Privacy Policy
Servicios de traducción jurada y jurídica, S. L. · juradayjuridica.es
Last updated: 23/03/2026
**Puede consultar esta política de privacidad en español aquí
1. Data controller
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data
(hereinafter, the “GDPR”), and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights (hereinafter, the “LOPDGDD”), the user is hereby informed that the personal data provided shall be processed by:
Company name: Servicios de traducción jurada y jurídica, S. L.
Tax ID (NIF): B22732143
Registered address: Plaza de España 4, 1.º B, 28231 Las Rozas de Madrid, Spain
Commercial registry: Registered at the Commercial Registry of Madrid, Spain, electronic folio of the General Companies Section records, sheet M-859685, 1st entry, VAT no. ESB22732143
E-mail: info@juradayjuridica.es
Website: https://www.juradayjuridica.es
The Company acts as an independent data controller in respect of the personal data submitted in the course of providing sworn translation services. For further information on this legal position, please refer to our informative note on the Company’s position as an independent data controller.
2. Personal data collected
In the course of providing sworn translation services, the following categories of personal data may be processed:
2.1. Data provided directly by the client
• Identification data: name, surname, postal address, telephone number and e-mail address, provided by the client via the online quote tool, e-mail, instant messaging or other communication channels.
• Data contained in the documents submitted for translation (via e-mail, instant messaging or other means), which may include, among others: date and place of birth, marital status, nationality, passport or identity document number, criminal records, academic records, health data, financial data and any other data appearing in the original documents.
2.2. Payment data
Payments are processed through an external payment processing platform (Stripe). The client may place orders and make payments directly through the Company's online quote tool. During the payment process, the client is asked to provide the following details: full name or company name, email address, postal address and tax identification number (NIF/NIE/VAT number), which are required for the purposes of issuing the relevant invoice. The company does not store complete credit or debit card details. Only the last digits of the card number and the transaction status are accessible, for accounting and payment tracking purposes.
2.3. Browsing data (website)
The website juradayjuridica.es does not collect personal data directly through contact or registration forms. However, a third-party web analytics tool is used which collects browsing data automatically through cookies. The data collected includes, among others: IP address (anonymised), browser and device type, pages visited, duration of the visit and approximate geographical origin. For further information, see section 8 (Cookie policy).
2.4. Data processed through the online quoting tool
The Company provides an online quoting tool accessible at presupuesto.juradayjuridica.es, which allows clients to upload documents and obtain an instant quote. The documents are processed in real time and are not stored by the Company or by the third-party service after the analysis has been completed. The data processed includes the content of the uploaded document and the email address provided by the client.
3. Purposes and legal basis for processing
Purpose: Provision of the sworn translation service
Legal basis: Performance of a contract or pre-contractual measures
GDPR Article: Art. 6(1)(b)
Purpose: Administrative, accounting and invoicing management
Legal basis: Legal obligation
GDPR Article: Art. 6(1)(c)
Purpose: Compliance with tax and commercial obligations
Legal basis: Legal obligation
GDPR Article: Art. 6(1)(c)
Purpose: Statistical analysis of website traffic through analytics cookies
Legal basis: User consent
GDPR Article: Art. 6(1)(a)
Purpose: Processing of special categories of data contained in documents
Legal basis: Explicit consent of the data subject
GDPR Article: Art. 9(2)(a)
4. Special categories of data
Given the nature of sworn translation services, it is possible that documents submitted by clients may contain special categories of personal data within the meaning of Article 9 of the GDPR, such as data relating to health, genetic data, religious beliefs, ethnic or racial origin, or data relating to criminal convictions and offences (Article 10 of the GDPR).
The processing of such data is based on the explicit consent of the data subject (Article 9(2)(a) of the GDPR). This consent is given by the client when they accept this privacy policy by ticking the corresponding checkbox during the payment process. By doing so, the client expressly authorises the company to process any special categories of personal data that may be contained in the documents submitted for translation, solely for the purpose of providing the sworn translation service requested.
