Privacy Policy for the website and services
Last updated: 2026-06-12 · Official and binding version: Catalan.
1. Data controller
The controller of the personal data collected through this website and the contact channels is:
- Owner: NOEMA AUTOMATIONS, S.L.
- Tax ID (NIF): B88880364
- Address: Carrer Cabrera, 15 · 08519 Folgueroles (Barcelona)
- Privacy contact email: info@noemaautomations.com
- Data Protection Officer (DPO): Not appointed, as the conditions of art. 37 GDPR do not apply; queries to info@noemaautomations.com.
2. What data we collect and through which channels
| Channel | Data collected |
|---|---|
| Contact form / demo request | Name, company, phone, email, sector and message. |
| Email and phone | Contact details and content of the communication. |
| Browsing and cookies | IP address, device identifiers and browsing data (see the Cookie Policy). |
| Content subscription / newsletter | Name and email. |
| Professional networks (e.g. LinkedIn) and B2B prospecting | Professional contact details of companies and their representatives. |
3. Purposes and legal bases
| Purpose | Legal basis (art. 6 GDPR) |
|---|---|
| Handling enquiries and contact or demo requests | Pre-contractual measures at the data subject's request (art. 6.1.b). |
| Managing the contractual relationship with clients | Performance of a contract (art. 6.1.b). |
| Sending commercial communications about similar own services to clients | Legitimate interest (art. 6.1.f), with the right to object; or consent (art. 6.1.a) for non-clients. |
| B2B commercial prospecting to companies | Legitimate interest (art. 6.1.f), in accordance with the LSSI for electronic communications. |
| Compliance with legal obligations (tax, accounting) | Legal obligation (art. 6.1.c). |
| Analytics and marketing cookies | Consent (art. 6.1.a). |
| Website security and fraud prevention | Legitimate interest (art. 6.1.f). |
4. Retention periods
- Enquiries and contacts without contracting: up to 1 year from the last contact.
- Client data (contractual relationship): for the duration of the contract and, thereafter, for the statutory limitation periods (up to 6 years for commercial and accounting obligations, plus the applicable tax periods).
- Commercial communications / newsletter: until the data subject withdraws consent or objects.
- B2B prospecting data: while the commercial interest is maintained and there is no objection.
- Browsing and cookie data: according to the duration stated in the Cookie Policy.
5. Recipients and international transfers
Data may be disclosed to providers that supply services to the Agency (web hosting, email, CRM tool —Pipedrive—, communication-sending tools, analytics providers), always as data processors and under a contract compliant with article 28 GDPR. Data is not transferred to third parties for their own commercial purposes.
Some providers may be located outside the European Economic Area. In such cases, international transfers are carried out with the appropriate safeguards set out in Chapter V of the GDPR, mainly the European Commission's Standard Contractual Clauses or valid adequacy decisions.
6. Use of artificial intelligence
The Agency uses artificial-intelligence tools in its activity. Through this website, no automated decisions with legal or significant effects are taken about users within the meaning of article 22 GDPR. Should any specific service incorporate such decisions, the data subject would be specifically informed and granted the corresponding rights (human intervention, expression of their point of view and the right to contest the decision).
7. Rights of data subjects
Anyone has the right to obtain confirmation as to whether we process their data and to exercise the rights of access, rectification, erasure, restriction of processing, portability and objection, as well as not to be subject to automated individual decisions. These may be exercised by sending a request to info@noemaautomations.com or to Carrer Cabrera, 15 · 08519 Folgueroles (Barcelona), stating the right being exercised and enclosing a copy of an identity document. Consent given may also be withdrawn at any time, without retroactive effect.
8. Right to lodge a complaint with the supervisory authority
If you consider that the processing of your data does not comply with the regulations, you may lodge a complaint with the Spanish Data Protection Agency (AEPD), c/ Jorge Juan 6, 28001 Madrid (www.aepd.es), or with the Catalan Data Protection Authority (APDCAT) where competent.
9. Security
The Agency applies appropriate technical and organisational measures to ensure data security and prevent its loss, misuse or unauthorised access (encryption, access control, backups, access logging).
10. Updates and versioning
This Privacy Policy may be updated to adapt it to regulatory or operational changes. Version: 1.0. Last updated: 2026-06-12.