The translation of the text you are viewing has been generated by an automatic translation system without manual review of the translations. Therefore, the legal validity of the content of the text refers to the original text written entirely in Spanish, which can be found on our website in the Spanish language section under the legal text section.

This legal text gives you details of how we collect and process your personal data through the use of our website, including any information you may provide to us through the site when you purchase a product, register for our newsletter or provide your data through the form provided for this purpose.

When providing us with the data, we inform you that our services are not possible for those people who the regulations prevent them from giving consent, so when you send us the forms you guarantee that you have sufficient capacity to grant consent.

Below we inform you about the data protection policy of: Hebes Code SL


1.Responsible for processing.

Contact details of the person in charge:

Hebes Code SL, with CIF: B67972729 and address: Calle Santa Ana 1, Marbella Málaga. Email:

Registro Mercantil de Málaga T 6147, L 5054, F 198, S 8, H MA166266, I/A 1 (22.03.22)

Hebes Code SL, is responsible for your data. (Hereinafter we or ours).


2.What data do we collect?

The General Data Protection Regulation defines personal data as any information about an identified or identifiable natural person, that is any information capable of identifying a person. This would not include anonymous or percentage data.

Personal data that may be collected directly from the data subject will be treated confidentially and will be incorporated into the corresponding processing activities, owned by Hebes Code SL.

On our website we may process certain types of personal data, which may include:

  • Identity data: name, surname and username.
  • Contact details: email, telephone and address.

We do not collect any data relating to special categories of personal data (those disclosing your ethnic or racial origin, political opinions, religious or philosophical convictions, trade union membership and health information, genetic or biometric data).

If you are requested to collect personal data by law or according to the terms of contract between us and refuse to provide them to us, we may not be able to perform such contract or provide the service, and you must inform us in advance.


3.How do we collect your personal data?

The means we use to collect personal data are:

  • Through the form on our website, through our contact email, by phone or post, when:

          ○ Request information about our products

          ○ Contract the provision of our products

          ○ Subscribe to any of our services or publications

To ensure the quality of our portal, we reserve the right to reject any registration request or to suspend or cancel a previously accepted registration if we understand that it does not meet these requirements or any other law or regulation. If this happens, we will try to explain the reasons for our decision, but we cannot commit ourselves to doing so in all cases.

  • Through technology or automated interactions: On our site we may automatically collect technical data about your equipment, browsing actions and usage patterns. This data is collected through cookies or similar technologies. If you want to expand the information, you can consult our cookie policy here (link)
  • Through third parties:

         ○ Google: analytical data or search data. Outside the European Union.


4.Purpose and legitimacy for the use of your data.

The most common uses of your personal data are:

  • For the conclusion of a contract between Hebes Code SL and you.
  • When you consent to the processing of your data.
  • When we need them to comply with a legal or regulatory obligation.
  • When necessary for our legitimate interest or a third party.

The User may revoke the consent given at any time by sending an email to or by consulting the section on exercising rights later. Below we attach a table in which you can consult the ways in which we will use your personal data and the legitimacy for its use, in addition to knowing what kind of personal data we will treat. We may process some personal data for some additional legal reason, so if you need details about it you can send an email to 




Legitimacy for its treatment

Contact us

The purpose is to manage contacts and requests for information received via web

• Name

• Email

• Phone

Consent of the data subject (art. 6.1.a GDPR)

Pre-contractual measures (art. 6.1.b GDPR)

Processing is necessary for the satisfaction of legitimate interests pursued by the data controller (art. 6.1f GDPR)


The purpose is to manage the data provided to send information about our services and promotions

• Email 
• Name

Consent of the data subject (art. 6.1.a GDPR)

Pre-contractual measures (art. 6.1.b GDPR)

Processing is necessary for the satisfaction of legitimate interests pursued by the data controller (art. 6.1f GDPR)

Create an account 

The purpose is to create an account

• Name

• Surname

• Email

Consent of the data subject (art. 6.1.a GDPR)

Pre-contractual measures (art. 6.1.b GDPR)

Processing is necessary for the satisfaction of legitimate interests pursued by the controller (art. 6.1f GDPR)

Place an order

The purpose is to place an order

• Name

• Surname

• Email

• Phone

• Address

Consent of the data subject (art. 6.1.a GDPR)

Processing necessary for the fulfilment of a legal obligation applicable to the data controller (art. 6.1.c GDPR)

Treatment necessary for the performance of a contract to which the data subject is a party or for the application of pre-contractual measures at the request of the data subject (art. 6.1b GDPR)

Processing is necessary for the satisfaction of legitimate interests pursued by the controller (art. 6.1f GDPR)

Commercial communications: You will only receive communications if

You asked us for information or contracted with us for a product or service.

