Privacy Policy Pannl Inc.
Effective Date: August 05, 2025.
This Privacy Policy ("Policy") describes how Pannl Inc., registered office Carrer Carreters 49, 03130 Santa Pola (Alicante), Spain ("Company", "we"), collects, uses, stores and otherwise processes personal data of website users https://pannlinc.com/ (the "Site") in compliance with the EU General Data Protection Regulation 2016/679 (GDPR) and applicable Spanish law. The Policy is designed to comply with the requirements of Articles 12-14 of the GDPR on transparency and informing data subjects gdpr.eu.
1. Who we are and how to contact us
Pannl Inc. owns and operates the Site and acts as the controller of personal data. Contact Information:
- Legal address: Carrer Carreters 49, 03130 Santa Pola (Alicante), Spain.
- Email: info@pannlinc.com.
- Phone: are listed on the "Contact Us" page of our Website.
- Representative to the EU: is not required as the company is registered in Spain.
- Data Protection Officer: No appointment has been made at this time; any questions about data processing should be directed to info@pannlinc.com.
2. What data we collect
GDPR requires organizations to inform users about the data collected and the purposes for which it is being processedgdpr.eu. We collect the following categories of data:
- Enrollment Data. When you create an account, you enter your e-mail address or nickname and set a password. You can add a name, avatar, and other information to your profile if you wish.
- Contact information. If you contact us via feedback form, email, WhatsApp or Telegram, we receive your name and contact details (email, WhatsApp number or Telegram nickname) and the content of your request.
- Technical data and IP addresses. Each time you visit the Site, the system automatically records your IP address, browser type and version, language settings, date and time of visit and page movement. This data is used for security, administration and statistics.
- Cookies and similar technologies. We use cookies to recognize registered users, ensure security and improve the site. Some cookies are set by our partner Google Analytics to analyze traffic; we have enabled IP anonymization and configured data storage within the EU. The use of non-mandatory cookies requires explicit, informed consent from users secureprivacy.ai.
We do not collect special categories of data (racial or ethnic origin, political opinions, religious beliefs, health status, etc.) and we do not process payment transaction data as the site does not conduct e-commerce.
3. How we collect data
The data comes directly from you when you:
- create an account and fill out a profile;
- fill out a feedback form or send an e-mail;
- interact with the site (registration, login, navigation) when technical data and cookies are automatically collected;
- participate in our projects by providing additional information.
The IP address and user-agent are also recorded by the system to protect against spam and abuse. We do not receive data from third-party sources, except for analytical data from Google Analytics, which is anonymized and used for statistics.
4. Objectives and legal grounds for processing
According to Articles 13 and 14 GDPR, the privacy policy must explain the purpose of the processing and the legal basis for it gdpr.eu. Our goals and foundations:
| Purpose | Data categories | Legal basis |
|---|---|---|
| Registering and managing an account | login details, IP address | fulfillment of the contract with the user (Art. 6 (1) (b) GDPR) |
| User communication and support | contact details, content of requests | legitimate interest to respond and communicate (Art. 6 (1) (f) GDPR) |
| Sending service and information notifications | contact details, account information | fulfillment of a contract (service change notifications), or a legitimate interest to inform users; marketing notifications are sent if consent is given (Art. 6 (1) (a) GDPR) |
| Analytics and site improvement | cookies, technical data | legitimate interest to analyze the use of the website and improve the functionality (Art. 6 (1) (f) GDPR) in view of obtaining your consent to non-mandatory cookies |
| Ensuring security and preventing abuse | IP address, log data | legitimate interest to ensure the integrity and security of the website and accounts (Art. 6 (1) (f) GDPR) |
We do not make automated decisions that have legal implications or materially affect users.
5. Cookies and Google Analytics
A cookie is a small file stored on your device. We use:
- Functional Cookies, required for account login, session storage, security, and personalization; they are set automatically and do not require consent.
