Privacy Policy

Last updated: March 2026

Courtesy translation. The Spanish version is the legally binding text.

1. Data controller

• Identity: A Todo Sol Instalaciones Fotovoltaicas SL
• VAT ID: B72775315
• Address: Avenida Mediterráneo 27, 03670 Monforte del Cid (Alicante), Spain
• Contact email: info@atodosol.es
• Phone: +34 692 22 97 13

2. Personal data we collect

Through the quote form, contact channels (phone, email, WhatsApp) and the customer area, we may collect:

• First and last name
• Email address
• Phone number
• Postal address (for quotes and installations)
• Data on energy consumption and characteristics of the home or business
• Authentication data for access to the customer and employee area (see section 11)

3. Purpose of processing

Personal data is processed for the following purposes:

• To handle quote requests for solar installations, pergolas, batteries and chargers.
• To carry out the energy and technical study required for the commercial proposal.
• To manage the contractual relationship after acceptance of the quote.
• To provide access to the customer and employee area for monitoring installations and services.
• To schedule and manage technical service appointments via Google Calendar.
• To send commercial communications about A Todo Sol services, always with prior consent.
• To comply with applicable legal and tax obligations.

4. Legal basis

• Consent of the data subject (art. 6.1.a GDPR): when sending the contact form, requesting a quote or signing in via Google OAuth.
• Contract performance (art. 6.1.b GDPR): to manage the installation contractual relationship and access to the customer area.
• Legitimate interest (art. 6.1.f GDPR): for administrative and commercial management.
• Legal obligation (art. 6.1.c GDPR): to comply with tax and accounting obligations.

5. Recipients of the data

Personal data will not be shared with third parties except for legal obligations. The following may have access to the data:

• Competent public administrations (IDAE, autonomous communities) for the management of subsidies and installation permits.
• Financial institutions, only when the customer requests financing for the installation.
• Google LLC, as a provider of authentication (Google OAuth) and calendar (Google Calendar) services, acting as a data processor in accordance with its terms of service and privacy policy.
• Technology service providers (hosting, email) acting as data processors with appropriate guarantees.

6. Data retention

Data will be retained for the time necessary to fulfil the purpose for which it was collected:

• Unaccepted quotes: 12 months from the request.
• Customers with a contract: for the duration of the contractual relationship and, subsequently, for the legal retention periods (5 years for tax purposes, 6 years for accounting).
• Customer area access data: while the user keeps their account active. The data is deleted if the user requests cancellation.
• Google Calendar events: while the service or appointment is scheduled. Once completed, the event may be deleted at the user's request.
• Commercial communications: until consent is revoked.

7. Rights of the data subject

In accordance with the GDPR and the Spanish LOPDGDD, you can exercise the following rights:

• Access: to know what personal data we process.
• Rectification: to request the correction of inaccurate data.
• Erasure: to request the deletion of your data and your account.
• Objection: to object to the processing of your data.
• Restriction: to request the restriction of processing.
• Portability: to receive your data in a structured format.
• Revocation of Google access: you can revoke our application's access to your Google account at any time from myaccount.google.com/permissions.

To exercise these rights, send a written request to info@atodosol.es indicating your full name, ID document and the right you wish to exercise. We will respond within a maximum of 30 days.

8. Right to lodge a complaint

If you believe that the processing of your personal data is not appropriate, you can lodge a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es.

9. Cookies

For information on the use of cookies, see our Cookie Policy.

10. Security

A Todo Sol has adopted the necessary technical and organisational measures to guarantee the security of personal data, preventing alteration, loss, processing or unauthorised access, in accordance with the state of the art. Among the measures implemented:

• Encrypted communications via HTTPS/TLS.
• Authenticated access to the customer and employee areas.
• Secure data storage on servers located in the European Union.
• Periodic backups and restricted access policies.

11. Use of Google data (Google API Services)

Our application uses Google API services for the following exclusive functionalities:

11.1. Data we access

• Basic Google profile (name, email, profile picture): exclusively to authenticate access to the customer area and the employee area.
• Google Calendar (read and write events): exclusively to schedule, modify and cancel technical service appointments (installations, maintenance, inspections).

11.2. How we use this data

• Authentication: the Google profile is used only to verify the user's identity when signing in to the customer or employee area. We do not store the Google password.
• Appointment management: Google Calendar is used exclusively to create technical service appointment events coordinated between the customer and the A Todo Sol team. Events contain the date, time, service address and type of work.

11.3. Data we do NOT collect or use

• We do not access the user's Google contacts.
• We do not access Gmail or any email content.
• We do not access Google Drive or any user files.
• We do not access any other Google service beyond the basic profile and Google Calendar.
• We do not use Google data for advertising, marketing, or for training artificial intelligence models.

11.4. Sharing of Google data

Data obtained through Google API Services is not shared with third parties under any circumstances, except:

• With the user themselves, through their customer area.
• With the A Todo Sol technical team, for the coordination of service appointments.
• By legal requirement of a competent authority.

11.5. Storage and protection of Google data

• Google access tokens are stored encrypted on our secure servers, located in the European Union.
• Tokens are used exclusively for the functionalities described and are renewed automatically according to OAuth 2.0 standards.
• Access to Google data is restricted to authorised A Todo Sol personnel.

11.6. Retention and deletion of Google data

• Google profile data is kept while the user maintains an active account on our platform.
• Google Calendar events are kept while the service appointment is current or pending.
• The user can request the complete deletion of their data at any time by sending an email to info@atodosol.es. We will process the request within a maximum of 30 days.
• The user can revoke our application's access to their Google account at any time from myaccount.google.com/permissions. When access is revoked, we automatically delete the stored tokens.

Use of data received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

12. Modifications

A Todo Sol reserves the right to modify this Privacy Policy to adapt it to legislative developments or changes in our services. Any changes will be published on this page with the corresponding update date.