Privacy Policy

Last updated: May 2026

This privacy policy explains how WallNav collects, uses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR — Regulation 2016/679) and the Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights (LOPDGDD).

1. Data controller

Identity: Luis Berián Luna

Address: 31190, Cizur Menor, Navarra, Spain

Email: privacy@wallnav.com

2. Data we collect

We only collect personal data that you voluntarily provide through the contact form on this website:

• Full name
• Company or organization name
• Email address
• Inquiry type (partnership, enterprise, investment, other)
• Message content

We do not collect personal data automatically. We do not use analytics tools, advertising trackers, or social media pixels. We do not process any special categories of personal data (Art. 9 GDPR).

3. Purpose and legal basis

We process your personal data for the following purposes:

• Responding to your inquiry: to evaluate and respond to partnership, enterprise, or investment inquiries you submit. Legal basis: your consent, given by voluntarily submitting the form (Art. 6(1)(a) GDPR).
• Managing business relationships: to communicate with you if a business relationship is initiated. Legal basis: our legitimate interest in conducting business (Art. 6(1)(f) GDPR).
• Legal compliance: to comply with applicable legal obligations. Legal basis: compliance with a legal obligation (Art. 6(1)(c) GDPR).

4. Data recipients

Your personal data will not be sold, rented, or shared with third parties for marketing purposes. Data may be disclosed to:

• Form processing service: Web3Forms (or equivalent), solely for the purpose of delivering your submission to us. This processor acts under a data processing agreement and does not retain your data beyond delivery.
• Hosting provider: Cloudflare, Inc., which provides hosting infrastructure and processes data in accordance with its Data Processing Addendum and applicable Standard Contractual Clauses.
• Legal authorities: if required by law or judicial order.

5. International transfers

Our primary data processing occurs within the European Economic Area (EEA). Where data processors are located outside the EEA (e.g. Cloudflare infrastructure in the United States), transfers are safeguarded by Standard Contractual Clauses (Art. 46(2)(c) GDPR) or an adequacy decision of the European Commission, as applicable.

6. Data retention

Contact form submissions are retained for a maximum of 24 months from the date of submission. If a business relationship is established, data will be retained for the duration of the relationship plus the legally required retention period under Spanish commercial and tax law (generally 6 years under Art. 30 of the Commercial Code). When the retention period expires, data will be securely deleted or anonymized.

7. Your rights

Under the GDPR and the LOPDGDD, you have the following rights:

• Access (Art. 15 GDPR): to obtain confirmation of whether your data is being processed and to access it.
• Rectification (Art. 16 GDPR): to have inaccurate data corrected.
• Erasure (Art. 17 GDPR): to request deletion when data is no longer necessary.
• Restriction (Art. 18 GDPR): to request limited processing in certain circumstances.
• Portability (Art. 20 GDPR): to receive your data in a structured, machine-readable format.
• Objection (Art. 21 GDPR): to object to processing based on legitimate interest.
• Withdraw consent (Art. 7(3) GDPR): at any time, without affecting prior processing.

To exercise any of these rights, contact privacy@wallnav.com with proof of identity. We will respond within one month (Art. 12(3) GDPR).

8. Security

We implement appropriate technical and organizational measures to protect your personal data, including encrypted communications (TLS/HTTPS), access controls, and secure hosting infrastructure.

9. Minors

This website is not directed at individuals under the age of 16. We do not knowingly collect personal data from minors.

10. Complaints

You have the right to lodge a complaint with the competent supervisory authority:

Agencia Española de Protección de Datos (AEPD)
C/ Jorge Juan 6, 28001 Madrid, Spain
www.aepd.es

11. Changes

We may update this policy to reflect changes in our practices or applicable law. Changes will be posted on this page with an updated revision date.