ES EN
Log in Start free

Legal

Privacy policy

Last updated: May 2026

Data controller

  • Company name: Rowan, S. Coop. Galega (hereafter, "Rowan Growth")
  • Tax ID (NIF): F26697466
  • Address: C/ Cesáreo González, 25 — 36210 Vigo (Pontevedra), Spain
  • Email: hola@rowangrowth.es
  • Phone: +34 698 93 94 76

We have not appointed a Data Protection Officer (DPO) because we do not process data on a large scale and do not fall under the cases listed in article 37 GDPR. For any data-related question, email hola@rowangrowth.es.

What we process and why

We process your data for the following purposes:

  • Free audit and contact forms: name, email, and web domain, to run the requested audit and reply to your query.
  • Newsletter and commercial communications: email, to send you content about SEO/GEO and product updates. Only with your express consent.
  • Delivery of the contracted tool: identifying, tax, billing, and access data for your marketing integrations (Search Console, CMS, analytics) so the program can audit, publish, and measure on your behalf. Only if you're an active customer.
  • Compliance with legal obligations: tax and accounting data required by tax law.
  • Browsing data: IP address, browser, and pages visited, collected via server technical means to maintain site security. See the Cookie policy for details.

Legal basis for processing

  • Consent (art. 6.1.a GDPR) — audit forms, newsletter, and non-technical cookies.
  • Performance of a contract (art. 6.1.b GDPR) — delivery of the contracted tool and complementary services.
  • Legal obligation (art. 6.1.c GDPR) — invoicing, taxation, and accounting retention.
  • Legitimate interest (art. 6.1.f GDPR) — site security, fraud prevention, and communications to active customers about products similar to the one contracted.

Retention periods

  • Lead data without contract: up to 24 months from last contact, unless prior deletion request.
  • Contract and billing data: 6 years from end of relationship (art. 30 Spanish Commercial Code).
  • Tax data: 4 years (art. 66 LGT) or the applicable legal term, whichever is longer.
  • Newsletter and marketing: until you withdraw consent.
  • Server logs: 30 days, unless retention is required due to a security incident.

Recipients and data processors

We do not sell or share your data with third parties for commercial purposes. We share data exclusively with the following providers, under data processing agreements pursuant to article 28 GDPR:

  • Web hosting and email: 1&1 IONOS España S.L.U. (Spain, EU).
  • Payment gateway (customers only): Stripe Payments Europe Ltd. (Ireland, EU).
  • Code repository and workflows: GitHub Inc. — limited to operational logs (no customer personal data); international transfer covered by Standard Contractual Clauses (SCC) and the EU-US Data Privacy Framework.
  • Tax and labor advisors: licensed professionals bound by professional secrecy.

Access is limited to the data strictly necessary for each engagement. We keep an up-to-date register of processors available upon reasoned request.

International transfers

Data is mainly processed within the European Economic Area. Where a transfer outside the EEA occurs (as with the code repository hosted by GitHub Inc.), it is safeguarded under valid GDPR mechanisms (Standard Contractual Clauses or current adequacy frameworks).

Your rights

You may exercise the following rights over your personal data at any time:

  • Access to the data we hold about you.
  • Rectification of inaccurate or incomplete data.
  • Erasure when no longer necessary.
  • Restriction of processing.
  • Objection to processing based on legitimate interest.
  • Portability to another controller.
  • Withdrawal of consent at any time, with no retroactive effect.
  • Not to be subject to automated individual decisions (we don't run any).

To exercise any of these rights, email hola@rowangrowth.es identifying yourself and stating which right you're exercising. We will respond within one month.

If you believe the processing does not comply with regulations, you may file a complaint with the Spanish Data Protection Agency (AEPD): C/ Jorge Juan, 6 — 28001 Madrid · electronic office sedeagpd.gob.es.

Automated decisions and profiling

We do not make automated individual decisions with significant legal effects on data subjects, nor do we build profiles from the data collected on this site.

Security

We apply reasonable technical and organizational measures to protect data against unauthorized access, loss, or alteration: encryption in transit (HTTPS/TLS), role-based access control, periodic backups, and continuous vulnerability review. In the event of a security breach affecting your data, we will inform you within the legally required deadline.

Changes

This policy may be updated to reflect legal, technical, or service changes. We recommend reviewing it periodically. The last-updated date appears in the header.

For questions about this policy or the exercise of your rights, email hola@rowangrowth.es.

Does ChatGPT mention your brand?
Find out free in 30s.

Try free