Privacy Policy

This Privacy Policy explains how HVL Stores S.L.U. ("Finium Legal", "we", "us", or "our") collects, uses, discloses, and protects your personal data when you use our website and services.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Spanish Organic Law 3/2018 on Personal Data Protection and Guarantee of Digital Rights.

1. Data Controller

The data controller responsible for your personal data is:

2. Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Information You Provide

• Account Information: Name, email address, phone number, company name
• Payment Information: Billing address, payment card details (processed securely by third-party payment processors)
• Profile Information: Professional details, industry, company size
• Communications: Messages, inquiries, and support requests
• Social Media Data: With your consent, we may access comments and content from connected social media platforms

2.2 Information Automatically Collected

• Technical Data: IP address, browser type, device information, operating system
• Usage Data: Pages visited, time spent, click patterns, features used
• Cookies and Tracking: Data collected through cookies and similar technologies (see Cookie Policy)

2.3 Information from Third Parties

• Social media platforms (when you authorize access)
• Payment processors
• Analytics providers
• Business partners and affiliates

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Contract Performance (Art. 6(1)(b) GDPR): To provide our services and fulfill our contractual obligations
• Consent (Art. 6(1)(a) GDPR): When you explicitly consent to specific processing activities
• Legitimate Interests (Art. 6(1)(f) GDPR): For business operations, security, and service improvement
• Legal Obligation (Art. 6(1)(c) GDPR): To comply with legal requirements and law enforcement requests

4. How We Use Your Personal Data

We use your personal data for the following purposes:

• Service Delivery: Provide, maintain, and improve our reputation management and legal services
• Account Management: Create and manage your account, process registrations
• Payment Processing: Process transactions and manage billing
• AI Analysis: Analyze social media content for hate speech detection and threat assessment
• Legal Support: Prepare evidence packages and legal documentation
• Communication: Send service updates, respond to inquiries, provide customer support
• Marketing: Send promotional materials (with your consent, and you may opt-out at any time)
• Security: Detect and prevent fraud, abuse, and security incidents
• Compliance: Fulfill legal obligations and enforce our terms
• Analytics: Understand usage patterns and improve our services

5. Data Sharing and Disclosure

We may share your personal data with:

5.1 Service Providers

We engage third-party companies to perform services on our behalf, including:

• Cloud hosting and infrastructure providers
• Payment processors and financial institutions
• Analytics and monitoring services
• Customer support platforms
• Marketing and communication tools

All service providers are contractually bound to protect your data and use it only for specified purposes.

5.2 Legal Professionals

With your consent, we may share relevant information with lawyers and legal professionals to facilitate legal proceedings and representation.

5.3 Legal Requirements

We may disclose your data when required by law or to:

• Comply with legal obligations, court orders, or government requests
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Enforce our Terms of Service

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to this Privacy Policy.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• European Commission approved Standard Contractual Clauses
• Adequacy decisions recognizing equivalent data protection levels
• Binding Corporate Rules
• Your explicit consent for the transfer

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods vary based on:

• Account Data: Retained while your account is active and for a reasonable period after closure
• Transaction Records: Retained for 7 years for tax and accounting purposes
• Legal Evidence: Retained as required for legal proceedings and statute of limitations
• Marketing Data: Retained until you withdraw consent or for 2 years of inactivity

8. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

• Right of Access (Art. 15): Request a copy of your personal data
• Right to Rectification (Art. 16): Correct inaccurate or incomplete data
• Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
• Right to Restriction (Art. 18): Limit how we process your data
• Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
• Right to Object (Art. 21): Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
• Right to Lodge a Complaint: File a complaint with a supervisory authority

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

• Encryption of data in transit and at rest (TLS/SSL, AES-256)
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response and breach notification procedures

While we strive to protect your data, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content. For detailed information, please see our Cookie Policy.

You can manage cookie preferences through your browser settings or our cookie consent tool.

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will promptly delete the data.

12. Automated Decision-Making

Our AI-powered services may involve automated processing and profiling to assess reputation risks and identify potential legal issues. You have the right to:

• Be informed about the logic involved in automated decision-making
• Contest automated decisions that significantly affect you
• Request human intervention and review

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated via email or prominent notice on our website. Your continued use of our services after such changes constitutes acceptance of the updated policy.

15. Supervisory Authority

If you have concerns about how we process your personal data, you have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos):

16. Contact Us

For questions, concerns, or to exercise your data protection rights, please contact us:

Last updated: February 3, 2026