Online Privacy Policy
Fruton Fire Consulting S.L.
Last Updated: April 27, 2026
This Privacy Policy explains how Fruton Fire Consulting S.L. ("Company", "we", "us") collects, uses, and protects your personal data when you use www.donfruton.com (the "Site") and our products and services.
1. DATA CONTROLLER
Fruton Fire Consulting S.L. is the data controller responsible for your personal data.
Address: Calle Juanelo 11, 28012 Madrid, Spain
Email: [email protected]
2. PERSONAL DATA WE COLLECT
We may collect the following categories of personal data:
a) Information you provide directly
• Name
• Email address
• Billing information
• Account login details
• Any information you provide when contacting us
b) Information collected automatically
We collect certain data automatically when you use the Site, including via cookies, server logs, and analytics tools (see Section 9). This includes:
• IP address
• Device and browser information
• Usage data (pages visited, interactions, time spent)
c) Payment information
Payments are processed by third-party providers (e.g. Stripe). We do not store full payment card details.
3. PURPOSES AND LEGAL BASIS
We process your personal data for the following purposes:
a) To provide our services (legal basis: contract)
• Create and manage your account
• Provide access to purchased courses
• Process payments
b) To communicate with you (legal basis: contract / legitimate interest)
• Respond to inquiries
• Provide service-related updates
c) Marketing communications (legal basis: consent)
• Send emails about products, offers, and updates
• You may unsubscribe at any time
d) To improve our services (legal basis: legitimate interest)
• Analyse usage
• Improve content, user experience, and performance
e) Legal obligations
• Comply with tax, accounting, and legal requirements
f) Automated decision-making and profiling
We do not use automated decision-making or profiling that produces legal or similarly significant effects on you, as described in Article 22 of the GDPR.
4. DATA RETENTION
We retain personal data only as long as necessary:
• Account data: while your account is active
• Purchase data: retained for a minimum of 5 years as required under Spanish commercial law (Código de Comercio) and 4 years under Spanish tax law, or longer where required by applicable law
• Marketing data: until you unsubscribe or withdraw consent
We may retain certain data longer where required by law or to resolve disputes.
5. DATA SHARING AND SERVICE PROVIDERS
We do not sell your personal data.
We may share your personal data with trusted third-party service providers that help us operate our business and deliver our services, including:
• GoHighLevel (CRM, website, funnels, communications, customer management)
• Payment processors (e.g. Stripe)
• Email and communication tools
• Hosting and infrastructure providers
• Analytics providers
These providers process personal data on our behalf and only as necessary to provide their services to us, under appropriate data protection agreements.
We ensure appropriate data processing agreements are in place with relevant third-party processors where required, in accordance with Article 28 of the GDPR.
6. INTERNATIONAL TRANSFERS
Some of our service providers, including GoHighLevel, may process personal data outside the European Economic Area (EEA) or the United Kingdom, including in the United States. We have removed the reference to Switzerland as we do not actively target Swiss residents; if this changes, this Policy will be updated accordingly.
Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and Data Processing Agreements.
For transfers from the EU to the UK, we rely on the European Commission’s adequacy decision for the UK. For transfers to the United States, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission.
7. YOUR RIGHTS
EU/EEA Users (GDPR)
If you are located in the EU/EEA, you have the right to:
• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Restrict or object to processing
• Request data portability
• Withdraw consent at any time (for marketing)
To exercise your rights, contact: [email protected]. We will respond to your request within 30 days of receipt. In complex or high-volume cases, we may extend this period by a further 2 months, in which case we will notify you within the initial 30-day period.
You also have the right to lodge a complaint with your local data protection authority. As a company based in Spain, our lead supervisory authority is the Agencia Española de Protección de Datos (AEPD) — www.aepd.es.
UK Users (UK GDPR)
If you are located in the United Kingdom, you have the same rights as listed above under the UK GDPR and the Data Protection Act 2018. To exercise your rights, contact: [email protected].
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) — www.ico.org.uk.
8. US PRIVACY RIGHTS (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
• Know what personal data we collect and how it is used
• Request deletion of your personal data
• Know the categories of third parties with whom we share your data
• Opt out of the “sale” or “sharing” of your personal information (including sharing for cross-context behavioural advertising purposes). We do not sell your personal information. If we use any advertising or retargeting tools (such as Meta), these may constitute “sharing” under CPRA and you may opt out via our cookie settings.
• Correct inaccurate personal information we hold about you (new right under CPRA)
• Limit the use of sensitive personal information (new right under CPRA)
We do not sell your personal data.
To exercise your rights, contact: [email protected]
9. COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar technologies on the Site. Where required by law (e.g. in the EU/EEA and UK), non-essential cookies are used only with your consent via our cookie banner.
You can manage or withdraw your consent at any time through the cookie settings tool or your browser settings.
Categories of cookies we use
The following describes the categories of cookies used on the Site:
• Strictly necessary cookies: These cookies are required for the Site to function properly and cannot be disabled via our systems
• Analytics cookies: Used to understand how visitors interact with the Site (e.g. via analytics tools). These are only set with your consent in the EU/EEA and UK.
• Marketing/tracking cookies: Used to deliver relevant advertising and measure campaign performance. If used, these are only set with your consent.
A full list of the specific cookies used, their duration, and the parties setting them is available in our cookie settings tool.
10. DATA SECURITY
We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse.
While we take your data security seriously, no system can guarantee absolute security. We recommend you also take steps to protect your account, such as using a strong password and not sharing your login credentials.
Access to personal data is restricted to authorized personnel and service providers who require it for business purposes.
11. THIRD-PARTY LINKS
The Site may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to review their privacy policies.
12. CHILDREN
Our services are not intended for children under 13. We do not knowingly collect personal data from children under 13.
If you believe a child under 13 has provided us with personal data, please contact us at [email protected] and we will delete it promptly.
13. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. Where changes are material, we will provide reasonable notice via email or on the Site.
© 2026 Fruton Fire Consulting S.L. All rights reserved.