Privacy Policy
Last updated: 15th January 2026
Introduction
SecureNet S.L. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or use our services at our skincare and wellness centre located at Calle Nueva 139, 48131 Bilbao, Basque Country, Spain.
This policy applies to all visitors, clients, and users of our website and services. By using our website or services, you agree to the collection and use of information in accordance with this policy.
Data Controller Information
SecureNet S.L. is the data controller responsible for your personal data. Our details are:
- Company: SecureNet S.L.
- Registration Number: B-94567238
- Address: Calle Nueva 139, 48131 Bilbao, Basque Country, Spain
- Email: privacy@securenet.world
- Phone: +34 944 798 842
Data Collection
We collect several types of information to provide and improve our services. The data we collect includes:
Personal Information
When you contact us or book our services, we may collect personal information such as:
- Name and contact details (email address, phone number)
- Appointment and treatment preferences
- Skin concerns and health information relevant to treatments
- Payment information for processing transactions
- Communication preferences and consent records
Website Usage Information
When you visit our website, we automatically collect certain information including:
- IP address and browser information
- Pages visited and time spent on our website
- Device information and operating system
- Referral sources and website interactions
How We Use Your Information
We use the personal data we collect for the following purposes, and how we use your information depends on the legal basis for processing:
Service Provision
We use of your data to provide our skincare and wellness services, including:
- Scheduling and managing appointments
- Providing personalised treatment recommendations
- Processing payments and maintaining treatment records
- Following up on treatments and providing aftercare support
Communication
We may use your contact information to:
- Respond to your enquiries and provide customer support
- Send appointment confirmations and reminders
- Provide treatment information and aftercare instructions
- Send marketing communications (with your consent)
Website Improvement
We analyse website usage data to improve our online services and user experience.
Cookies and Tracking Technologies
We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.
For detailed information about the cookies we use, please see our Cookie Policy.
Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:
- Contractual necessity: To provide our services and fulfil our obligations to you
- Legitimate interests: To improve our services and website functionality
- Consent: For marketing communications and non-essential cookies
- Legal obligation: To comply with applicable laws and regulations
Data Sharing and Third Parties
We do not sell, trade, or rent your personal information to third parties. We may share your data in the following limited circumstances:
- With service providers who assist us in operating our business (payment processors, appointment systems)
- When required by law or to protect our legal rights
- With your explicit consent for specific purposes
- In connection with a business transfer or merger (with appropriate safeguards)
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Our data retention periods are:
- Treatment records: 7 years after last treatment (for medical and legal compliance)
- Marketing communications: Until you unsubscribe or withdraw consent
- Website analytics data: 26 months (Google Analytics standard retention)
- Contact form enquiries: 2 years from last contact
- Payment records: As required by applicable tax and financial regulations
Your Rights
Under GDPR and applicable data protection laws, your rights include:
- Right of access: Request a copy of the personal data we hold about you
- Right to rectification: Request correction of inaccurate or incomplete data
- Right to erasure: Request deletion of your personal data in certain circumstances
- Right to restrict processing: Request limitation of how we use your data
- Right to data portability: Request transfer of your data to another service provider
- Right to object: Object to processing based on legitimate interests or for marketing purposes
- Right to withdraw consent: Withdraw consent where processing is based on consent
To exercise any of these rights, please contact us using the details provided in the contact information section below.
Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- Secure data transmission using SSL encryption
- Regular security assessments and updates
- Access controls and staff training on data protection
- Secure storage of physical and digital records
International Data Transfers
Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:
- European Commission adequacy decisions
- Standard contractual clauses approved by the European Commission
- Other legally recognised transfer mechanisms
Children's Privacy
Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy periodically.
Contact Information
If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us:
Privacy Contact
- Email: privacy@securenet.world
- Phone: +34 944 798 842
- Address: SecureNet S.L., Calle Nueva 139, 48131 Bilbao, Basque Country, Spain
We will respond to your enquiry within 30 days as required by GDPR.
Supervisory Authority
If you believe we have not handled your personal data in accordance with applicable laws, you have the right to lodge a complaint with the relevant supervisory authority. In Spain, this is the Agencia Española de Protección de Datos (AEPD).