Funneld
ES EN
Book a call Buy leads
Product How it works Lead types Industries Pricing Referrals FAQ Login Book a call Request access Buy leads →
ES EN

GDPR information

Your rights as a data subject, the legal bases for processing and how to exercise your rights.

Effective date: 24 May 2026 Last updated: 24 May 2026 Version: 1.0

01Our GDPR commitment

FUNNELD LTD applies Regulation (EU) 2016/679 General Data Protection Regulation (GDPR) and the Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights (LOPDGDD) to all processing of personal data carried out in the course of its activity. This page summarises the safeguards we offer and the rights available to you.

02Controller and Data Protection Officer

Data controller: FUNNELD LTD
Operational address: Avenida Diputación 28, Local 1, 26200 Haro, La Rioja, España
Companies House no. 14582937 · VAT GB 438 1928 47
General email: admin@funneld.net
Data Protection Officer (DPO): dpo@funneld.net

03Legal bases for processing

Each processing activity relies on one of the legal bases provided in article 6 of the GDPR:

ProcessingLegal basisRetention
Performance of the contracted servicePerformance of contract (art. 6.1.b)Duration of contract + statutory periods
Invoicing and accounting obligationsLegal obligation (art. 6.1.c)6–10 years depending on regulation
Attention to commercial requestsConsent or pre-contractual measures (art. 6.1.a / 6.1.b)24 months from last contact
Own commercial communicationsConsent or legitimate interest (art. 6.1.a / 6.1.f)Until unsubscribed or consent withdrawn
Security and fraud preventionLegitimate interest (art. 6.1.f)12 months by default
Non-strictly-necessary cookiesConsentSee Cookie policy

04Your rights in detail

As a data subject you have the following rights over your personal data:

  • Right of access (art. 15 GDPR): obtain confirmation as to whether we are processing your data and, if so, access to it and to information about the processing.
  • Rectification (art. 16): correction of inaccurate or incomplete data.
  • Erasure / right to be forgotten (art. 17): deletion when no longer needed, when you withdraw consent or in the event of unlawful processing.
  • Restriction of processing (art. 18): temporary blocking when you contest accuracy, object or processing is unlawful.
  • Portability (art. 20): receive the data in a structured, commonly used format (JSON, CSV) or have us transmit it to another controller.
  • Objection (art. 21): object to processing on grounds related to your particular situation, including direct marketing.
  • Not to be subject to automated decisions (art. 22): including profiling, with legal or significant effects.
  • Withdrawal of consent at any time, without retroactive effect.
  • Complaint before a supervisory authority: Spanish Data Protection Agency (www.aepd.es).

05How to exercise your rights

To exercise any of your rights you may email dpo@funneld.net stating:

  1. The right you wish to exercise.
  2. Your first name, last name and company.
  3. A copy of your ID (or an equivalent verification method) to prove your identity.
  4. An address for notification.
  5. Any additional data or document that helps locate the information.

Exercising your rights is free of charge. We will respond within a maximum of one month from receipt, extendable to two months when the request is particularly complex, and we will inform you of any delay in accordance with art. 12.3 GDPR.

06Security breaches

We apply detection, containment and notification processes for security breaches in accordance with articles 33 and 34 of the GDPR:

  • Notification to the Spanish Data Protection Agency within a maximum of 72 hours of awareness, when the breach may pose a risk to the rights and freedoms of data subjects.
  • Communication to affected data subjects when the breach entails a high risk to their rights and freedoms.
  • Maintenance of an internal incident register with analysis, measures adopted and lessons learned.

07Privacy by design and by default

We apply the principle of privacy by design (art. 25 GDPR) in the development of new products, integrating protection measures from the planning stage. By default, we collect only the strictly necessary data and apply the most restrictive visibility levels.

08Processors and international transfers

For more information on our data processors, international transfers and applied security measures, see the Privacy policy and the Security policy.

Questions about this document?

For any question about this document, the processing of your data or your rights, contact our team. We reply within 24 working hours.

admin@funneld.net dpo@funneld.net Contact form →

Other legal documents

Legal documentPrivacy policy Legal documentTerms and conditions Legal documentCookie policy Legal documentSecurity policy