🇪🇸 nieasy/Spanish Bureaucracy Easy
Book a call →

Privacy Policy

We take privacy seriously. Here's a clear, plain-language explanation of how we handle your data.

Last updated: February 16, 2026

This Privacy and Cookie Policy explains how NIEasy (Didier Dirks, Calle Francisco Salas 5 3D, 28039 Madrid, España) collects, uses, stores, and protects your personal data when you visit our website or use our services. We've written this to be readable — not to bury the important parts in legal language. If you use our services, you agree to the practices described here.

01

Who is responsible for your data?

Business nameNIEasy
ControllerDidier Dirks
AddressCalle Francisco Salas 5 3D, 28039 Madrid, España
Emailhello@nieasy.es
02

What data do we collect?

Depending on how you interact with NIEasy, we may collect the following:

TypeWhat it includes
Identity dataYour name, nationality, passport or ID number, and address
Application documentsAdministrative documents needed to process your request
Payment dataBilling details for invoicing and payment processing (we do not store card numbers)
Communication dataEmails, support messages, and any other correspondence with us
Technical dataIP address, browser type, device information, and cookie identifiers collected when you visit our website

We only collect what we actually need. We don't ask for more than necessary.

03

Why do we use your data?

We use your personal data for the following reasons:

PurposeDetails
Delivering our serviceProcessing your application, booking your appointment, and coordinating your case
BillingIssuing invoices and processing payments
Customer supportResponding to your questions and resolving any issues
CommunicationsSending updates — only if you've explicitly opted in
Website improvementUnderstanding how people use the site so we can make it better
Legal complianceMeeting applicable tax, accounting, and regulatory obligations

The legal basis for processing is either performance of a contract, compliance with a legal obligation, or — where required — your explicit consent.

04

How long do we keep your data?

We don't hold on to data longer than necessary:

Data typeRetention period
Service and contract dataUp to 10 years, as required by Spanish tax and accounting law
Marketing and communication dataUntil you withdraw your consent or unsubscribe
Technical and analytics dataUp to 2 years

Once the retention period ends, your data is securely deleted or anonymised.

05

Who do we share your data with?

We share data only when necessary and only with parties we trust:

RecipientWhy
Service providersTools we use to operate the business (hosting, payment processing, email infrastructure). All are bound by GDPR-compliant data processing agreements.
Spanish authoritiesWhere legally required, such as when submitting an application on your behalf
Professional advisorsLawyers or accountants, under strict confidentiality obligations

We never sell your personal data. Full stop.

06

Data transfers outside the EU

Some of the tools we use may process data outside the European Economic Area (EEA). Where that happens, we make sure appropriate safeguards are in place — typically EU Standard Contractual Clauses — so your data is protected to the same standard it would be within the EU.

07

How do we protect your data?

We take security seriously. Measures we have in place include:

  • SSL/TLS encryption on all data in transit
  • Strict access controls — only authorised team members can access customer data
  • Regular security reviews of our systems and third-party tools
  • No storage of raw payment card data on our systems

No system is completely risk-free, but we do everything reasonable to keep your data safe.

08

Your rights under GDPR

As someone whose data we process, you have real rights — not just theoretical ones. Under GDPR, you can:

  • Access
  • Rectification
  • Erasure ("right to be forgotten")
  • Restriction of processing
  • Objection
  • Data portability
  • Withdrawal of consent

To understand what each of these means in practice, see section 09 or email us directly. Withdrawing consent doesn't affect anything we processed lawfully before you withdrew it.

09

How to exercise your rights

Just email us at hello@nieasy.es with your request. We'll respond within one month. We may ask you to verify your identity first — not to make things difficult, but to make sure we're not handing your data to someone else by mistake.

10

Something gone wrong? You can complain.

If you feel we've mishandled your data or haven't respected your rights, you're entitled to file a complaint with Spain's data protection authority: the Agencia Española de Protección de Datos (AEPD), at www.aepd.es. We'd obviously prefer you come to us first — but the choice is yours.

11

Updates to this policy

We'll update this page if our practices change or the law requires it. When we do, we'll update the "last updated" date at the top. If anything changes significantly, we'll make an effort to let active customers know directly. We won't bury important changes in fine print.

12

Cookies

Cookies are small files stored on your device when you visit a website. They help us keep things working and understand how the site is being used. Here's what we use:

NecessaryCore functionality — the site doesn't work properly without these. No consent required.
FunctionalRemember things like your language or preferences so you don't have to set them every time.
AnalyticsHelp us understand which pages people visit and how they navigate the site. Only set with your consent.
MarketingUsed for targeted advertising. We only set these if you've explicitly said yes.

You can change or withdraw your cookie preferences at any time through your browser settings or by contacting us.

✉️

Questions about your data?

Our team is happy to help with any privacy-related questions or requests.

Contact us →