Book Your Consultation Call Today

1. Privacy Policy Introduction

Welcome to Distribute Spain (“we”, “us”, or “our”). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any applicable national data protection laws.

This Privacy Policy explains how we collect, use, store, and protect personal information when you visit our website at www.distributespain.com (the “Website”). Please read this policy carefully. If you do not agree with its terms, please discontinue use of our Website.

2. Data Controller

The data controller responsible for your personal data is:

NMCC Consulting FZE trading as Distribute Spain

Business Centre, Sharjah Publishing City Free Zone

Sharjah, United Arab Emirates

Email: info@distributespain.com

Phone: +447871868450

As our organisation is based outside the EU but offers services to EU residents, we are committed to complying fully with the GDPR. EU residents may exercise their data protection rights by contacting us using the details above. Where required by applicable law, we will appoint an EU representative; please contact us for current details.

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Data You Provide Directly

 

    • Contact information (name, email address, telephone number) when you complete a contact form or subscribe to a newsletter

    • Any information you include in messages or enquiries submitted through the Website

 

3.2 Data Collected Automatically

 

    • IP address and approximate geographic location

    • Browser type, version, and operating system

    • Pages visited, time spent on pages, and referring URLs

    • Device identifiers and technical information

 

3.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve our Website. Please refer to our [Cookie Policy] for full details. We will only place non-essential cookies with your prior, informed consent.

4. Legal Basis for Processing

Under the GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal bases:

 

    • Legitimate Interests (Article 6(1)(f)): To analyse website usage, improve our content and services, and ensure the security of our Website — where our interests are not overridden by your rights.

    • Consent (Article 6(1)(a)): Where you have given clear, specific, and freely given consent, for example for newsletter subscriptions or non-essential cookies.

    • Contract (Article 6(1)(b)): Where processing is necessary to fulfil a contract or to take steps at your request before entering into a contract.

    • Legal Obligation (Article 6(1)(c)): Where processing is required to comply with a legal or regulatory obligation.

 

5. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

 

    • To provide and maintain our Website and its content

    • To respond to your enquiries and communicate with you

    • To send newsletters or updates where you have opted in

    • To monitor and analyse usage patterns to improve user experience

    • To detect and prevent fraud, abuse, or security incidents

    • To comply with applicable legal obligations

 

6. Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

 

    • Contact form submissions: up to 24 months from the date of last contact

    • Newsletter subscriptions: until you unsubscribe or withdraw consent

    • Analytics data: up to 26 months (aggregated / anonymised thereafter)

    • Cookies: as stated in our Cookie Policy

 

After the applicable retention period, data is securely deleted or anonymised.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share your data with trusted third-party service providers who process data on our behalf, including:

 

    • Web hosting and infrastructure providers

    • Email service providers (e.g., newsletter platforms)

    • Analytics providers (e.g., privacy-compliant analytics tools)

    • IT support and security services

 

All third-party processors are contractually bound to process data only on our instructions and in compliance with the GDPR, pursuant to a Data Processing Agreement (DPA).

We may also disclose data where required by law, court order, or regulatory authority.

8. International Data Transfers

Where we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place as required by Chapter V of the GDPR. These may include:

 

    • Standard Contractual Clauses (SCCs) approved by the European Commission

    • Adequacy decisions issued by the European Commission

    • Binding Corporate Rules (BCRs) where applicable

 

You may request details of the specific safeguards applied to any transfer by contacting us using the details in Section 2.

9. Your Rights Under the GDPR

As a data subject, you have the following rights under the GDPR. You may exercise these rights at any time by contacting us at the details provided in Section 2:

 

    • Right of Access (Article 15): You have the right to obtain a copy of your personal data and information about how it is processed.

    • Right to Rectification (Article 16): You may request correction of inaccurate or incomplete data.

    • Right to Erasure (Article 17): You may request deletion of your personal data where there is no legitimate reason for us to continue processing it.

    • Right to Restriction of Processing (Article 18): You may request that we restrict processing of your data in certain circumstances.

    • Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, machine-readable format and to transfer it to another controller.

    • Right to Object (Article 21): You may object to processing based on legitimate interests or direct marketing at any time.

    • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

    • Right not to be subject to Automated Decision-Making (Article 22): You have the right not to be subject to decisions based solely on automated processing that produce significant effects.

 

We will respond to all verified requests within one calendar month. This period may be extended by a further two months where requests are complex or numerous; we will inform you of any such extension within one month of receipt.

If you are not satisfied with how we handle your request, you have the right to lodge a complaint with a supervisory authority. In the EU, this is the data protection authority in your country of residence. A list of EU supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

10. Security of Your Personal Data

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include, but are not limited to:

 

    • Secure Sockets Layer (SSL/TLS) encryption for data in transit

    • Access controls and authentication requirements

    • Regular security assessments and patching

    • Data minimisation and pseudonymisation where appropriate

 

While we take all reasonable steps to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Article 34 of the GDPR.

11. Children’s Privacy

Our Website is not directed at children under the age of 16 (or the applicable age of digital consent in your member state). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately so we can take appropriate action.

12. Links to Third-Party Websites

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party websites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of significant changes by posting the updated policy on this page with a revised “Last updated” date. Where required by law, we will seek your renewed consent.

We encourage you to review this page periodically to stay informed about how we protect your data.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

NMCC Consulting FZE trading as Distribute Spain

Business Centre, Sharjah Publishing City Free Zone

Sharjah, United Arab Emirates

Email: nathan@nmccconsulting.com

Phone: +447871868450

This Privacy Policy was drafted in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation). It should be reviewed by a qualified legal professional before publication to ensure it accurately reflects your specific data processing activities and complies with all applicable local laws.

 

Build your revenue engine in Spain

 

Distribute Spain is the trading name of NMCC Consulting FZE, operating out of: Business Centre, Sharjah Publishing City, Sharjah, United Arab Emirates.

While we operate out of the UAE for ease of facilitating global transactions, our presence is very much in Spain. Please reach out to +447871868450 for any questions or email info@distributespain.com

Sales Brokerage
Marketing Services
Imports & Legal
Contact
Privacy Policy

©2026. All rights reserved.