JM Legal
Privacy Policy
PRIVACY POLICY
This Privacy Policy explains how JM Legal (“the Firm”, “we”, “us”, or “our”) collects, uses, and protects personal data in accordance with:
Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)
Ley Orgánica 3/2018, de Protección de Datos Personales y garantía de los derechos digitales (LOPDGDD)
Ley 34/2002 (LSSI-CE) where applicable
1. Data Controller
Business Name: JM Legal
CIF/NIF: B56398415
Registered Address: Calle Alejandro Dumas No. 17, 29004, Málaga, Spain
Email: admin@jmlegal.net
Telephone: 0034 951 870 438
The Firm is the Data Controller responsible for processing your personal data.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
Identification details (name, surname)
Contact details (email address, telephone number, postal address)
Identification documents where legally required
Case-related information necessary to provide legal services
Financial data for billing purposes
Website usage data (IP address, browser type, cookies)
We only collect data that is necessary, relevant, and limited to what is required for the purposes described below.
3. Purpose of Processing
Your personal data may be processed for the following purposes:
To provide legal advice and representation
To manage contractual and professional relationships
To respond to enquiries submitted via the website
To issue invoices and manage payments
To comply with legal and regulatory obligations
To prevent fraud and ensure security
To send legal updates or marketing communications (where consent has been given)
4. Legal Basis for Processing
We process personal data on the following lawful bases:
Performance of a contract (Article 6(1)(b) GDPR)
Compliance with legal obligations (Article 6(1)(c) GDPR)
Legitimate interests pursued by the Firm (Article 6(1)(f) GDPR)
Consent, where required (Article 6(1)(a) GDPR)
Where consent is relied upon, you may withdraw it at any time.
5. Data Retention
Personal data will be retained only for as long as necessary to fulfil the purposes for which it was collected, including compliance with legal, tax, and professional obligations.
Legal file documentation may be retained in accordance with professional and statutory limitation periods under Spanish law.
6. Disclosure of Data
Personal data may be shared with:
Courts and tribunals
Public authorities where legally required
Opposing counsel or parties where necessary for legal proceedings
External service providers (IT providers, accountants, secure document storage providers), under appropriate confidentiality agreements
We do not sell or rent personal data to third parties.
7. International Transfers
If personal data is transferred outside the European Economic Area (EEA), such transfers will be carried out in compliance with GDPR safeguards, including:
Adequacy decisions
Standard Contractual Clauses
Other legally approved transfer mechanisms
8. Data Subject Rights
Under GDPR, you have the following rights:
Right of access
Right to rectification
Right to erasure (“right to be forgotten”)
Right to restrict processing
Right to data portability
Right to object
Right not to be subject to automated decision-making
Requests may be made in writing to: [Privacy Contact Email]
You also have the right to lodge a complaint with the Agencia Española de Protección de Datos (AEPD) (www.aepd.es).
9. Security Measures
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.
All client information is treated as strictly confidential and subject to professional secrecy obligations.
10. Cookies
This website may use cookies to improve user experience. For detailed information, please refer to our Cookies Policy.
11. Changes to This Policy
We reserve the right to update this Privacy Policy to reflect legal or operational changes. The latest version will always be available on this website.