Privacy Policy

1. Data Controller

GlobalText Translate S.L., CIF B-30567890, C. Rosario, 45, 30009 Murcia, Spain. hello@globaltexttranslate.com. +34 647 443 905.

2. Legal Framework

This privacy policy complies with GDPR (EU 2016/679), the Spanish LOPDGDD (Ley Organica 3/2018 de Proteccion de Datos Personales), and the guidelines of the AEPD (Agencia Espanola de Proteccion de Datos).

3. Data We Collect

Contact information submitted through forms: name, email, phone number, company name. Documents submitted for translation quotation or translation work. Payment information processed securely through Stripe (PCI DSS Level 1 compliant). Website analytics via Plausible Analytics (cookieless, fully GDPR-compliant, no personal data collected).

4. Document Confidentiality

All documents submitted for translation are treated as strictly confidential. Access is restricted to the assigned translator and project manager only. All translators and staff sign NDAs. Documents are encrypted in transit (TLS 1.3) and at rest (AES-256). Client documents are permanently deleted 30 days after project completion unless longer retention is specifically requested in writing.

5. Legal Basis for Processing

Contact forms and quote requests: legitimate interest in responding to business inquiries (Art. 6(1)(f) GDPR). Translation service delivery: contractual necessity (Art. 6(1)(b) GDPR). Invoicing and tax records: legal obligation under Spanish tax law (Art. 6(1)(c) GDPR).

6. Data Retention Periods

Contact form submissions: 12 months. Active project files: duration of engagement plus 30 days. Translation memories and glossaries: duration of client relationship (these belong to the client and are returned or deleted upon request). Invoices and financial records: 6 years as required by Spanish tax legislation (Ley General Tributaria).

7. Your Rights Under GDPR

You have the right to: access your data (Art. 15), rectify inaccurate data (Art. 16), request erasure (Art. 17), restrict processing (Art. 18), data portability (Art. 20), and object to processing (Art. 21). To exercise any of these rights, email hello@globaltexttranslate.com. We respond within 30 days. You may also lodge a complaint with the AEPD at www.aepd.es.

8. International Data Transfers

We use Stripe (US, with EU Standard Contractual Clauses), Google Workspace (EU data region selected), and Memsource/Phrase (EU-based). All transfers comply with GDPR Chapter V requirements.

9. Security Measures

HTTPS encryption on all pages. Two-factor authentication on all team accounts and systems. NDA signed by every translator and staff member. 72-hour breach notification as required by GDPR Art. 33.

Last updated: April 2026.