This Privacy Policy aims to inform you, in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR), the Spanish Organic Law 3/2018 of December 5 on Personal Data Protection and Guarantee of Digital Rights, and its implementing regulations, both national and European, how we obtain, process, and protect the personal data you provide or that we collect via forms or cookies on our website https://epikacomunicacion.com/ (hereinafter, “the website”), so that you can freely and voluntarily decide whether to allow us to process it.
The website is owned by Epika Comunicación, S.L.U., hereinafter EPIKA, with tax ID B67963710, and registered office at Calle Serrano, 42-4ºA, 28001 Madrid, Spain. It is registered in the Mercantile Registry of Madrid, Volume 43098, Folio 180, Sheet M-761600, First Entry.
The company responsible for processing your data is Epika Comunicación, S.L.U., hereinafter EPIKA, with tax ID B67963710, and registered office at Calle Serrano, 42-4ºA, 28001 Madrid, Spain.
The Data Protection Officer (DPO) is the person designated by EPIKA to ensure compliance with current data protection regulations. If you consider that your rights and freedoms regarding data protection have not been respected, you can contact the DPO at dpo@epikacomunicacion.com or by postal mail to DPO, Calle Serrano, 42-4ºA, 28001 Madrid, Spain.
This Privacy Policy aims to inform you how personal data is collected, processed, and protected when you fill out forms on the website, so that you can freely and voluntarily decide whether to provide your personal data.
EPIKA provides technical resources to allow you to access this Privacy Policy and any other relevant information on personal data protection before submitting any personal data.
Accessing and using the website implies full acceptance of the terms and conditions outlined in this Privacy Policy, as well as the provisions in the Legal Notice, together constituting the applicable legal texts. You can find these links at the bottom of the registration form.
It is important to read these legal texts carefully each time you use the website, as they may be updated due to legislative or judicial changes or business needs.
This Privacy Policy applies only to personal data collected through the website and not to other third-party websites or other sites owned by EPIKA. You should review the privacy policies of any other websites you visit.
Through the forms on the website, EPIKA may collect the following personal information: full name, organization, email address, postal address, city, province, country, postal code, and any data necessary to request a service.
These data will be included in automated personal data files owned by EPIKA, which guarantees the confidentiality and compliance with all applicable regulations.
All fields in the forms are mandatory; omitting any may prevent the processing of your request for participation in contests or promotions.
By clicking the “Register” button or equivalent, you declare that the information provided is accurate and truthful. You must promptly update any personal data that changes or rectify any errors detected.
If you provide third-party personal data, you are responsible for informing them and obtaining their explicit consent for EPIKA to process their data, as required by Article 14 of the GDPR.
Through the website https://epikacomunicacion.com/, we collect contact data (name, surname, phone, email, postal code), gender, and all essential data required for service requests and to provide commercial information on products and services that may be of interest.
The purposes of data collection include:
Managing user requests submitted via the website, including contact forms, other online forms, or email. Requests may involve service requests, order management, response to commercial information requests, job applications, newsletter subscriptions, blog interactions, or other user interactions with EPIKA.
Processing data for commercial purposes, subject to prior consent, in accordance with the “Commercial Communications” section.
Personalizing the website experience, including targeted advertising or employment content.
Responding to questions, complaints, comments, or concerns regarding the website and resolving issues related to personal data processing or legal texts on the website.
Data processing is based on the consent you provide, which can be withdrawn at any time without affecting the lawfulness of prior processing. Providing data is voluntary; however, if not provided, your request cannot be processed.
Personal data will be retained as long as you are interested in requesting services or receiving communications from EPIKA and selected third parties. Data may be retained as a communication history, following legal deadlines and referencing the last communication with EPIKA, unless you exercise your right to deletion, in which case all personal data will be destroyed promptly.
In compliance with the GDPR and Spanish data protection laws, personal data collected via the website forms will be incorporated into automated personal data files owned by EPIKA, which ensures confidentiality and compliance with applicable regulations.
By submitting data via registration forms, you declare that the information is accurate. You must promptly update your personal data or correct errors.
If providing third-party personal data, you are responsible for informing the third parties and obtaining their explicit consent.
Data processing is based on your free, informed, specific, and unequivocal consent provided when submitting your personal data for requested services or receiving commercial information.
Consent can be withdrawn at any time without affecting the lawfulness of previous processing.