- Analytic Cookies (Google Analytics). They help to evaluate user attendance and behavior. We have activated the IP anonymization feature and have chosen to store analytics data in EU data centers. These cookies are only set after the user has given explicit consent via a banner. According to the 2025 requirements, consent must be free, specific and informed secureprivacy.ai.
- Marketing Notices. In the future, we may use cookies or similar technologies to send marketing messages, but only after obtaining your explicit consent.
You can change your preferences at any time in the cookies settings on the site. Refusing analytical cookies will not affect the functionality of the site.
6. Who we share data with
We do not sell or share your personal data with outside companies for their own purposes. Access to the data is restricted to:
- Hosting and technical support providers, maintaining our servers in the EU;
- Google Analyticswhich receives anonymized data for traffic analysis. IP addresses are anonymized and stored in the EU; we do not share any identifying data;
- Mailing list service, if we start sending notifications (email or messengers). The information transmitted is limited to your email address or messenger nickname and the content of the message;
- Government agencies, if required by law or court order.
We do not provide for the transfer of personal data outside the EEA; all our service providers (including Google Analytics) are configured to process data in Europe. Where cross-border transfers are necessary, we will ensure an appropriate level of protection through standard contractual clauses or other mechanism provided by the GDPR.
7. Data storage and security
We take technical and organizational measures to protect data: use of HTTPS protocol, authorization systems, access differentiation, backup and monitoring. All data is stored on servers located in the EU.
Shelf life:
- Account details - while the account is active. Once the account is deleted, the data is deleted or anonymized for 30 days, unless otherwise required by law.
- Log and IP address data - up to 12 months for security purposes.
- Contact references - up to 24 months after the correspondence is completed to be able to track the history of the requests.
- Marketing and analytical data - until you revoke your consent or until the end of the period set in your cookie settings.
8. User rights
European law provides data subjects with a number of rights: the right to information, access, rectification, erasure, restriction of processing, opposition, data portability and the right not to be subject to automated decisions edpb.europa.eu. We ensure that these rights are realized:
- Right to Information. You have the right to know what data we collect and for what purpose edpb.europa.eu.
- Right of Access. You can request a copy of your data.
- The right to be corrected. You have the right to correct inaccurate or incomplete information.
- Right of removal. You can request the deletion of your data if there is no legitimate reason for further processing.
- The right to limit processing. You can request that data processing be temporarily stopped.
- Right to Objection. You may object to processing based on legitimate interest.
- The right to portability. You can get your data in machine-readable format.
- The right not to be subjected to decisions based on automated processing. We don't make those decisions.
To exercise your rights, send a request to info@pannlinc.com. We're obligated to respond within a month edpb.europa.euIn complex cases, this period may be extended for a further two months with prior notification.
9. Withdrawal of consent and notification
If we send you service notices (such as registration confirmation or security notices), these notices are contractually based and do not require additional consent. We will only send marketing notices (mailings, offers) if we have your consent. You can withdraw your consent at any time by clicking the unsubscribe link in the email or by writing to info@pannlinc.com; the revocation does not affect the legality of earlier processing.
10. Children's privacy
Our site is aimed at an adult audience and is not intended for anyone under the age of 18. We do not knowingly allow children to register or collect data from minors. If you become aware that a child has provided us with data, please let us know and we will promptly delete the information.
11. policy changes
We periodically review this Policy and update it if there are changes in our business, legislation or technology. An updated version will be posted on the https://pannlinc.com/privacy-policy/The effective date will be changed. If the changes materially affect your rights, we will give you further notice (either by email or via a notice on the website). In line with ICO guidance, you should receive updated information in a timely manner ico.org.uk.
12. Supervisory body and feedback
If you have questions about this Policy or believe that we are violating your rights, please contact us at info@pannlinc.com. You can also file a complaint with the national data protection authority. For Spain, this is Agencia Española de Protección de Datos (AEPD)Calle de Jorge Juan 6, 28001 Madrid (https://www.aepd.es). You also have the right to contact the local data protection authority in the state where you reside in the EU.
