Privacy policy

Home / Privacy policy

I. PRIVACY AND DATA PROTECTION POLICY

In compliance with current legislation, Blue Crab (hereinafter also referred to as the Website) commits to adopting the necessary technical and organizational measures, at a security level appropriate to the risk of the data collected.

Laws incorporated by this privacy policy

This policy aligns with current Spanish and EU regulations on personal data protection online. Specifically, it complies with:

  • Regulation (EU) 2016/679 of the European Parliament and Council of April 27, 2016 (GDPR).
  • Spanish Organic Law 3/2018 of December 5 on Personal Data Protection and Guarantee of Digital Rights (LOPD‑GDD).
  • Royal Decree 1720/2007 of December 21, implementing Organic Law 15/1999 on Personal Data Protection (RDLOPD).
  • Law 34/2002 of July 11 on Information Society Services and Electronic Commerce (LSSI‑CE).

Data Controller identity

The data controller for personal data collected on Blue Crab is AZ TRADING PERFORMANCE, S.L. (NIF/CIF: ESB66429747), with registry details omitted here.

Representative: AZ TRADING PERFORMANCE, S.L.
Contact info:
Address: Av. Antoni Gaudí, 78 P.I. Rubí Sud, Nave 1B, 08191 Rubí (Barcelona), Spain
Phone: +34 936 242 456
Email: aztrading@aztrading.es

Registration of personal data

In compliance with GDPR and LOPD‑GDD, personal data collected via forms on the Website will be stored and processed in our files to facilitate, expedite, and fulfill commitments between Blue Crab and Users, maintain their relationship, or respond to their inquiries. A record of processing activities is maintained, unless exempt under Article 30.5 of the GDPR.

Principles applicable to data processing

Processing of Users’ personal data follows the GDPR principles (Art. 5) and LOPD‑GDD (Art. 4):

  • Lawfulness, fairness, transparency: Consent must be obtained after full disclosure of purposes.
  • Purpose limitation: Data is collected for specific, explicit, legitimate purposes.
  • Data minimization: Only the necessary data are collected.
  • Accuracy: Data must be correct and up to date.
  • Storage limitation: Data is kept only as long as needed.
  • Integrity and confidentiality: Data is processed securely.
  • Accountability: The Controller is responsible for compliance.

Categories of personal data

Only identification data are processed. No special categories under GDPR Article 9.

Legal basis for processing

The legal basis is consent. Blue Crab will obtain explicit, verifiable consent for specific purposes. Users may withdraw consent anytime as easily as they gave it, without affecting access to the Website.

When filling in forms (for inquiries, requests, etc.), users are informed if provision of certain data is mandatory for operations.

Purposes of data processing

Data is used to facilitate and fulfill commitments, maintain relationships via forms, respond to inquiries, and for commercial purposes (personalization, statistics, marketing, browsing optimization), and improving content and site navigation. Users are informed at collection time about all intended uses.

Data retention periods

Data is stored only as long as necessary, up to a maximum of 5 years, unless the User requests deletion sooner. Users are informed at collection time about the retention period or how it’s determined.

Recipients of personal data

Data may be shared with relevant recipients. If any transfer to a third country or international organization is planned, Users will be informed about the destination and adequacy decisions.

Personal data of minors

According to GDPR Art. 8 and LOPD‑GDD Art. 7: Those aged 14 or older may consent legally. For those under 14, parental or guardian consent is needed, and processing is lawful only when authorized.

Confidentiality and security of data

Blue Crab will implement appropriate technical and organizational measures, commensurate with data risks, to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Since absolute protection against internet threats isn’t guaranteed, any security breach that poses a high risk to users will be communicated without undue delay.

Definition of data breach is any incident causing accidental or unlawful destruction, loss, alteration, unauthorized disclosure/access of personal data (GDPR Art. 4).

Employees, associates, and any third parties with access must comply with confidentiality obligations.

Rights of Users

Users may exercise the following rights under GDPR and LOPD‑GDD against the Data Controller:

  • Right of access: Confirm if their data is processed, and receive details and recipients.
  • Right to rectification: Correct inaccurate/incomplete data.
  • Right to erasure (“right to be forgotten”): Request deletion when data is no longer needed, consent is withdrawn, processing is unlawful, or other legal conditions. The Controller will also inform other processors to remove references.
  • Right to restriction of processing: Request temporary limitations under certain conditions (e.g., contesting accuracy).
  • Right to data portability: Obtain their data in a structured, machine-readable format and transfer it, when processing is automated.
  • Right to object: Object to processing or request cessation.
  • Right not to be subject to automated decisions: Users can opt out of decisions based solely on automated processing, including profiling, unless legal exceptions apply.

Requests should be sent in writing to “RGPD‑https://bluecrabfishing.com/” including: name, surname, and DNI copy. Representatives must provide proof of representation. DNI can be replaced by any valid ID. Requests must specify reasons, data or information sought, address for notifications, date and signature, and proof documents.

Submit to:
Postal address: Av. Antoni Gaudí, 78 P.I. Rubí Sud, Nave 1B, 08191 Rubí (Barcelona)
Email: aztrading@aztrading.es

Links to third-party websites

The Website may contain links to external sites, which have their own privacy policies. Blue Crab is not responsible for them.

Complaints to supervisory authority

Users may file complaints with the relevant supervisory authority in their country of residence, work, or where the infringement occurred. In Spain, this is the Agencia Española de Protección de Datos (AEPD).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Users must read and agree to this Policy to allow processing of their data for specified durations and purposes. Use of the Website implies acceptance of this Privacy Policy.

Blue Crab reserves the right to modify the Policy at its discretion or due to legislative, judicial, or AEPD doctrinal changes. Updates are not explicitly communicated; users are advised to review the page periodically.

This Privacy Policy was updated to align with GDPR (Regulation (EU) 2016/679) and Spanish LOPD‑GDD on July 8, 2025, and was generated using a free online privacy policy template.