Last updated 23 May 2026.
This privacy policy explains how personal data is handled when you visit digicap.eu, the public website of the DIGICAP project. It is written to comply with Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR) and the Spanish Organic Law 3/2018 on Data Protection and Digital Rights.
Who is responsible for your data
The data controller for this website is MATICAL, acting on behalf of the DIGICAP consortium as part of its stakeholder-engagement remit. The consortium is coordinated by TEAM-NB aisbl (Belgium); MATICAL is the partner operating the public website.
- Controller: MATICAL, on behalf of the DIGICAP consortium.
- Registered address: [TO CONFIRM: MATICAL legal address in Spain].
- VAT / tax identifier: [TO CONFIRM: MATICAL CIF/NIF].
- Contact for data protection matters: info@digicap.eu.
What data we collect and why
We keep data collection to the minimum needed to run the site and listen to our stakeholders.
- Contact form submissions. When you write to us through a form on the site, we process the name, email address and message you provide so we can reply. Legal basis: your consent and, where applicable, the steps taken at your request before entering into a contract (Art. 6(1)(a) and 6(1)(b) GDPR).
- Server logs. Our hosting provider records standard technical information (IP address, timestamp, requested URL, user agent, response code) to keep the service running and to detect abuse. Legal basis: legitimate interest in the security and integrity of the website (Art. 6(1)(f) GDPR).
- Audience analytics. We use Matomo, self-hosted on the same server as the website, to understand which pages are useful. IP addresses are anonymised before storage, no data is shared with third parties, and no cross-site tracking takes place. Legal basis: legitimate interest in measuring the reach of the project (Art. 6(1)(f) GDPR). You can opt out at any time through the cookie banner.
- Non-essential cookies. Any cookie that is not strictly necessary to deliver the site is only set after you give explicit consent through the banner. Legal basis: consent (Art. 6(1)(a) GDPR and Art. 22.2 LSSI).
How long we keep your data
- Contact form messages: up to 24 months after our last exchange, then deleted unless a longer period is required to honour a legal obligation.
- Server logs: up to 12 months, then overwritten.
- Matomo analytics: aggregated visit data is retained for the duration of the project (until 36 months after the DIGICAP grant ends); individual visit records are deleted after 14 months.
- Consent records (cookie banner): up to 12 months from the moment you grant or refuse consent, after which we ask again.
Who processes your data on our behalf
We rely on the following sub-processor:
- Hostinger — hosting of the website and associated databases, on servers located inside the European Union.
Matomo is self-hosted on the same Hostinger infrastructure, so no additional sub-processor is involved for analytics. We do not transfer personal data outside the European Union or the European Economic Area.
Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- have inaccurate data rectified;
- have your data erased where the law allows;
- restrict or object to certain processing activities;
- receive your data in a portable format;
- withdraw any consent you have given, at any time, without affecting the lawfulness of past processing.
To exercise any of these rights, write to info@digicap.eu. If you believe your rights have been breached you may also lodge a complaint with the Spanish Data Protection Agency (AEPD) or with the supervisory authority of your country of residence.
Changes to this policy
We may update this policy to reflect changes in the website, in our tools or in the law. The “last updated” date at the top of this page always shows when the current version came into force. Significant changes will be flagged on the homepage.
