Privacy Policy

• Name: EGS (corporate incorporation in progress)
• Address: Galicia, Spain (registered address pending)
• Contact: info@egswater.com

We process data such as name, surname, address, identification and contact data, housing data, cadastral data, water consumption, census and owner data, among others. Some of this data is provided directly by the municipalities with whom EGS has a contractual relationship; in those cases EGS acts as data processor in accordance with Art. 28 GDPR.

Data will be retained for the following periods: user account data, 3 years from deactivation; consumption and audit data, 5 years from the end of the contract with the municipality; billing data, 6 years in accordance with applicable commercial law. In case of litigation or claim, data will be retained until final resolution.

The data may be communicated to municipalities, collaborating entities, service providers (data processors) and competent authorities, always guaranteeing compliance with the regulations.

EGS works with technology service providers (cloud infrastructure, email delivery) that may operate partially outside the European Economic Area. In such cases, EGS requires these providers to execute Standard Contractual Clauses (SCCs) approved by the European Commission, or other adequate safeguards in accordance with Chapter V of the GDPR.

The user can exercise the following rights:

• Access their data
• Rectify or delete them
• Limit their processing
• Object to processing
• Request portability
• Withdraw their consent at any time
• File a complaint with the Spanish Data Protection Agency (AEPD)

To exercise any of these rights, send an email to info@egswater.com indicating the right you wish to exercise and attaching a copy of your identity document. EGS will respond within a maximum of 1 month, extendable by a further 2 months in cases of particular complexity (Art. 12.3 GDPR).

EGS uses predictive analysis algorithms for leak detection and water consumption optimization. These analyses are applied to aggregate consumption data and do not produce individual decisions with significant legal effects on individuals. No automated decisions are made within the meaning of Art. 22 GDPR.

EGS has assessed the obligation to appoint a Data Protection Officer (DPO) in accordance with Art. 37 GDPR and concludes that, in its current operational phase, the conditions that would make it mandatory are not met. This assessment will be reviewed periodically as the volume and typology of data processed grows.

EGS's service is directed exclusively at persons over 14 years of age, in accordance with Art. 7 of the LOPDGDD. EGS does not knowingly collect data from minors below this age. If it is detected that a registered user is under 14 years of age, their data will be deleted immediately.

We have adopted technical and organizational measures to protect data against unauthorized access, loss, alteration or improper disclosure, including access control, secure authentication, encryption and internal security policies.

In the event of a security breach affecting personal data, we will notify the AEPD and, if applicable, also those affected, as soon as possible.

The use of cookies and tracking technologies on this website is detailed in our Cookie Policy, available in the footer. →

This policy may be updated to adapt to legal or internal changes. In case of significant changes, notification will be provided through the website or other appropriate means.