Legal

Privacy Policy

How we handle your personal data when you visit this site or contact us about a project.

Last updated: April 2026

1. Who we are

This website is operated by Inside Earth, with headquarters at Av. d'Ernest Lluch 32, Parque TecnoCampus, Mataró, Barcelona 08302, Spain. For privacy questions, contact us at [email protected].

2. What we collect

We collect only what we need to respond to inquiries, deliver services, and operate the website:

  • Contact data you submit via forms: name, work email, company, project details, and any context you include in your message.
  • Technical data automatically recorded when you visit: IP address, browser type, device, pages viewed, referring URL, and approximate location.
  • Marketing attribution (UTM parameters, referrer) captured when you arrive from a campaign or external link.

3. How we use it

  • Respond to your inquiry and scope a project.
  • Deliver and support any services we provide to you or your organization.
  • Improve the website, measure marketing performance, and diagnose technical issues.
  • Comply with legal and regulatory obligations.

We do not sell personal data. We do not use it for automated decision-making that has legal or similarly significant effects on you.

4. Legal basis (GDPR)

We rely on the following legal bases under the EU General Data Protection Regulation:

  • Consent — for marketing communications and non-essential cookies.
  • Contract — to respond to project inquiries and deliver services you've engaged us for.
  • Legitimate interests — to operate the website securely, prevent fraud, and understand how our content is used.
  • Legal obligation — where we are required to keep records by law.

5. Sharing with third parties

We share personal data only with service providers needed to run the business:

  • Hosting & CDN for the website.
  • CRM & email tools for inquiry management and responses.
  • Analytics providers for anonymous or pseudonymous usage statistics.
  • Professional advisors (legal, accounting) when necessary.

Where a provider is outside the European Economic Area, we rely on Standard Contractual Clauses or equivalent safeguards.

6. Retention

Inquiry records: retained while we're actively engaged with you plus up to 36 months afterwards, or as required by law. Analytics data is retained for up to 26 months. You can request deletion at any time (see below).

7. Your rights

Under GDPR and similar regimes, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion ("right to be forgotten") where applicable.
  • Restrict or object to certain processing.
  • Request portability of data you've provided to us.
  • Withdraw consent at any time.
  • Lodge a complaint with a supervisory authority (in Spain: the AEPD — aepd.es).

To exercise any of these rights, email [email protected].

8. Cookies

We use cookies as described in our Cookies Policy. You can manage non-essential cookies via your browser settings or the consent banner when available.

9. Security

We apply appropriate technical and organizational measures to protect personal data — including encryption in transit, restricted access, and routine security review. No system is perfectly secure; if we become aware of a material breach affecting you, we will notify you in line with applicable law.

10. Changes

We may update this policy from time to time. Material changes will be flagged on this page with an updated "last updated" date. Your continued use of the site after an update constitutes acceptance of the revised policy.

11. Contact

Questions, requests, or complaints: [email protected].