Legal

Privacy Policy

Last updated: 04-06-2026

This Privacy Policy explains how TSH — Total Solutions Hub ("TSH", "we", "us", or "our") collects, uses, and protects personal data when you visit our website, contact us, or request a consultation. We are committed to protecting your privacy and handling your data lawfully, transparently, and securely in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and applicable Spanish data protection law (Ley Orgánica 3/2018, LOPDGDD).

In short: We only collect the information you choose to give us (such as your name, email, and job position) so we can respond to you and keep you in our records as a potential client. We never sell your data, we never share it for marketing by others, and we keep it confidential.

1. Who is responsible for your data (Data Controller)

The data controller responsible for your personal data is:

Company: Total Solutions Hub S.L.
Tax ID (NIF/CIF): In Progress
Registered address: In Progress
Email: contact@totalsolutionshub.net
Website: www.totalsolutionshub.net

2. What personal data we collect

We collect the following categories of personal data:

Category	Examples	How we get it
Contact details you provide	Full name, work email address, job position/title, company name, and any message or information you include	When you submit our contact or consultation request form, book a consultation, or email us directly
Communication content	The content of your messages, enquiries, and any correspondence with us	When you communicate with us by email or form
Technical data	IP address, browser type, and basic access logs	Automatically, via our hosting provider when you visit the site

We do not intentionally collect special categories of data (such as health, political, or religious information), and we ask that you do not send us such information.

3. Why we use your data and our legal basis

We process your personal data for the following purposes, each with a lawful basis under Article 6 GDPR:

Purpose	Legal basis
To respond to your enquiry, schedule and conduct a consultation, and communicate with you	Steps taken at your request prior to entering a contract (Art. 6(1)(b)), and our legitimate interest in responding to enquiries (Art. 6(1)(f))
To maintain a database of potential and existing clients and manage these relationships using our CRM system	Our legitimate interest in developing and managing business relationships (Art. 6(1)(f))
To keep records of our communications and comply with legal or accounting obligations	Compliance with a legal obligation (Art. 6(1)(c)) and our legitimate interests

Where we rely on legitimate interests, we have balanced those interests against your rights and believe our processing is reasonable and expected in a business-to-business context. You have the right to object to this processing (see Section 7).

4. How we store and protect your data

Your data is stored within our customer relationship management (CRM) system and our email and business systems. We treat all personal data as strictly confidential and apply appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure, including access controls and secure storage.

5. Who we share your data with

We do not sell your personal data, and we do not share it with third parties for their own marketing purposes. We only share data where strictly necessary, with:

Service providers (data processors) who help us operate, such as our website hosting provider, email provider, and CRM/scheduling tools. These providers process data only on our instructions and under appropriate data-processing agreements.
Professional advisors (such as our accountants or legal advisors) where necessary.
Authorities, where we are legally required to do so.

Examples of providers we currently use include our website infrastructure provider and our consultation-scheduling and communication tools. Cloudflare (hosting), Google (booking/calendar and email).

6. International data transfers

Some of our service providers may process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as the European Commission's adequacy decisions or Standard Contractual Clauses, so your data receives an equivalent level of protection.

7. How long we keep your data

We retain your personal data only for as long as necessary for the purposes described above. For potential clients, we keep your contact details in our CRM while there is a realistic prospect of a business relationship and for a reasonable period thereafter, after which we review and delete data that is no longer needed. Where we have legal or accounting obligations, we retain relevant records for the period required by law.

8. Your rights

Under the GDPR, you have the right to:

Access the personal data we hold about you;
Rectify inaccurate or incomplete data;
Erase your data ("right to be forgotten");
Restrict or object to our processing, including processing based on legitimate interests;
Data portability — receive your data in a structured, commonly used format;
Withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, contact us at contact@totalsolutionshub.net. We will respond within the timeframe required by law (normally one month).

If you believe we have not handled your data properly, you have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos, AEPD), www.aepd.es.

9. Cookies and analytics

Our website uses only the cookies and technologies strictly necessary for it to function and to be served securely.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "last updated" date at the top reflects the latest version. We encourage you to review it periodically.

11. Contact us

For any questions about this Privacy Policy or how we handle your data, contact us at contact@totalsolutionshub.net.