An important note before we begin: protecting your personal data is a priority for Chateau Partners, S.L. This Privacy Policy explains clearly what data we process, for what purpose and on what legal basis, as well as the rights available to you. It complies with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD).
1. Data controller
- Controller: Chateau Partners, S.L.
- Tax ID (CIF): B72646011
- Address: Calle Fernando el Santo 17, 3º, 28010 Madrid
- Email: info@chateaupartners.es
- Telephone: +34 658 089 890
- Registry details: Registered at the Mercantile Registry of Madrid, Volume 43464, Book 0, Folio 100, Section 8, Sheet M-767653.
Given the nature and volume of the processing carried out, Chateau Partners is not required to appoint a Data Protection Officer (DPO). For any question regarding the processing of your data, you may contact info@chateaupartners.es, quoting the reference "Data Protection".
2. Categories of data subjects and data
This Policy refers to the processing related to the following categories of data subjects, based on the data they provide through forms, contracts and other channels:
2.1. Users requesting information
Identification data (first name, surname) and contact data (email, telephone), as well as the information you voluntarily provide through the Website forms or by email.
2.2. Investors and participants
For investors or potential investors in co-investment projects structured through special purpose vehicles (SPVs): identification, contact, professional, economic, financial and tax data (NIF/NIE, IBAN, financial standing where required) and, where applicable, identification documentation (ID card/passport) required by anti-money-laundering regulations.
2.3. Sellers and buyers of assets
For counterparties in sale and purchase transactions: identification and contact data, data on the property subject to the transaction, and the documentation required to sign deposit agreements and public deeds (ID, registry details, etc.).
2.4. Website visitors
Browsing data (IP address, device identifiers, pages visited, date and time of access) collected through cookies and similar technologies.
3. Purposes of processing
- Information requests: handling your enquiry, sending documentation on assets and investment opportunities and maintaining the commercial relationship.
- Investors and participants: formalisation and execution of co-investment agreements, management of the relationship with participants, periodic reporting, distribution of returns and compliance with legal obligations (commercial, tax and anti-money-laundering).
- Sellers and buyers: negotiation, formalisation and execution of sale and purchase transactions and compliance with notarial, tax and registry obligations.
- Browsing: ensuring the proper functioning of the Website, analysing its use and measuring the effectiveness of advertising campaigns.
4. Legal basis
- Consent of the data subject (Art. 6.1.a GDPR): information requests, sending of commercial communications and non-strictly-necessary cookies.
- Performance of a contract or pre-contractual measures (Art. 6.1.b GDPR): relationship with investors and sale and purchase transactions.
- Compliance with legal obligations (Art. 6.1.c GDPR): in particular those arising from Spanish Law 10/2010, of 28 April, on the prevention of money laundering and terrorist financing, and from commercial and tax regulations.
- Legitimate interest (Art. 6.1.f GDPR): improvement and personalisation of the service and security of the Website.
5. Recipients of the data
Your data will not be sold or transferred to third parties for commercial purposes. It may be disclosed to:
- Legal advisors and notaries involved in real estate and corporate transactions.
- Accounting, tax and management advisors (Gsmart) for compliance with tax, commercial and participant-reporting obligations.
- KYC/AML providers (Ático 34) for identity verification and the prevention of money laundering.
- Financial institutions (Banco Sabadell, CaixaBank and others) in connection with account management and financing operations.
- Public administrations, Registries and Notaries where there is a legal obligation.
- Technology providers (hosting, web analytics, email) acting as data processors under contract.
6. Retention periods
- Information requests: up to 24 months from the last contact, unless earlier deletion is requested.
- Contractual relationship with investors: for the duration of the relationship and the limitation periods of any legal actions arising from it.
- KYC/AML documentation: 10 years from the end of the business relationship (Art. 25 of Law 10/2010).
- Commercial, tax and accounting documentation: the applicable legal periods (a minimum of 6 years under the Commercial Code).
7. Automated decisions and profiling
Chateau Partners does not take automated decisions that produce legal effects on the data subject or significantly affect them in a similar way.
However, analytics and advertising cookies may build browsing profiles for statistical and marketing purposes (for example, to display content or advertising in line with your interests), always subject to the User's prior consent and revocable at any time. You can find the details in our Cookie Policy.
8. Rights of the data subjects
The User may exercise the following rights at any time:
- Access: obtain confirmation as to whether their data is being processed and access it.
- Rectification: correct inaccurate or incomplete data.
- Erasure: request the deletion of their data when it is no longer necessary or consent has been withdrawn.
- Objection: object to the processing on grounds relating to their particular situation.
- Restriction: request the restriction of processing in the cases provided for.
- Portability: receive their data in a structured, commonly used format.
- Withdrawal of consent: at any time, without affecting the lawfulness of prior processing.
To exercise them, contact info@chateaupartners.es, stating the right you wish to exercise and enclosing a copy of your ID or identification document. You may also lodge a complaint with the Spanish Data Protection Agency (www.aepd.es).
9. Confidentiality and security
Chateau Partners has implemented the necessary technical and organisational measures to guarantee the security of personal data and prevent its alteration, loss, or unauthorised processing or access, taking into account the state of the art, the nature of the data and the risks to which it is exposed.
10. International transfers
Some technology providers may be located outside the European Economic Area (in particular, the United States). In such cases, international transfers are carried out under European Commission adequacy decisions (Data Privacy Framework) or by means of Standard Contractual Clauses approved by the European Commission, ensuring an adequate level of protection.
11. Cookies and amendments
For the details of the processing related to cookies and tracking technologies, please see our Cookie Policy.
This Privacy Policy may be amended to adapt it to legislative or case-law changes or to the criteria of supervisory authorities. Amendments will be published on the Website together with the date of the last update.