Who is responsible for your data
DIEZ BESPOKE S.L. (“DIEZ”, “we”, “us”) is the data controller for the personal data collected through this website. We process it in line with Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR) and Spanish Organic Law 3/2018 on the protection of personal data and the guarantee of digital rights (LOPDGDD).
- Company
- DIEZ BESPOKE S.L.
- Tax ID (NIF)
- B21828801
- Registered office
- Avenida de la Resina 70, B11 BC, 29690 Estepona, Málaga, Spain
- Phone
- +34 690 380 502
- contact@diezbespoke.com
- Website
- diezbespoke.com
What data we collect
We only collect what we need, and most of it you give us directly.
- Enquiry and contact data. When you send a message through a contact, property, or campaign form, we collect your first and last name, email address, phone number, your message, and the properties you are interested in (including any you have saved to your shortlist and chosen to send). On some campaign forms we also ask about your budget, timeline, and what you are looking for. Fields marked with an asterisk are required to answer you; the rest are optional.
- Marketing preferences. Whether you have agreed to receive updates from us, together with a record of that consent (the date and the wording you agreed to).
- Technical data. When you visit the site, our hosting provider records standard server information such as your IP address, browser and device type, and the pages you view. This keeps the site secure and running.
- Analytics data (only with your consent). If you accept analytics cookies, we collect pseudonymised statistics about how the site is used, such as the pages visited and your approximate region.
- Advertising data (only with your consent). If you accept advertising cookies, our advertising partners may record how you interact with our ads and this website, to measure campaigns and show you relevant advertising.
Your saved-property shortlist is stored in your own browser, not on our servers, unless you choose to send it with an enquiry.
Why we use your data, and our legal basis
Under Article 6 of the GDPR, we rely on the following legal bases:
- Replying to your enquiry and advising you on property, arranging viewings or calls: steps taken at your request, and our legitimate interest in responding to you.
- Managing our relationship with you as a client or prospective client, and keeping a record of it in our CRM: our legitimate interest, and the steps you have asked us to take.
- Sending commercial updates, new listings, and our newsletter: your consent, which you can withdraw at any time.
- Measuring how the site is used (analytics): your consent.
- Advertising and remarketing across Google, Meta, and LinkedIn: your consent.
- Preventing spam, fraud, and abuse of our forms, and keeping the site secure: our legitimate interest.
- Meeting our legal, tax, and accounting obligations: compliance with a legal obligation.
We never sell your personal data.
Who we share your data with
We do not sell or rent your data. We share it only with the service providers that help us run the business and the website. Each of them acts as our data processor under a written agreement (contrato de encargado de tratamiento) and may only use the data on our instructions. They currently include:
- Zoho (Zoho Corporation B.V.): our CRM. It stores and manages the enquiries and client records described above.
- Google (Google Ireland Limited): website statistics through Google Analytics 4, advertising measurement through Google Ads, both delivered with Google Tag / Google Tag Manager, and Google Search Console for our search performance (which reports on the site as a whole and does not track individual visitors).
- Meta (Meta Platforms Ireland Limited): the Meta Pixel, used to measure and target our advertising on Facebook and Instagram.
- LinkedIn (LinkedIn Ireland Unlimited Company): the LinkedIn Insight Tag, used to measure and target our advertising on LinkedIn.
- Vercel (Vercel Inc.): hosts the website and processes the technical server logs described above.
- Sanity (Sanity AS): the content system behind the site. It holds the editorial content, not your enquiry data.
- Cloudflare (Cloudflare, Inc.): spam protection on our forms, where enabled.
We may also share data with our professional advisers (for example lawyers or accountants) and with public authorities or courts where the law requires it.
International data transfers
Some of these providers process data outside the European Economic Area, mainly in the United States. Where your data is transferred outside the EEA, it is protected by an approved safeguard: either the provider’s certification under the EU-US Data Privacy Framework, or the European Commission’s Standard Contractual Clauses, together with additional measures where they are needed. You can ask us for a copy of the safeguards that apply.
How long we keep your data
- Enquiry and client data: for as long as we are assisting you and our relationship is active, and then for the periods needed to defend legal claims and meet tax and accounting duties (generally up to six years for accounting records under Spanish law).
- Marketing data: until you unsubscribe or withdraw your consent.
- Analytics and advertising data: for the retention periods set by each provider, after which it is deleted or anonymised.
When data is no longer needed, we delete it securely or anonymise it.
Your rights
At any time, and free of charge, you can:
- access the personal data we hold about you
- have it corrected if it is wrong or incomplete
- have it deleted
- restrict or object to how we use it
- receive it in a portable format, or ask us to send it to another provider
- withdraw a consent you gave, without affecting the processing already carried out
To exercise any of these, write to us at contact@diezbespoke.com or at DIEZ BESPOKE S.L., Avenida de la Resina 70 B11 BC, 29690 Estepona (Málaga), telling us which right you wish to use. We may ask you to confirm your identity first.
If you believe we have not handled your data properly, you can complain to the Spanish Data Protection Agency (Agencia Española de Protección de Datos, www.aepd.es). We would, of course, appreciate the chance to put things right first.
Providing your data
The data we ask for in our forms is needed to answer your request and give you a proper service. The required fields are marked with an asterisk; if you do not provide them, we may not be able to help. You are responsible for making sure the details you give us are accurate and up to date, and for telling us if they change.
Security
We apply appropriate technical and organisational measures to protect your data against loss, misuse, and unauthorised access, in line with the GDPR and the LOPDGDD.
Children
This website and our services are intended for adults. We do not knowingly collect data from anyone under 18.
Automated decisions
We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing.
Changes to this policy
We may update this policy as our services or the law change. The date at the top shows when it was last revised, and any significant change will be made clear on this page.
Contact
For any question about this policy or your data, contact us at contact@diezbespoke.com or +34 690 380 502.