crudi.eu

Privacy Policy

Last updated: June 2026

At crudi.eu, we are deeply committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how your personal information is collected, processed, and stored in accordance with the European General Data Protection Regulation (GDPR) and the Spanish Organic Law 3/2018 (LOPDGDD).

This policy applies to crudi.eu and its associated domains: crudi.cat, crudi.es, crudiraw.com, mediterrawnean.com, and ibixa.com (hereinafter, “the Websites”).

1. Data Controller

The legally responsible entity for treating your personal data collected through the Websites is:

  • Data Controller: Enric de Clascà Subirà
  • Contact Emails: enric@crudi.eu & enricdcis@icloud.com

2. What Personal Data We Collect

We only collect data that is strictly necessary to provide our services, fulfill contractual obligations, or respond to your inquiries. This includes:

  • Identity & Contact Data: Name, surname, and email address (collected via contact forms or direct email inquiries).
  • Billing & Transaction Data: If you purchase services, digital music, or books directly through us, we collect billing details (name, address, payment details).
  • Technical & Usage Data: IP address, browser type, location, and navigation behavior collected through cookies when you visit our site.

3. Purpose and Legal Basis for Processing

We process your personal data under the following legal frameworks:

  • To provide and manage our services: Fulfilling your bookings for naturopathy consultations, delivering music files, or managing book-related inquiries. (Legal basis: Execution of a contract).
  • To respond to your inquiries: Replying to emails or forms submitted through the Websites. (Legal basis: Your explicit consent).
  • To comply with legal obligations: Managing tax records, invoicing, and preventing fraudulent activities. (Legal basis: Legal compliance with Spanish Tax and Corporate Laws).
  • To improve our web experience: Analyzing traffic and site interactions. (Legal basis: Legitimate interest).

4. Data Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy:

  • Inquiry Data: Kept until your request is resolved, unless a commercial relationship is established.
  • Billing and Accounting Data: Kept for a minimum of 5 years to comply with Spanish tax regulations (Agencia Tributaria).
  • Subscription/Newsletter Data: Kept until you withdraw your consent or unsubscribe.

5. Data Disclosure and Third-Party Services

We do not sell, rent, or lease your personal data to third parties. However, to operate effectively, we share data with trusted third-party service providers who act as data processors:

  • Hosting & Web Infrastructure: Web servers where our sites are hosted.
  • Payment Gateways: Secure third-party processors used for online payments.
  • Embedded Third-Party Features: Our websites feature content and widgets from platforms like SoundCloud, Amazon KDP, Apple Books, and Ditto Music. These external platforms may collect technical metadata or use cookies when you interact with their embedded links or players. We recommend reviewing their respective privacy policies.

6. Your Rights Under GDPR (Data Protection Rights)

As a European citizen, you hold full control over your data. You can exercise the following rights at any time:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request the correction of inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): Request the deletion of your data when it is no longer needed for the purposes it was collected.
  • Right to Restriction of Processing: Request that we temporarily limit the processing of your data under specific circumstances.
  • Right to Data Portability: Request the transfer of your data to another organization in a structured, readable format.
  • Right to Object: Object to the processing of your data based on legitimate interests or direct marketing.

How to Exercise Your Rights:

To exercise any of these rights, please send a written request accompanied by a digital copy of your proof of identity (DNI/Passport) to:

  • Email: enric@crudi.eu or enricdcis@icloud.com

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the competent supervisory authority, which in Spain is the Agencia Española de Protección de Datos (AEPD)at www.aepd.es.

7. Security Measures

We implement rigorous technical and organizational security measures to protect your personal data against unauthorized access, loss, alteration, or disclosure. However, please be aware that no transmission over the internet or electronic storage method can guarantee 100% security.

8. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time to adapt to new legal regulations, jurisprudence, or website updates. Any changes will be published directly on this page with an updated modification date.