Privacy Policy
Below is the Privacy Policy governing the website and mobile application managed by CTP ONE TECH S.L., hereinafter referred to as CTP ONE TECH, owned by said company.
Please take a few minutes to read this Privacy Policy carefully.
Our goal is to explain in a simple, clear, and transparent way how we process and protect your personal information and what your rights are.
Your privacy and the security of your personal data are of fundamental importance to us. We handle them with the utmost care, in full compliance with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 (LOPDGDD).
§1. Data Controller
Company name:
CTP ONE TECH S.L.
Registered address:
Avenida Perfecto Palacio de la Fuente, 1, 03003 Alicante (Spain)
NIF: B19854348
Telephone: […]
Email: privacy@ctp-onetech.com
Data Protection Officer (DPO): privacy@ctp-onetech.com
CTP ONE TECH is the entity responsible for processing personal data collected through its website and mobile application. The company guarantees that such processing is carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, integrity, and confidentiality.
§2. Categories of personal data processed
Depending on the services or forms used, CTP ONE TECH may process the following categories of personal data:
Identification data (name, surname, NIF, email address, telephone number).
Professional or business contact details (company name, position, country, language).
Browsing and usage data (IP address, access logs, device, browser, session identifiers).
Communication data (messages or queries sent via form or email).
Any other information voluntarily provided by the user.
Special categories of personal data (such as health, ideology, or religion) are not processed.
§3. Purposes and Legal bases of processing
Purposes of processing
The personal data provided by the user are processed for the following purposes:
a) Registration and maintenance of the user account.
b) Facilitating communication with agencies and agents through the Casamira platform.
c) Sending notifications about activity within the application.
d) Providing after-sales services and incident management.
e) Sending commercial and promotional communications, subject to prior consent.
f) Compliance with applicable legal obligations.
Legal bases of processing
The processing is lawfully based on Article 6(1)(a), (b), and (f) of the GDPR:
Consent of the data subject, for commercial communications or voluntary forms.
Performance of a contract or pre-contractual measures, for account management and service provision.
Legitimate interest of the controller, to ensure the proper functioning of the platform and user support.
Summary table of legal bases
Purpose of processing | Legal basis |
User account management | Performance of a contract (Art. 6(1)(b) GDPR) |
Communication with agencies / agents | Legitimate interest (Art. 6(1)(f) GDPR) |
Sending notifications | Consent (Art. 6(1)(a) GDPR) |
Commercial communications | Consent (Art. 6(1)(a) GDPR) |
After-sales and support services | Performance of a contract (Art. 6(1)(b) GDPR) |
Compliance with legal obligations | Legal obligation (Art. 6(1)(c) GDPR) |
§4. Data Recipients
Data may be shared with agencies using the Casamira platform, acting as independent data controllers for their respective clients.
Data may also be processed by data processors collaborating with CTP ONE TECH, such as hosting providers, electronic communications, analytics, or technical support service providers.
All processors have signed confidentiality and data protection agreements as required under Article 28 of the GDPR.
No personal data will be transferred to third parties unless required by law or by judicial order.
§5. International data transfers
No international transfers of data outside the European Economic Area (EEA) are carried out, unless expressly and knowingly authorised by the user.
In the event of such transfers, CTP ONE TECH will ensure the existence of adequate safeguards in accordance with Articles 44–49 of the GDPR (such as standard contractual clauses or adequacy decisions).
§6. Data retention period
Data will be retained as long as the user’s account remains active and, once deleted, for a maximum period of two (2) years, unless a longer retention period is legally required.
After this period, the data will be securely deleted or anonymised.
§7. Users rights
Users may exercise the rights granted under the GDPR and the LOPDGDD, including:
Right of access: to know which data are processed and for what purpose.
Right to rectification: to correct inaccurate or incomplete data.
Right to erasure: to request the deletion of data when they are no longer necessary or consent has been withdrawn.
Right to restriction of processing: to limit processing in certain situations.
Right to object: to object to processing based on personal grounds.
Right to data portability: to receive or transfer their data in a structured, machine-readable format.
Right not to be subject to automated decision-making, including profiling.
To exercise any of these rights, users may send a written request to: privacy@ctp-onetech.com, attaching a copy of their ID card (DNI) or other identification document.
Users may also file a complaint with the Spanish Data Protection Agency (AEPD) through www.aepd.es
§8. Withdrawal of consent
Users may withdraw their consent to data processing at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
§9. Minor’s data
CTP ONE TECH services are not intended for minors under 14 years of age.
If registration or data submission by a minor is detected, such data will be immediately deleted.
§10. Cookies and similar technologies
CTP ONE TECH uses technical cookies and, subject to the user’s consent, analytical or personalisation cookies to enhance browsing experience.
Further details can be found in the Cookies Policy, accessible from any page of the website or within the application.
§11. Automated decisions and profiling
CTP ONE TECH does not carry out automated decision-making processes that produce legal effects concerning the user, nor does it engage in profiling based solely on automated data processing.
§12. Social media
CTP ONE TECH maintains profiles on social media platforms (e.g., LinkedIn, Instagram, or similar) for corporate communication and interaction with users.
Data processing on these platforms is governed both by this Privacy Policy and by the respective privacy policies of each platform.
§13. Data security
CTP ONE TECH applies appropriate technical and organisational measures to ensure the confidentiality, integrity, and availability of the personal data it processes.
Implemented measures include:
Encryption of electronic communications;
Access control systems;
Regular data backups;
Internal audits and periodic reviews;
Data protection training for staff.
These measures are implemented in accordance with Article 32 of the GDPR, taking into account the state of the art, implementation costs, and the risks associated with processing.
§14. Regulatory compliance
CTP ONE TECH regularly reviews and updates its internal procedures to ensure compliance with applicable data protection, information security, and confidentiality regulations.
§15. Amendments to the Policy
CTP ONE TECH reserves the right to amend this Privacy Policy to adapt it to future legislative, doctrinal, or judicial developments, or for technical, operational, or business reasons.
Any modifications will be published on the website or within the application and, where relevant, users will be clearly and promptly notified.
Effective date: November 1, 2025
Last updated: October 2025
§16. Contact details
CTP ONE TECH S.L.
Avenida Perfecto Palacio de la Fuente, 1
03003 Alicante (Hiszpania)