If you provided us with your data, accepting the box enabled about it in our form.

Provided he has not indicated his willingness to stop receiving such communications.

We obtain your express consent before sending you any communication, and may request at any time that we stop sending you communications in the email

When you choose to stop receiving our communications, your personal data will continue to be stored as a result of the contracting made by you in order to comply with legal requirements.

Purpose: we will only use your data for the purposes for which we collect it, unless we reasonably consider that we should use it for another reason, notifying you in advance so that you are informed of the legal reason for its processing and provided that the purpose is compatible with the original purpose.


5.How long will we keep your data?

They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and the processing of the data. The provisions of the different regulations with respect to the duration of conservation shall apply, insofar as they apply to this treatment.

Subscriber data by e-mail or form: From when the user subscribes to unsubscribe.



Hebes Code SL does not authorize children/ girls under 14 to provide their personal data through the means enabled on this website (filling in the web forms for requesting services, contact or by sending emails). Therefore, persons who provide personal data using such means formally state that they are over 14 years of age and Hebes Code SL is exempt from any liability for non-compliance with this requirement.

f your child under the age limit has provided personal information to Hebes Code SL, please contact us to request the exercise of your applicable rights.

In those cases where the services offered by Hebes Code SL are intended for children under 14 years of age, the means to obtain the authorization of the parents or legal guardians of the child shall be provided.


7.Exercising Data Protection Rights:

How to exercise these rights? Users may send a communication to the registered office of Hebes Code SL or e-mail address, including in both cases a photocopy of their D.N.I or other similar identification document, to request the exercise of the following rights:

  • Access to your personal data: you can ask Hebes Code SL if you are using your personal data.
  • To request their rectification, if they were not correct, or to exercise the right to be forgotten with respect to them.
  • To request limitation of processing, in this case, will only be retained by Hebes Code SL for the exercise or defense of claims
  • To object to their processing: Hebes Code SL will allow the processing of the data in the manner indicated to us, unless for legitimate reasons or for the exercise or defense of possible claims, these should continue to be treated.
  • To data portability: in case you want your data to be processed by another firm, Hebes Code SL, will facilitate the portability of your data to the new controller.

You can use the models made available by the Spanish Data Protection Agency, to exercise your previous rights: Here

Complain to the AEPD: if you think there is a problem with the way in which Hebes Code SL is processing your data, You can address your complaints to the corresponding supervisory authority, being in Spain, the competent for this: Spanish Data Protection Agency.

We will ask you for specific information to help us confirm your identity and guarantee your right to access your personal data (or exercise any of the rights mentioned above). This is a security measure to ensure that personal data is not disclosed to anyone who is not entitled to receive it.

All applications will be settled within one month. However, it may take more than a month if your request is particularly complex. In this case, we will notify you and keep you updated.


8.Data communication: provision of services.

It is possible that, in the performance of our work, we need the help of third parties, that they only processed the data to provide the contracted service, and with which we have the corresponding measures to guarantee their rights:

  • Service providers providing systems administration and information technology services.
  • Professional advisors including lawyers, auditors and insurers who provide banking consulting services, legal, insurance and accounting

All data processors to whom we transfer your data will respect the security of your personal data and treat it in accordance with the GDPR.

We only allow such processors to process your data for specified purposes and in accordance with our instructions. However, you can ask us, in compliance with transparency, a list of who are these companies that provide services to us, you can do so to the email: 


9.Data Security.

We have implemented appropriate security measures to prevent your personal data from being lost accidentally, used or accessed unauthorized, modified or disclosed. In addition, we limit access to your personal data to those employees, contracting agents and other third parties who have a commercial need to know such data. They will only process your personal data according to our instructions and will be subject to a duty of confidentiality.

We have implemented procedures to deal with any suspected violation of your personal data and will notify you and the Supervisory Authority in the event of a security breach, as regulated in Articles 33 and 34 of the GDPR.