Privacy Policy

EU GDPR-focused privacy notice for customers in Spain. This page explains how AutoCare Spain handles personal data.

Effective: 2026-06-02 Version: 1.0

Who we are

AutoCare Spain is the data controller for the personal data described in this Privacy Policy.

Address

Calle de Alcalá 123, 28009 Madrid, Spain
Contact

[email protected]

+34 911 23 45 67

If we ever appoint a Data Protection Officer (DPO), this page will be updated with their contact details.

Scope & key definitions

This Privacy Policy applies to interactions with AutoCare Spain in Spain, including appointment requests, customer communications, and use of our website at quantlane.click.

Personal data: any information that identifies you directly or indirectly (e.g., name, email, phone number).
Processing: anything we do with personal data (collecting, storing, using, sharing, deleting).
Controller: the entity deciding why and how data is processed (AutoCare Spain).

Data we collect

We collect only the data needed to provide automotive services, manage bookings, and keep the website working.

Contact details

Name, email address, phone number, preferred contact method.
Vehicle information

Make, model, registration/plate, and VIN only when you provide it.
Service & billing details

Service history, parts used, invoices/receipts (including IVA where applicable).
Website usage data

Device and usage data via cookies or similar technologies, if you consent where required.

We do not intentionally collect sensitive categories of data (special categories under GDPR). Please avoid sharing them in free-text fields.

Legal bases for processing (GDPR)

Contract / pre-contract steps

To schedule and deliver services you request, confirm appointments, and communicate about your vehicle.
Legal obligation

To comply with Spanish/EU accounting, tax, and consumer protection rules (e.g., recordkeeping for invoices).
Legitimate interests

To keep our services secure, prevent fraud, and improve our operations (balanced against your rights).
Consent

For non-essential cookies and similar technologies, and for optional marketing where applicable. You can withdraw consent anytime.

How we use personal data

We use personal data to provide services, communicate with you, and comply with legal requirements. We do not sell your personal data.

To respond to inquiries and provide quotes.
To confirm bookings, send reminders, and coordinate service logistics.
To perform repairs/maintenance and keep service records.
To issue invoices/receipts and manage payments (including IVA where applicable).
To maintain website functionality and improve user experience (subject to consent where required).
To detect and prevent abuse, misuse, and security incidents.

Cookies & similar technologies

We use cookies to ensure the site works properly, remember preferences (like theme), and—only if you consent—help us understand how the site is used.

Essential cookies

Required for core features, security, and basic preferences. These cannot be disabled via the banner.

Optional analytics

Used only if you accept optional cookies. You can change your choice anytime below.

Cookie preferences

Current status: Unknown

Note: If optional cookies are rejected, we will still store a small preference value to remember your choice and avoid repeatedly showing the banner.

Who we share data with

We share personal data only when necessary and with appropriate safeguards.

Service providers (e.g., hosting, email delivery, tooling) acting as processors under GDPR, bound by confidentiality and data protection obligations.
Professional advisers (e.g., accountants) where needed for legal compliance.
Authorities where we are required by law, court order, or valid governmental request.

How long we keep data

We keep personal data only as long as necessary for the purposes described above, including legal and accounting requirements in Spain.

Customer communications: retained for a reasonable time to handle follow-ups and support requests.
Service records and invoices: retained according to applicable legal obligations (including tax and accounting rules).
Cookie preferences: stored until you reset your choice or clear browser storage.

Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, alteration, loss, or misuse. However, no method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

Access controls and least-privilege approach where feasible.
Operational monitoring and incident response procedures.
Data minimization and retention controls.

Your rights under GDPR

Depending on your circumstances, you may have the right to:

Access
Request a copy of your personal data.
Rectification
Correct inaccurate or incomplete data.
Erasure
Request deletion in certain cases.
Restriction
Limit processing in certain cases.
Portability
Receive data in a commonly used format.
Objection
Object to processing based on legitimate interests.

Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

How to make a privacy request

Send your request to [email protected] and include enough information to verify your identity. We typically respond within 30 days.

You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) if you believe your data protection rights have been infringed.

International data transfers

If we use service providers located outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place, such as an adequacy decision or Standard Contractual Clauses (SCCs), as required by GDPR.

Children

Our services and website are not directed to children. If you believe a child has provided us with personal data, please contact us so we can take appropriate steps.