The company undertakes to process such data with the highest guarantees of confidentiality and security. The client may withdraw their consent at any time by contacting the company at the address indicated in section 1, without affecting the lawfulness of processing carried out prior to withdrawal.
5. Data processors and data recipients
In order to provide the service, the company engages various categories of data processors that may access personal data in the performance of their duties:
Service provider: Stripe, Inc. and SumUp Limited
Purpose: Card payment processing
Location: US / EU
Safeguards: DPF (Stripe) / GDPR (SumUp)
Service provider: Google LLC
Purpose: Website hosting, statistical analysis of website traffic and scheduling/calendar management
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Anthropic, PBC
Purpose: Computer-assisted translation tools, word count, quotation preparation and administrative and business management tasks
Location: US
Safeguards: Standard contractual clauses / DPF
Service provider: DeepL SE
Purpose: Computer-assisted translation tools
Location: Germany (EU)
Safeguards: GDPR
Service provider: Grammarly, Inc.
Purpose: Linguistic revision tools
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Microsoft Corporation
Purpose: Document creation and editing
Location: US / EU
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Adobe Inc.
Purpose: PDF document creation and management
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Proton AG
Purpose: E-mail, secure document storage and scheduling
Location: Switzerland
Safeguards: European Commission adequacy decision
Service provider: Apple Inc.
Purpose: Secure storage and scheduling
Location: US / EU
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Notion Labs, Inc.
Purpose: Internal project management and information storage
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Dropbox, Inc.
Purpose: Cloud storage of documents
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Zapier, Inc.
Purpose: Workflow automation and integration between applications
Location: US
Safeguards: EU-US Data Privacy Framework (DPF)
Service provider: Neting Soluciones Tecnológicas, S. L.
Purpose: Invoicing and billing management
Location: Spain (EU)
Safeguards: GDPR
Service provider: Cegid Group, S. A.
Purpose: Cloud platform for uploading invoices and accounting documents
Location: France (EU)
Safeguards: GDPR
Service provider: Asesoría y Consultoría para Empresas You, S. L.
Purpose: Accounting, tax and bookkeeping management
Location: Spain (EU)
Safeguards: GDPR
Service provider: Sociedad Estatal Correos y Telégrafos, S. A., S. M. E.
Purpose: Postal delivery of physical translations
Location: Spain (EU)
Safeguards: GDPR
Service provider: Vercel Inc.
Purpose: Hosting of the online quote tool and serverless backend functions
Location: US (with edge servers in EU)
Safeguards: EU-US Data Privacy Framework (DPF)
The company undertakes to enter into the corresponding data processing agreements in accordance with Article 28 of the GDPR and Article 33 of the LOPDGDD. Access to data by data processors does not constitute a disclosure of data to third parties, as they act solely on behalf of and under the instructions of the company.
5.1. Communications to independent data controllers
In the course of providing the service, personal data may also be communicated to the following independent data controllers:
• WhatsApp (Meta Platforms, Inc.): The company uses WhatsApp as a communication channel with clients for the receipt of documents and personal information. Meta Platforms, Inc. acts as an independent data controller with respect to the data processed through its platform, in accordance with its own privacy policy. The international data transfer is supported by the EU-US Data Privacy Framework (DPF).
• Sworn translator collaborators: Where the volume of work so requires, the company may engage external sworn translators for the provision of the translation service. In accordance with the reasoning set out in the company’s informative note on its position as an independent data controller, sworn translators act with full professional autonomy and independence and are therefore independent data controllers in respect of the personal data contained in the documents entrusted to them. They are subject to the duty of professional secrecy inherent to their status as sworn translators appointed by the Spanish Ministry of Foreign Affairs, European Union and Cooperation.
These communications of data are based on the performance of a contract for the provision of services (Article 6(1)(b) of the GDPR) and do not constitute a controller-processor relationship. Outside these circumstances, data shall not be disclosed to independent third parties except where required by law.
6. International data transfers
Some of the data processors and independent data controllers referred to in the previous section are based outside the European Economic Area. These international transfers are supported by the following appropriate safeguards:
• European Commission adequacy decisions: Switzerland benefits from an adequacy decision ensuring a level of protection equivalent to that of the EEA.
