Privacy Policy
Effective date: 28 April 2026 · Version 1.0
This Privacy Policy explains what personal data is collected through the website roboticweldingcells.com ("Website"), how it is used, who it is shared with, and what rights data subjects have under EU Regulation 2016/679 (the "GDPR") and Spanish data protection law.
1. Data Controller
The data controller for personal data processed through the Website is:
- Legal name: Industrial Machinery Export Bilbao S.L., trading as Robotic Welding Cells
- Registered office: Bilbao, Spain
- Email: welding@eurobots.net
- Phone: +34 946 744 397
Throughout this policy, “we”, “us” and “our” refer to the data controller.
2. What personal data we process
We process the following categories of personal data:
- Browsing data automatically collected when you visit the Website: IP address, browser user agent, pages visited, referring URL, time of visit. This data is necessary to deliver the Website and detect security issues.
- Contact form data if and when you submit a request for a quote or general enquiry: company name, contact person name, work email, phone number (optional), and the content of your message.
- Technical cookies and similar identifiers placed by the Website and a limited set of third-party services that we have deliberately selected (see the Cookie Policy for the full list).
We do not knowingly collect personal data from minors. The Website is designed for business-to-business (B2B) audiences only.
3. Purposes of processing and legal basis
| Purpose | Personal data | Legal basis (GDPR Art. 6) |
|---|---|---|
| Deliver the Website and ensure its security | Browsing data, technical cookies | Legitimate interest (Art. 6(1)(f)) |
| Reply to enquiries and prepare commercial quotes | Contact form data | Performance of pre-contractual measures (Art. 6(1)(b)) |
| Comply with tax and accounting obligations | Order and invoice data | Legal obligation (Art. 6(1)(c)) |
| Defend our rights in case of dispute | Browsing logs, contact data | Legitimate interest (Art. 6(1)(f)) |
We do not use your personal data for marketing or behavioural advertising. We do not run analytics, retargeting pixels or ad networks on the Website at the date of this policy.
4. Third-party services we use
The Website is built on infrastructure that involves a small number of third-party processors. Each one has been deliberately selected, and only those listed below have access to a portion of your data, strictly to deliver the Website:
- WordPress (self-hosted) — open-source CMS that runs the Website.
- GoDaddy Managed WordPress Hosting (Spain / EU data centre) — hosting provider; processes browsing data and database content.
- Cloudflare (Ireland, with global infrastructure) — content delivery network and DDoS protection; processes browsing data including IP address. Cloudflare may transfer data outside the EEA under the European Commission's Standard Contractual Clauses.
- TrustedSite by McAfee — security badge service; the badge script may set a technical cookie to verify the badge integrity.
We do not engage other processors at this date. When we add new services (for example, a newsletter platform), we will update this Privacy Policy and where required ask for your consent.
5. Data retention
Personal data is retained only for as long as necessary for the purposes for which it was collected:
- Browsing logs: 30 days for security purposes, then aggregated or deleted.
- Contact form data: 24 months from the date of last interaction, unless a commercial relationship has been established (in which case retention follows the relationship).
- Order and invoice data: as required by Spanish tax law (typically 6 years).
After the retention period, data is deleted or irreversibly anonymised.
6. International data transfers
Some of our processors (notably Cloudflare) operate global networks that may process your data in countries outside the European Economic Area, including the United States. In every case, transfers are protected by either:
- the European Commission's Standard Contractual Clauses (Decision 2021/914), and
- supplementary technical measures (encryption in transit and at rest).
You can request a copy of the relevant safeguards at the contact email above.
7. Your rights under the GDPR
You have the right, at any time and free of charge, to:
- Access the personal data we hold about you (Art. 15)
- Request rectification of inaccurate or incomplete data (Art. 16)
- Request erasure of your data (“right to be forgotten”, Art. 17)
- Request restriction of processing (Art. 18)
- Receive your data in a portable format (Art. 20)
- Object to processing based on legitimate interest (Art. 21)
- Withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal
- Lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos, www.aepd.es), or with the supervisory authority of your country of residence
To exercise any of these rights, please email welding@eurobots.net with the subject “Privacy request — [your right]”. We respond within 30 days.
8. Security measures
We protect personal data with appropriate technical and organisational measures, including:
- HTTPS/TLS encryption on all pages of the Website
- Encryption at rest of database backups
- Role-based access control to administrative interfaces
- Regular security updates of WordPress core, plugins and themes
- Monitoring for suspicious activity through Cloudflare and our hosting provider
No internet transmission or electronic storage is 100% secure; if a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the supervisory authority and (where required) affected individuals within 72 hours, in accordance with Articles 33 and 34 GDPR.
9. Automated decision-making
We do not perform automated decision-making (including profiling) that produces legal effects concerning you or significantly affects you, within the meaning of Article 22 GDPR.
10. Cookies
Detailed information on the cookies used by the Website, their purpose, duration, and how to manage them is provided in our Cookie Policy.
11. Changes to this Privacy Policy
We may amend this Privacy Policy from time to time. The date of the latest revision is shown at the top of this page. Material changes will be communicated through a notice on the Website at least 30 days before they take effect, where required by applicable law.
12. Contact
- Data controller: Industrial Machinery Export Bilbao S.L.
- Email (privacy requests): welding@eurobots.net
- Postal address: Bilbao, Spain (registered office; full address provided on request to verified data subjects)
- Phone: +34 946 744 397