By checking the “I accept the privacy policy” box, you provide explicit consent to receive commercial communications about products or services from EPIKA and selected third parties in various sectors (employment, IT, leisure, food, furniture, antiques, decoration, associations, auctions, DIY, energy, pets, financial services, real estate, automotive, fashion, travel, children’s products, music, health, sports, wholesale trade of tobacco, insurance, etc.).
Communications may be sent via email, phone, SMS, messaging apps, social media, push notifications, postal mail, or other electronic means.
Profiling may be performed using automated decision-making to evaluate preferences, interests, behaviors, location, and tastes, for sending personalized communications.
You may withdraw consent at any time by contacting EPIKA via postal mail or email dpo@epikacomunicacion.com, providing proof of identity, or using the unsubscribe link in communications.
By checking the “Authorize sharing my data with partner companies for commercial communications” box, you consent to EPIKA sharing your personal data with collaborating companies solely for sending commercial information relevant to the sectors or services indicated.
If these companies process your data on behalf of EPIKA, they act as data processors under Article 28 GDPR and Spanish law, bound by contracts to ensure adequate protection of your data.
Consent is free, specific, informed, and unequivocal, and can be revoked at any time without retroactive effect.
To provide services, your personal data may be processed by third parties as data processors under EPIKA’s instructions.
Servers may be located outside the EU. If protection levels are not equivalent to EU law, EPIKA will adopt necessary measures to safeguard rights and data security.
Any subcontracted services will include agreements ensuring proper data handling and protection of your rights.
EPIKA has implemented technical and organizational measures to ensure adequate security according to the risks of personal data processing, in compliance with Article 32 GDPR. EPIKA has achieved ISO/IEC 27001:2022 certification for its Information Security Management System.
Measures include preserving confidentiality, integrity, availability, and resilience, with protocols for rapid restoration in case of incidents.
Data transmitted over the Internet carries inherent risks; any personal data transmitted is at your own responsibility.
EPIKA periodically reviews security measures. In case of a data breach, EPIKA activates internal protocols, assesses risk, notifies the Spanish Data Protection Agency within 72 hours, and informs affected individuals if risks are high.
EPIKA treats personal data with strict confidentiality, implementing all necessary measures to prevent alteration, loss, unauthorized processing, or access, in accordance with legal obligations.
Minors cannot participate on the website without parental or legal guardian consent. Parents are responsible for all actions taken by minors, including form submissions. EPIKA is not responsible for unsupervised minor activity.
You have the right to:
Access your personal data and obtain copies.
Rectify or delete inaccurate or incomplete data.
Limit processing in certain circumstances.
Object to processing, including commercial communications.
Data portability.
Withdraw consent.
Not be subject to automated decisions, including profiling.
Right to erasure (“right to be forgotten”).
Rights can be exercised by contacting dpo@epikacomunicacion.com or the postal address. Complaints may be filed with the AEPD (www.aepd.es).
To opt-out of commercial communications, send an email to dpo@epikacomunicacion.com or use unsubscribe links in messages.
This Privacy Policy may be updated; review it periodically, ideally each time you visit the website. Links to the Privacy Policy and Legal Notice are at the footer.
EPIKA does not transfer data outside the EEA.
For questions regarding this Privacy Policy, contact EPIKA at hola@epikacomunicacion.com.
Spanish law governs all disputes related to this website. Competent courts are in Madrid.
This Privacy Policy was last updated on October 1, 2025. Legal advice was provided by Vázquez Legal, S.L.P.U.
Some processing may involve AI components for service improvement, data analysis, or user experience personalization.
No fully automated decisions producing legal or significant effects will be made without significant human intervention, in accordance with Article 22 GDPR.
AI operations are transparent, explaining logic, purpose, and intended consequences.
AI processing follows GDPR principles: lawfulness, fairness, transparency, minimization, accuracy, and security. Risk assessments are conducted where processing may impact rights and freedoms.
Technical, organizational, and security measures are adopted to ensure compliance with data protection and ethical standards.
Users may exercise their rights (access, rectification, erasure, objection, limitation, portability, and not being subject to automated decisions) by contacting the DPO at dpo@epikacomunicacion.com or postal address.
AI processing by the Data Controller complies with AEPD guidelines on GDPR adequacy for AI-enabled processing.
