Privacy Policy
Last updated: April 2026
1. Introduction
CSC Tech ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website csc-tech.lu (the "Site"), in compliance with:
- Regulation (EU) 2016/679 — General Data Protection Regulation (GDPR)
- Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD)
- Luxembourg Law of 1 August 2018 on the organization of the CNPD
2. Data Controller
Entity: CSC Tech SA
Address: 115 Route d'Esch, L-1471 Luxembourg
Email: [email protected]
RCS Luxembourg: [Pending registration number]
3. Information We Collect
We may collect the following categories of personal data:
- Automatically collected data: IP address, browser type and version, operating system, referring URLs, pages visited, access times, and device information, collected through server logs and analytics tools.
- Voluntarily provided data: Name, email address, company name, phone number, and any other information you provide when contacting us via email or other communication channels.
- Cookies and similar technologies: See Section 8 for details on our use of cookies.
4. Purpose and Legal Basis for Processing
In accordance with Articles 6 and 7 of the GDPR and Article 6 of LOPDGDD, we process your personal data for the following purposes:
| Purpose | Legal Basis (Art. 6 GDPR) |
|---|---|
| Operating and maintaining the Site | Legitimate interest |
| Responding to your inquiries | Consent / Pre-contractual measures |
| Analyzing Site usage and improving services | Legitimate interest |
| Complying with legal obligations | Legal obligation |
| Protecting against fraud or misuse | Legitimate interest |
5. Data Sharing and International Transfers
We do not sell, rent, or trade your personal data. We may share your data with:
- Service providers: Trusted third parties who assist us in operating the Site (hosting, analytics), subject to data processing agreements compliant with Article 28 GDPR.
- Legal requirements: When required by law, regulation, or legal process.
If personal data is transferred outside the European Economic Area (EEA), we ensure adequate safeguards are in place in accordance with Chapter V of the GDPR, including Standard Contractual Clauses (SCCs) approved by the European Commission.
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specific retention periods:
- Contact inquiries: up to 12 months after last communication
- Analytics data: up to 26 months
- Legal obligations: as required by Luxembourg and EU law
When data is no longer needed, it is securely deleted or anonymized.
7. Your Rights
Under the GDPR (Articles 15–22) and LOPDGDD (Articles 12–18), you have the following rights:
- Right of access (Art. 15 GDPR): Obtain confirmation and a copy of the personal data we hold about you.
- Right to rectification (Art. 16 GDPR): Request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17 GDPR): Request deletion of your personal data under certain conditions.
- Right to restrict processing (Art. 18 GDPR): Request limitation of processing in certain circumstances.
- Right to data portability (Art. 20 GDPR): Receive your data in a structured, commonly used, machine-readable format.
- Right to object (Art. 21 GDPR): Object to processing based on legitimate interests or direct marketing.
- Right not to be subject to automated decisions (Art. 22 GDPR): Not be subject to decisions based solely on automated processing, including profiling.
How to exercise your rights: Send your request to [email protected]. We will respond within one month in accordance with Article 12(3) GDPR.
Right to lodge a complaint: You have the right to lodge a complaint with:
- Commission Nationale pour la Protection des Données (CNPD) — Luxembourg: cnpd.lu
- Agencia Española de Protección de Datos (AEPD) — Spain: aepd.es
8. Cookies Policy
In accordance with Article 22.2 of LSSI-CE and the EU ePrivacy Directive (2002/58/EC), we inform you that this website may use cookies:
- Essential cookies: Strictly necessary for the functioning of the website. These do not require consent.
- Analytics cookies: Used to understand how visitors interact with the Site. These are only activated with your prior consent.
You can manage your cookie preferences through your browser settings at any time. Disabling cookies may affect certain features of the website.
9. Security Measures
In accordance with Article 32 of the GDPR, we implement appropriate technical and organizational measures to protect your personal data, including:
- SSL/TLS encryption for all data in transit
- Access controls and authentication mechanisms
- Regular security reviews
- Data minimization practices
10. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable legislation. Any changes will be posted on this page with an updated revision date. Where changes are material, we will take reasonable steps to notify users.
11. Contact
For any questions about this Privacy Policy or to exercise your data protection rights:
Email: [email protected]
Address: 115 Route d'Esch, L-1471 Luxembourg