Privacy Policy

Start of main content

This Privacy Policy sets out the basis on which Andersen Tax & Legal Iberia S.L.P. ("Andersen") processes your personal data when you provide it to us via the website (hereinafter the Site). We are committed to protecting the privacy and security of our customers and we highly value and respect the importance of data privacy and Internet security.

Andersen is in scrupulous compliance with the regulations on the Protection of Personal Data.

While your information is in our hands, we will keep it up to date and protect it as if it were our own confidential information, using appropriate security devices, at the highest level, in accordance with the latest developments and practices in the sector, without prejudice to informing you that Internet security measures are not impregnable.

Whenever you use the Site you provide us with or it is necessary for us to access any type of information that by its characteristics allows us to identify you, such as your name and surname, email, address or telephone number, either to navigate or use our services, you will be under the application of this Privacy Policy along with the Cookies Policy in force at any time, so we ask you to read carefully and understand this Privacy Policy.

1. Personal Data Collected

Andersen collects and processes the following data: e-mail address, first name, last name, CV, addresses, country, telephone number, IP address, connection data, navigation data (if the user so authorizes), bank details and correspondence maintained through the Site. The compulsory or optional nature of the data requested from the user is indicated by an asterisk. Failure to provide certain information marked as mandatory may make us unable to provide our services.

2. Purpose of the Data

All the personal data you provide will be treated with the aim of offering the user a safe, optimal, personalized and effective experience.

Our main objective is to be able to develop the services we offer at Andersen effectively, control, resolve problems and discrepancies that may arise, customise, evaluate and improve our services and content, prevent, detect and investigate any potentially prohibited and illegal activity, enforce our General Conditions, and respect our legal and regulatory obligations.

The acceptance of this Privacy Policy implies that the information you provide us with is true, truthful, accurate and up to date, and you are responsible for any direct or indirect damage that may result from this breach. If the data provided is from a third party, you warrant to us that the third party has been informed of this Privacy Policy and that you have given your consent to provide your data to Andersen.

3. Data recipients

Andersen does not transfer personal data without the formal consent of the parties concerned. The limited instances in which we share your information include:

  • Fundamental service providers: When our business requires developing our services. Each of these third-party companies we work with has been selected for its ability to deliver what we need according to the required specifications, including its ability to treat sensitive data (such as your personal information) securely and appropriately.
  • Legal imperative: If we are required by law or regulation to disclose or share your personal information in order to comply with any legal obligation, we will be required to share your information.
  • Legal or administrative reasons: To detect, investigate, prevent, take action against or otherwise deal with illegal or suspected illegal activities; investigate and defend ourselves against any third-party claim or accusation; protect the security or integrity of our service; or exercise or protect the rights, property or safety of our customers or third parties.

4. How long we keep your information for

At Andersen your personal data will be kept for the time necessary to fulfil the purpose for which it was collected. If your data is used for various purposes that require us to retain it for different periods of time, we will use the longer storage period. In any case, we limit access to your data to only those persons who need to use it for the performance of their duties.

Our data retention times are based on business needs, so that for personal data that is no longer needed, access to it will either be limited to compliance with strictly legal obligations or it will be destroyed securely.

Marketing purposes: as regards the use of your information for marketing purposes, we will retain that information for that purpose for a period of two years from the date we last obtained your permission to send you marketing communications, unless you ask us to be opted out by revoking your consent.

Purposes related to the execution of a contract: as regards the use of your information for the management of any contractual obligations we may have towards you, we will retain this information for the duration of the contract and for the next ten years in order to be able to respond to any subsequent queries or complaints.

Purposes related to compliance with legal and regulatory obligations: certain information must be maintained for the periods required by the specific rules applicable (tax, commercial, money laundering, etc.).

5. Subscription to communications

If you authorize subscription to Andersen communications, we will provide you with information about our services, events, working breakfasts and legislative news, via e-mail or any other equivalent electronic communication means, such as SMS. Subscription to Andersen communications may involve the use of your personal data to make personalised information about our services available to you via email, SMS or other electronic means. In order to improve the service we provide, we inform you that the personal data provided may be used for the purposes of analysis, generation of usage profiles, marketing studies, quality surveys and improvement of interaction with our customers. If you are a registered user, in relation to the sending of such communications, you can change your preferences by sending an email to the following address: or unsubscribe following the instructions provided in each communication.

6. Protecting your safety

Andersen is committed to ensuring the security and protection of your information. We use various security procedures, considering industry standards, to try to protect the personal information you provide to us and prevent unauthorized access.

We also offer secure "https" access to the transaction parts of the Site. Access to data at Andersen is password protected and confidential data is protected by SSL encryption when exchanged between your web browser and the Site.

To protect any data stored on our servers, we periodically monitor our system against possible vulnerabilities and attacks and perform penetration tests on these systems ourselves to try to identify possible improvements. We also use world-class secure access data centers.

We will use our best efforts to protect your personal data. Unfortunately, safety cannot be fully guaranteed. As e-mail, instant messaging and similar means of communication are not encrypted, we also recommend that you do not communicate any confidential information through them.

7. Data protection rights

At Andersen we are committed to respecting the confidentiality of your personal data and to guaranteeing you the exercise of your rights.

In accordance with the provisions of art.13 of GDPR (EU) 2016/679, we remind you that you have the right to request Andersen at any time by sending an e-mail to to access, rectify, delete your personal data (where applicable) or to limit its processing. You also have the right to revoke your authorisation to process the data for which you have given your consent.

Your exercise of these rights is subject to certain exceptions for reasons of general interest (e.g. prevention or detection of crime) and our own interests (e.g. maintaining the confidentiality of legal advice). If you exercise any of these rights, we will check that you are actually entitled to do so and we will reply within one month or the maximum period provided for in Spanish law, whichever is less.

If you are not satisfied with the way in which we use your information or with our response to the exercise of any of these rights, you may file a complaint with the Spanish Data Protection Agency ( 


Andersen contact details:

If you have any questions about our use of your personal data, the first thing you should do is contact us by email at or by phone at +34 917 813 300. You can also contact us in person at the addresses listed here:


Velázquez, 110

28006 Madrid

8. Changes to this Privacy Policy

Andersen reserves the right to modify the terms of this Privacy Policy at any time in its sole discretion. Therefore, we recommend that you check the content each time you log in for any changes or updates.

9. Cookies

You can consult information about the cookies used and their functions in our Cookie Policy.

End of main content