Privacy policy

Last update: December 2023

Our Privacy Policy is in accordance with Regulation (EU) 2016/679 General Data Protection of the European Parliament and of the Council, of April 27, 2016.

Our contact details


Paseo de Gracia 110, 2º2ª, 08008, Barcelona, ​​Spain

Phone (+34) 93 207 00 03


Data Protection Delegate

You can contact our Data Protection Delegate at

What do we use personal data for?

The main purpose for which we process personal data is the provision of our services, without prejudice to its use for the following:

Prepare service proposals; Verify documentary background and/or potential conflicts of interest.

Comply with our legal obligations, such as those related to the prevention of money laundering and financing of terrorism.

Improve our services and implement measures for the satisfaction of our customers.

Manage our communication policy and relationship with the media.

Verify compliance with our own compliance policies.

Likewise, we process the data we receive from candidates in current or future selection processes in order to manage said talent recruitment processes.

On what legal bases do we process personal data?

We process personal data provided that at least one of the following conditions is met:

That you have given us your consent, for one or more specific purposes, such as the case of subscribing to newsletters or legal updates.

That it is necessary to provide you with our professional services. That is necessary for the fulfillment of our legal obligations.

Additionally, due to our legitimate interest in disseminating our brand and promoting our firm and services through marketing actions, provided that your interests or fundamental rights and freedoms that require the protection of your personal data do not prevail over said interest.

To which possible recipients can we communicate personal data? The personal data we process can be shared, for example: With the companies that at any time form part of the CRANDON group.

With other law firms or professionals with whom we can collaborate, prior acceptance by the client.

With competent authorities or jurisdictional bodies that require it or by legal obligation.

In cases where it is necessary to transfer personal data to recipients located in countries that do not belong to the EU, or that do not guarantee a level of protection comparable to that derived from Regulation (EU) 2016/679, we do so only in compliance with the requirements legally established.

How long do we keep the data?

We keep personal data for as long as, in each case, we consider necessary to be able to justify and/or be accountable for our management, which may be linked to statutory limitation periods, or the possibility of receiving requirements from competent authorities.

What security measures do we apply?

In order to ensure the security of documentation and communications, we apply technical and organizational measures to guarantee the appropriate level of security in accordance with applicable regulations.

What rights do you have and how to exercise them?

You can request access to your personal data, its rectification or deletion, portability, or the limitation of its treatment, or you can oppose the treatment, by contacting CRANDON (using the contact information that we have provided at the beginning of this Privacy Policy).

Regarding treatments based on consent, you can withdraw your consent at any time. Likewise, you have the right to claim before the Spanish Data Protection Agency.

Review and update

This Privacy Policy is reviewed and updated at least annually.