• EU-US Data Privacy Framework (DPF), adopted by European Commission Adequacy Decision of 10 July 2023.
• Standard contractual clauses approved by the European Commission (Implementing Decision 2021/914).
The user may request further information on the safeguards applicable to international transfers by contacting the company at the address indicated in section 1.
7. Data retention periods
• Original documents and translations: these shall be retained for the time necessary to provide the service and, thereafter, for the applicable statutory limitation periods, in particular those established under tax and commercial law, in order to respond to any requests from the competent public authorities.
• Invoicing and accounting data: these shall be retained for the legally established periods: 4 years under the General Tax Law and 6 years under the Commercial Code.
• Web analytics data: these shall be retained for the period configured in the analytics tool (14 months by default). The data is anonymised so that it does not allow direct identification of the user.
• Client contact data: these shall be retained for as long as the commercial relationship exists and, once it has ended, for the applicable statutory limitation periods.
Once the above periods have elapsed, the data shall be deleted or irreversibly anonymised.
8. Cookie policy
The website juradayjuridica.es uses third-party cookies for analytical purposes. The online quote tool, hosted at presupuesto.juradayjuridica.es, does not use cookies. Specifically, analytics cookies are used to collect information about the use of the website, such as the number of visits, the most viewed pages and the geographical origin of visitors.
8.1. Types of cookies used
Cookie: _ga
Purpose: Distinguish unique users
Duration: 2 years
Type: Analytics (third-party)
Cookie: _ga_<ID>
Purpose: Maintain session state
Duration: 2 years
Type: Analytics (third-party)
8.2. Cookie management
When accessing the website, an information banner is displayed allowing the user to accept or reject analytics cookies. The user may change their cookie settings at any time through their browser settings or via the cookie settings link available on the website.
Disabling analytics cookies does not prevent browsing the website or using its features.
9. Data subject rights
In accordance with Articles 15 to 22 of the GDPR and Articles 12 to 18 of the LOPDGDD, the data subject may exercise the following rights:
• Right of access: To know what personal data is being processed.
• Right to rectification: To request the correction of inaccurate or incomplete data.
• Right to erasure: To request the deletion of data when it is no longer necessary for the purpose for which it was collected.
• Right to restriction: To request the restriction of processing in the circumstances provided for in Article 18 of the GDPR.
• Right to data portability: To receive data in a structured, commonly used and machine-readable format.
• Right to object: To object to the processing of data in certain circumstances.
• Withdrawal of consent: To withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
• Automated decisions: Not to be subject to automated individual decision-making, including profiling with legal effects.
To exercise these rights, the data subject may contact the company by e-mail at the address indicated in section 1, enclosing a copy of their identity document. The company shall respond within a maximum period of one month from receipt of the request, which may be extended by a further two months in cases of complexity or a high number of requests.
The data subject also has the right to lodge a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6, 28001 Madrid (www.aepd.es), if they consider that the processing of their data does not comply with current legislation.
10. Security measures
In accordance with Article 32 of the GDPR and Article 28(2)(d) of the LOPDGDD, the company has implemented appropriate technical and organisational measures to ensure a level of security commensurate with the risk, including:
• Encrypted connections (HTTPS/TLS)
• Secure storage with restricted access
• Deletion per retention schedule
• Strong passwords & authentication
• Professional duty of confidentiality
11. Professional duty of confidentiality
Sworn translation is subject to a strict duty of confidentiality. All documents received and translations produced are treated with the utmost discretion. The content of documents shall not be disclosed to persons unconnected with the service, without prejudice to access by the data processors identified in section 5, who act under the instructions and control of the company, and to any disclosures required by law.
12. Amendments to the privacy policy
The company reserves the right to amend this privacy policy in order to adapt it to legislative, case-law or business practice developments. In the event of a material amendment, users shall be duly informed through the website. Users are advised to review this page periodically to stay informed about how their data is protected.
13. Applicable legislation
This privacy policy is governed by the following legislation:
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).
• Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD).
• Law 34/2002 of 11 July on information society services and electronic commerce (LSSI-CE).