Skip to content
Back to home

Privacy Policy

Last updated: 2026-05-06

This Privacy Policy explains how INDIELINE SL processes the personal data of visitors to indieline.xyz, in accordance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights (LOPDGDD).

1. Data controller

INDIELINE SL · NIF B56433113

Registered office (RM): Paseo Marqués de Monistrol, 5, 28011 Madrid, Spain — change pending.

Operating address: C/ Mariano Cuber 17, 46011 Valencia, Spain (Wayco).

Registered in the Mercantile Registry of Madrid · IRUS 1000314016137

Email: go@indieline.xyz

INDIELINE SL has not appointed a Data Protection Officer (DPO), as this is not required by article 37 GDPR for a company of this size and activity.

2. What data we collect

We process personal data only when the user voluntarily provides it through the contact form on this website. Specifically:

  • Name
  • Work email address
  • Company name (optional)
  • The message content the user submits
  • Technical metadata associated with the request: IP address, timestamp, browser user-agent

This website does not use analytics, advertising or behavioural tracking. No personal data is collected automatically beyond what is strictly necessary to deliver the page itself.

3. Purposes and legal basis

The personal data the user provides is processed for the following purposes:

  • Responding to the user's enquiry. Legal basis: the user's consent (article 6.1.a GDPR), expressed by submitting the form, together with pre-contractual measures taken at the user's request (article 6.1.b GDPR).
  • Complying with legal obligations. Legal basis: legal obligation (article 6.1.c GDPR), where applicable to fiscal, accounting or commercial records.

4. Retention period

Data sent through the contact form is retained for as long as is necessary to manage the enquiry, and afterwards for the period required by Spanish commercial and tax law (typically up to six years for accounting records, where applicable). After that, it is deleted or anonymised.

5. Recipients and processors

INDIELINE SL relies on the following third-party service providers, who act as data processors under article 28 GDPR:

  • Formspree, Inc. (United States). Provides the form-handling infrastructure that delivers contact-form messages to INDIELINE SL by email. International transfer is covered by Standard Contractual Clauses (SCCs).
  • Amazon Web Services EMEA SARL (Luxembourg / global). Provides hosting (AWS Amplify, CloudFront, S3) for this website. International transfers may occur for technical content delivery and are covered by SCCs.

INDIELINE SL does not sell or rent personal data, and does not transfer it to third parties except where required by law or where strictly necessary to deliver the service the user has requested.

6. International transfers

Some of the processors listed above are based outside the European Economic Area. In each case, the transfer is protected by appropriate safeguards under Chapter V of the GDPR. The mechanism in use is typically the European Commission's Standard Contractual Clauses, supplemented where necessary by additional technical and organisational measures.

7. Your rights

Users may exercise the following rights at any time:

  • Access. Confirm whether their data is being processed and obtain a copy.
  • Rectification. Correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten").
  • Restriction of processing.
  • Data portability.
  • Objection to processing based on legitimate interests.
  • Withdrawal of consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please write to go@indieline.xyz with proof of identity. INDIELINE SL will respond within one month, as provided by article 12 GDPR.

8. Right to lodge a complaint

If a user believes their data is not being processed in accordance with applicable law, they may file a complaint with the Spanish Data Protection Agency (AEPD) at aepd.es.

9. Security

INDIELINE SL applies appropriate technical and organisational measures to protect personal data against unauthorised access, loss or alteration. Communication with this website uses HTTPS encryption end-to-end.

10. Changes

This Privacy Policy may be updated to reflect legal, technical or operational changes. The version in force is the one published on this page, and material changes will be communicated where the user has an active relationship with INDIELINE SL.