Skip to content

Privacy Policy (GDPR Compliant)

Last updated: 28 April 2026

This Privacy Policy explains how personal data is collected, used, stored, and protected when you visit or interact with this website: https://terapiaconjo.com (the “Website”).

The Website is operated in accordance with the EU General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Spanish data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

Jo Steel
 Integrative Humanistic Counsellor (Trauma-Informed Practice)
Website: https://terapiaconjo.com

For any data protection enquiries, you may contact the controller via the contact details provided on the Website.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Data you provide directly

  • Name and email address (e.g. when leaving comments or contacting us)
  • Any information submitted via forms or comments

2.2 Technical data

  • IP address
  • Browser type and version
  • Device information
  • Cookies and usage data

2.3 Communication data

  • Messages sent via contact forms or email correspondence

3. Purpose and Legal Basis for Processing

Your personal data is processed under the following GDPR legal bases:

  • Consent (Art. 6(1)(a)) – e.g. cookies, voluntary form submissions
  • Legitimate interest (Art. 6(1)(f)) – website security, spam prevention, improving functionality
  • Legal obligation (Art. 6(1)(c)) – where required for compliance purposes

We process data for the following purposes:

  • To enable website functionality and communication
  • To respond to enquiries or comments
  • To prevent spam and ensure website security
  • To improve user experience and website performance

4. Comments

When visitors leave comments on the Website, we collect:

  • Data entered in the comment form
  • IP address
  • Browser user agent string

This data is used to detect and prevent spam.

An anonymised string (hash) generated from your email address may be sent to the Gravatar service to determine if you use it. Their privacy policy is available at:
https://automattic.com/privacy/

After approval, your comment and associated profile image (if applicable) may be publicly visible.

5. Cookies

This Website uses cookies to ensure proper functionality and improve user experience.

5.1 Comment cookies

If you leave a comment, you may opt in to saving your name, email, and website in cookies. These last for 1 year.

5.2 Login cookies

  • Temporary cookie to check browser compatibility
  • Login cookies: 2 days
  • “Remember Me”: up to 2 weeks
  • Screen preference cookies: 1 year
  • Logout removes login cookies

5.3 Editing cookies

If you edit or publish content, a temporary cookie is stored indicating the post ID. It expires after 1 day.

You can control or disable cookies via your browser settings at any time.

6. Embedded Content

Articles on this Website may include embedded content (e.g. videos, images, articles).

Embedded content behaves as if the visitor has accessed the external website directly.

These third-party websites may:

  • Collect data about you
  • Use cookies
  • Track interaction with embedded content
  • Monitor activity if you are logged in to their platform

We are not responsible for the privacy practices of third-party websites.

7. Data Sharing

We do not sell, rent, or trade your personal data.

Your data may only be shared in the following limited cases:

  • Spam detection services for visitor comments
  • Password reset emails, which may include your IP address
  • Legal obligations if required by law

8. Data Retention

We retain personal data only for as long as necessary:

  • Comments and metadata: retained indefinitely for moderation and continuity
  • Registered user data (if applicable): retained until deletion is requested or account is removed
  • Contact form submissions: retained only as long as necessary to respond and manage communication

9. Your Rights Under GDPR

Under GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (“right to be forgotten”)
  • Request restriction of processing
  • Object to processing
  • Request data portability

If you have an account or have left comments, you may request:

  • An exported file of your personal data
  • Deletion of your personal data

This does not include data we are required to retain for legal, administrative, or security purposes.

To exercise your rights, please contact the data controller using the contact details provided on the Website.

10. Data Security

Appropriate technical and organisational measures are in place to protect your personal data against:

  • Loss
  • Misuse
  • Unauthorised access
  • Alteration or disclosure

11. Where Your Data Is Processed

Visitor comments may be checked through automated spam detection services.

Some data may be processed outside the EU depending on third-party services used (e.g. Gravatar or hosting providers), in which case appropriate safeguards are applied in accordance with GDPR requirements.

12. Changes to This Policy

This Privacy Policy may be updated from time to time. The latest version will always be available on this page.