Last updated: 2026-01-25

Privacy Policy

This Privacy Policy explains how Interlink collects, uses, stores, and protects your personal data. We are committed to protecting your privacy and handling your data in accordance with the General Data Protection Regulation (GDPR) and applicable Spanish data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

For any questions or concerns regarding your personal data or this Privacy Policy, please contact us using the details above.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Information You Provide Directly

  • Contact information: Name, email address, phone number, WhatsApp number
  • Communication content: Messages sent via contact forms, email, or WhatsApp
  • Booking details: Consultation appointments, service selections, preferences
  • Case information: Details about your situation, educational background, nationality, and visa-related information you share for consultation purposes

2.2 Information Collected Automatically

  • Device information: Browser type, operating system, device type
  • Usage data: Pages visited, time spent on pages, referring website
  • IP address: Used for analytics and security purposes
  • Cookies: See our Cookie Policy for details

2.3 Payment Information

When you make payments, we may collect payment metadata (transaction ID, date, amount). We do not store full credit card numbers or sensitive payment details. Payment processing is handled by secure third-party payment processors who are PCI-DSS compliant.

3. Purposes of Data Processing

We collect and use your personal data for the following purposes:

  • Provide consultation services: To respond to inquiries, schedule consultations, and deliver our services
  • Communication: To send service-related information, updates, and respond to your messages
  • Improve our services: To analyze how our website and services are used and make improvements
  • Analytics: To understand visitor behavior and optimize user experience
  • Legal compliance: To comply with applicable laws and regulations
  • Security: To protect against fraud, abuse, and security threats

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

4.1 Consent (Article 6(1)(a))

When you voluntarily submit information through our contact forms, book a consultation, or sign up for communications, you consent to our processing of that data for the stated purposes. You may withdraw consent at any time.

4.2 Contract Performance (Article 6(1)(b))

Processing is necessary to provide the consultation services you have requested and to perform our contractual obligations to you.

4.3 Legitimate Interests (Article 6(1)(f))

We may process data based on our legitimate interests, such as:

  • Improving our website and services
  • Understanding how users interact with our site
  • Protecting against fraud and security threats
  • Maintaining records for business and legal purposes

4.4 Legal Obligation (Article 6(1)(c))

Processing may be necessary to comply with legal obligations, such as tax or accounting requirements.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Inquiry data: Up to 24 months after last contact, unless you become a client
  • Client records: Up to 7 years after the end of our business relationship (for legal and accounting purposes)
  • Analytics data: Aggregated and anonymized data may be retained indefinitely
  • Marketing communications: Until you unsubscribe or withdraw consent

After the retention period, your data will be securely deleted or anonymized.

6. Data Sharing and Disclosure

6.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

6.2 Service Providers (Data Processors)

We may share your data with trusted third-party service providers who assist us in operating our business:

  • Email services: For communication and newsletters
  • Analytics providers: Such as Google Analytics, to analyze website usage
  • Payment processors: To process payments securely
  • CRM systems: To manage client relationships
  • Hosting providers: To host our website

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

6.3 Legal Requirements

We may disclose your data if required by law, court order, or to protect our legal rights or the safety of others.

6.4 Third-Party Services You Engage

If you engage third-party services through our referrals (schools, lawyers, insurers), your data shared with them is governed by their own privacy policies.

7. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Transfers to countries with an EU adequacy decision
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Other legally recognized mechanisms

You may request information about the specific safeguards applied to your data by contacting us.

8. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your data in certain circumstances.
  • Right to Restrict Processing: You can request that we limit how we use your data.
  • Right to Data Portability: You can request your data in a structured, machine-readable format.
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at studyinterlink@gmail.com. We will respond within 30 days.

8.1 Right to Lodge a Complaint

If you believe we have not handled your data properly, you have the right to lodge a complaint with a supervisory authority. In Spain, this is the Agencia Española de Protección de Datos (AEPD): www.aepd.es

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure HTTPS encryption for all website traffic
  • Access controls limiting who can view personal data
  • Regular security reviews and updates
  • Secure third-party service providers

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. Cookies

Our website uses cookies to enhance your experience and analyze site usage. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

11. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read their privacy policies before providing any personal data.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

Significant changes may be communicated via email or a notice on our website.

14. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Related Policies: