (www.aepd.es).
9. Data security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption, role-based access controls, periodic security audits, and ongoing staff training in data protection matters.
10. Changes to this policy
We reserve the right to update this Privacy Policy to adapt it to legislative or case law developments, as well as changes in our practices. Any modification will be published on this page with the date of last update. We recommend reviewing it periodically.