top of page

Privacy Policy

Identification

Data Controller: ONE PLATE FUTURE S.L.
Tax ID (CIF): B23958846
Address: Calle Jazmín, 20
City: Las Rozas de Madrid
Postal Code: 28231
Province: Madrid
Country: Spain
Email: platolimpio@netopositivo.es

Information and Consent

By accepting this Privacy Policy, the user is informed and gives free, specific, and informed consent for the personal data provided through our websites (hereinafter, the “Website”) and any additional data provided by other means or in the future, to be processed by ONE PLATE FUTURE S.L., hereinafter referred to as the CONTROLLER.

Obligation to Provide Data

The data requested in the Website forms are mandatory unless otherwise stated in the corresponding field. Failure to provide such data or providing them incorrectly will make it impossible to fulfill the user’s request.

The user may freely browse the content of the Website if they accept the use of cookies. Otherwise, they may be invited to leave the site or, where applicable, to browse cookie-free content only.

Purpose and Legal Basis for Processing Personal Data

The personal data provided through the Website will be processed by the CONTROLLER for the following purposes:

1. Contractual purposes

To comply with agreements for the supply of products or services that you contract with us and to execute them under the stated conditions. This also includes the establishment of employment or professional agreements.
Legal basis: GDPR Article 6(1)(b): processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.

2. Commercial communication and information based on consent

To send promotional communications, product information, updates, invitations to events, and activities. Express consent is requested and may be withdrawn easily at any time.
Legal basis: GDPR Article 6(1)(a): the data subject has given consent to the processing of their personal data for one or more specific purposes.

3. Newsletter subscription

To manage the subscription and/or cancellation of the Newsletter through the channel provided on the CONTROLLER’s Website.
Legal basis: GDPR Article 6(1)(a): consent of the data subject.

4. Contact forms

To manage user contact and information requests through the channels provided on the CONTROLLER’s websites and respond to the inquiries submitted.
Legal basis: GDPR Article 6(1)(f): processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, provided such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.

5. Browsing data

To analyze website usage and assess user preferences and behavior.
Legal basis: GDPR Article 6(1)(f): legitimate interest as above.

Categories of Data Processed

Depending on the user’s request or interaction, the CONTROLLER may process the following categories of personal data:

  • Personal characteristics: marital status; family data; date/place of birth; age; gender; nationality; mother tongue.

  • Social circumstances: housing conditions; family situation; hobbies and lifestyle; membership in clubs or associations; licenses and authorizations.

  • Academic and professional data: education; qualifications; student record; professional experience; professional memberships.

  • Employment details: profession; job positions; non-financial payroll data; employment history.

  • Commercial information: business activities; commercial licenses; subscriptions; artistic, literary, scientific, or technical works.

  • Economic, financial, and insurance data: income; earnings.

  • Goods and services transactions: goods and services provided by the data subject.

  • Browsing data.

  • User identification codes or credentials.

Recipients of Personal Data

Depending on the relationship established and with the user’s authorization, data may be communicated to:

  • Organizations or individuals directly related to the CONTROLLER.

  • Social security authorities.

  • Tax administration authorities.

  • Banks, savings banks, or rural credit institutions.

  • Insurance entities.

International Data Transfers

We inform you that your data will not be transferred internationally without your prior consent.

Data Retention Periods

a. Contractual purposes:
Data will be kept for the duration of the contract and, thereafter, for the statutory limitation period of any legal actions that may arise.

b. Commercial communications:
Data will be retained until consent is revoked.

c. Newsletter subscriptions:
Data will be retained until consent is revoked.

d. Contact forms:
Data will be retained until consent is revoked, during the term of the requested service, and subsequently for the limitation period of potential legal actions.

e. Browsing data:
Data will be retained until consent is revoked.

User Responsibility

The user guarantees that they are of legal age and that the data provided to the CONTROLLER are true, accurate, and up to date. The user shall keep such data properly updated.

The user guarantees that they have informed any third parties whose data they provide of the contents of this document and that they have obtained the necessary authorization to provide such data to the CONTROLLER.

The user shall be responsible for any false or inaccurate information provided and for any direct or indirect damages caused to the CONTROLLER or third parties as a result.

Exercise of Rights

The user may contact the CONTROLLER at the postal or email address indicated at the beginning of this Policy, attaching a copy of their ID or equivalent document, at any time and free of charge, to:

  • Revoke previously granted consent.

  • Obtain confirmation of whether personal data concerning them are being processed.

  • Access their personal data.

  • Rectify inaccurate or incomplete data.

  • Request erasure of data when, among other reasons, they are no longer necessary for the purposes collected.

  • Request restriction of processing when conditions set forth in data protection law are met.

  • Request data portability in the cases provided for by law.

  • File a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos) at Calle Jorge Juan, 6, 28001 Madrid, if they believe that their data have not been processed in accordance with the law.

Security Measures

The CONTROLLER will process user data confidentially at all times and will comply with the duty of secrecy, as provided in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

Appropriate technical and organizational measures have been adopted to ensure the security of the data and prevent alteration, loss, unauthorized processing, or access, taking into account the state of technology, the nature of the stored data, and the risks to which they are exposed.

Date: 20 October 2025

bottom of page