1. Introduction

Prat Roca Abogados (website url address: https://pratroca.com/) is a law firm based in Barcelona, Calle Tuset number 10 that offers advice and legal coverage in the field of Civil, Commercial, Procedural Law, Miner and Bankruptcy. Read the detailed Privacy Policy here to understand and accept the use made of your data as well as your browsing data.

2. Confidentiality and Data Protection Policy

BUFETE PRAT & ROCA, S.L.P. (hereinafter the Company) is committed with due diligence and
compliance with the Data Protection regulations implemented through Regulation (EU) 2016/679
regarding the protection of natural persons as regards the processing of their personal data and the
free movement of such data (General Data Protection (RGPD) and the provisions of the Organic Law
3/2018 on Data Protection and Digital Rights Guarantee (LOPDGDD).
Detailed information on the policy of confidentiality and Protection of Personal Data pursuant to the
provisions of the aforementioned regulations is set out below.
Contact information of the Responsible for Data Processing and the Data Protection Officer (DPO):

  • Identity: BUFETE PRAT ROCA, S.L.P. 
  • Address / P. C. : 10, Tuset Street – 08006 Barcelona
  • Phone number: 93 415 03 16
  • E-mail: d.rocapla@pratroca.com
  • Contact details of the DPO: Daniel Roca Pla
  • Data Protection Channel: https://www.corporate-ethicline.com/prat-roca
3. Data processing purposes
  • The Company will process the data provided by concerned persons for the following purposes:
    Management of client service and meetings in our premises, as well as the conduction and
    rendering of contracted services.
  • Management of requests or suggestions made by the concerned persons with regard to our
    professional services.
  • Informative and commercial communications: data processing in order to inform about activities, articles of interest and general information related to our activity and the contracted services/products.
  • Management of data provided in the Curriculum Vitae (CV) of candidates applying for a job, for the purpose of selection and recruitment processes.

For the correct client service rendering and conduction of the abovementioned purposes, the concerned person consents to the processing of his/her data for said ends, all under the strictest compliance with the Data Protection Regulations and the policy hereby detailed. The concerned person may exercise his/her rights at any time (see specific section).

4. Data retention criteria
  • Rendering of services contracted with the Company: personal data provided in contracts and
    service proposals, as well as data related to third parties whose intervention is required, will
    be kept for the duration of the hired services. Upon completion of contracted service/s,
    personal data will be kept in those cases from which could derive liability with the Company
    and/or in compliance with other regulatory frameworks applicable to the Company or
    regulations with the force of law that require the retention of such data. Personal data will be
    kept in a way that allows the identification and exercise of the rights of those concerned and,
    under the legal, organizational and technical measures necessary to guarantee the
    confidentiality and integrity of said data.
  • Management of Curriculums Vitae: the Company, as a rule, keeps Curriculums Vitae for a
    maximum period of one year; once this period has ended, said CV are automatically
    destroyed, in compliance with the principle of data quality.
  • Others: the rest of the data and information provided by the user by any means will be kept
    for as long as needed in order to fulfil the purpose for which they were collected.
5. Legitimation
  • Legal basis that enables the Company to process personal data of users, clients and potential
    clients by virtue of the following titles.
  • The consent of the concerned person for the processing and management of any request
    of information or consult about our services and products.
  • The consent given by job Candidates for selection and recruitment purposes.
  • The framework for the provision and/or contracting of services/products with the Company.
  • The legitimate interest to send informative and commercial communications and/or
    promotional offers by email or any other means, related to the Company’s activity and to
    the services/products contracted.
6. Recipients

No personal data is transferred to third parties, except legal provision.

7. Source
  • Personal data is obtained directly from the concerned persons and from our collaborators. The
    categories of personal data provided by our collaborators are the following:
  • Identification Data
  • Postal or electronic addresses
  • Data provided and/or consented to by the concerned persons, necessary and related to the
    management and provision of requested service/product.
8. Rights
  • Right of Access, Rectification and Deletion: concerned persons have the right to obtain confirmation
    as to whether the Company is treating their personal data or not. Concerned persons have the right
    to access their personal data, as well as to request the rectification of inaccurate information or
    request its deletion when, among other reasons, the data is no longer necessary for the purposes for
    which it was collected.
  • Right of Limitation and Opposition: in certain circumstances, the concerned persons may request the
    limitation of the processing of their data, in which case the Company will only keep it for the
    purposes of defence against claims. In certain circumstances and, for reasons related to their
    particular situation, the concerned persons may oppose the processing of their data. The Company
    will stop processing the data in said cases, except for compelling legitimate reasons, or for the
    defence against possible claims.
    These rights may be exercised through our Data Protection Channel, see specific section.
9. Data protection channel

The Company has implemented a Communications and Complaints Channel which incorporates all
the relevant and necessary aspects of data protection, with the highest commitment, rigor and professionalism in terms of security, experience, independence and knowledge in the treatment of
the communications received, in compliance with the requirements of article 24 of the LOPDGDD for
this type of channels.
The Data Protection Channel has been implemented through a web platform, developed and
managed by an independent external expert, to provide and guarantee the aforementioned
Through the Data Protection Channel, users can exercise their Rights (see previous section) and
communicate any suspicion or knowledge of possible security violations (breaches) and/or possible
breaches or irregularities regarding Data Protection regulations or the present policy of the
The information to access the Data Protection Channel are detailed at the beginning of this policy.

10. Cookies policy

This site uses cookies. Small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to preserve user preferences, store information for things like shopping carts, and provide anonymous tracking data to third-party applications like Google Analytics. Cookies generally exist to improve your browsing experience. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest you consult the help section of your browser.

Necessary cookies (All visitors)
cfduid: Used for our CloudFlare CDN to identify individual clients behind a shared IP address and apply security settings for each client. 
PHPSESSID: To identify a single visit to the website.

11. Service and support

The concerned persons may communicate to the Company any questions related to the
processing of their personal data or interpretation of the present policy, by contacting the
Data Protection Officer (RPD / DPD) at the email address provided at the beginning of this