Legal

Privacy Policy

⚠️ This document is a placeholder pending Spanish-counsel review per the ibizaambassadors research brief, risk register (legal/regulatory). Do not deploy to production without an AEPD-compliant final version.

Ibiza Ambassadors is operated by Ibiza Ecosystem, Islas Baleares, Spain. We process personal data in accordance with the GDPR (Regulation (EU) 2016/679) and Spanish data-protection law (LOPDGDD 3/2018), under the supervision of the Agencia Española de Protección de Datos (AEPD).

The final version will cover at minimum:

• Data controller identity and DPO contact
• Lawful bases for processing (Art. 6 GDPR)
• Categories of personal data collected
• Retention periods
• Recipients of data (auth-service, payment-service, affiliate-service, print-on-demand vendors, Spanish tax authorities)
• Your rights under GDPR Art. 15–22, including the right to erasure and how it interacts with referral-tree integrity (per ADR-AMB-001)
• Cross-border transfers (EU print partners only)
• Cookie policy and consent mechanism
• Anti-fraud and KYC processing (necessary for autónomo tax compliance)