Privacy Policy

1. Data Controller

Controller: MJ Lucena
Trade name: SelfPublishedAuditor
Location: Barcelona, Spain
Contact email: hello@selfpublishedauditor.com

2. Personal Data Collected

• Email address and contact details provided by the user.
• Information required to manage orders and payments.
• Book information submitted for audit: title, subtitle, description, cover, links, or related materials.
• Basic technical browsing data when analytics cookies are accepted.
• Data submitted through newsletter or resource download forms, if used by the user.

We do not store complete card details or banking credentials.

3. Purposes of Processing

• Manage orders, payments, and service-related communications.
• Prepare and deliver PDF audit reports.
• Respond to support requests and enquiries.
• Send resources or communications requested through forms.
• Analyze website usage and improve the experience, only when non-essential cookies are accepted.
• Comply with legal, tax, or administrative obligations.

4. Legal Basis

• Performance of a contract: to manage orders and provide the contracted service.
• Consent: for optional forms, newsletters, and non-essential cookies.
• Legal obligation: for tax, accounting, or legal retention duties where applicable.
• Legitimate interest: for security, abuse prevention, and strictly service-related communications.

5. Providers and Recipients

External providers may be involved in operating the website and delivering the service:

• Stripe: secure payment processing.
• MailerLite: forms, downloads, or communications requested by the user.
• Google Tag Manager / Google Analytics: web analytics, only if non-essential cookies are accepted.
• Hosting provider: website, database, and file hosting.
• Email provider: sending and receiving communications.

These providers may process data as processors or independent controllers depending on the service they provide.

6. International Transfers

Some technology providers may operate outside the European Economic Area. Where this occurs, appropriate safeguards such as standard contractual clauses or other recognized mechanisms will be sought.

7. Data Retention

• Order and billing data: for the applicable legal retention periods.
• Materials submitted for audit: for the time necessary to provide the service and handle reasonable follow-up issues.
• Email enquiries: for the time necessary to respond and follow up.
• Newsletter or download data: until consent is withdrawn or the user unsubscribes.
• Cookies: as described in the Cookie Policy.

8. User Rights

Users may request access, rectification, erasure, objection, restriction of processing, and data portability.

To exercise these rights, contact hello@selfpublishedauditor.com.

Users may also lodge a complaint with the Spanish Data Protection Authority: www.aepd.es.

9. Security

SelfPublishedAuditor applies reasonable measures to protect personal data against unauthorized access, loss, alteration, or misuse.

10. Changes

This policy may be updated to reflect legal, technical, or service changes.