Scope

This Privacy Notice (the “Privacy Notice”) applies to any natural person whose personal data is processed by the Controller, including:

• Clients and prospects
• Investors and business partners
• Suppliers and contractors
• Professionals and consultants
• Visitors to offices or project sites
• Website users

Personal data collected

The Controller may collect and process the following categories of personal data:

• Identification data: full name, signature, tax information
• Contact data: address, email, phone number
• Professional data: company, position, experience, professional licenses
• Financial data: billing and payment information
• Project data: property locations, needs, technical specifications
• Security data: images captured by video surveillance systems

The Controller does not collect sensitive personal data, except where strictly necessary and with explicit consent.

Purposes of processing and legal bases

Primary purposes:

• Use of and access to the website
• Handling requests, inquiries, and contact
• Administration and technical maintenance of the website
• Development, design, and execution of architectural and urban projects
• Management, administration, and supervision of construction works
• Identification and communication with clients, suppliers, and business partners
• Preparation of contracts, invoicing, and compliance with legal obligations
• Coordination of meetings, visits, and project-related activities
• Supplier evaluation and due diligence processes

Secondary purposes:

• Marketing, institutional communication, and public relations
• Sending promotional information, portfolio, and institutional content
• Publication of projects in physical or digital media
• Service improvement and preference analysis

You may object to the use of your data for secondary purposes by sending an email to the Controller.

Legal bases for processing (where applicable):

Personal data processing is based on:

• The execution of a contractual relationship
• Compliance with legal obligations
• The Controller’s legitimate interest
• The data subject’s consent, where required

Transfers of personal data

The Controller may transfer your personal data, without requiring your consent in cases permitted by law, to:

• Competent authorities
• Affiliated or subsidiary companies
• The Controller’s offices in London (as part of its international operations)
• Clients, business partners, consultants, and contractors involved in projects
• Technology and administrative service providers

In all cases, the Controller will adopt the necessary measures to ensure the protection of your personal data.

International transfers

In the event of international transfers, the Controller implements safeguards such as:

• Standard contractual clauses
• Protection level assessments
• Internal corporate policies

You may request information about these safeguards through the Privacy Officer.

Data Subject Rights

You have the right to:

• Access your personal data
• Rectify it if inaccurate or incomplete
• Erase it when it is no longer necessary
• Object to its processing
• Request restriction of processing
• Request data portability (where applicable)

You also have the right not to be subject to automated decisions without human intervention.

To exercise these rights, you must submit a request to the indicated email address, including:

• Full name and contact details
• Official identification or equivalent
• Clear description of the right you wish to exercise

The Controller will respond within a maximum period of 20 business days.

You may also file a complaint with the competent authority, such as INAI or, where applicable, the Information Commissioner’s Office.

Withdrawal of consent

You may withdraw your consent for the processing of your personal data at any time by submitting a request to the Controller’s email address.

Limitation of use or disclosure

You may request the limitation of the use or disclosure of your personal data, as well as your inclusion in the Controller’s exclusion list.

You may also register with the REPEP (Public Registry to Avoid Advertising), administered by PROFECO (Federal Consumer Protection Agency).

Use of cookies and tracking technologies

The Controller’s website uses cookies and similar technologies to improve user experience, analyze site usage, and remember preferences.

Where required by applicable law, your consent will be requested for the use of non-essential cookies. You may configure or disable such cookies at any time through your browser or available site tools.

Use of images and projects

The Controller may use images, renders, videos, and other visual materials from completed projects for promotional, editorial, or portfolio purposes.

If such images allow you to be identified, your prior consent will be requested.

Security measures

The Controller implements administrative, technical, and physical security measures to protect your personal data against damage, loss, alteration, or unauthorized use.

Data retention

Personal data will be retained only for as long as necessary to fulfill the purposes described and in accordance with applicable legal obligations.

Changes to the Privacy Notice

The Controller reserves the right to modify or update this Privacy Notice at any time. Modifications will be available through the official website.

Consent

By providing your personal data and using the Controller’s services, you accept the terms of this Privacy Notice.