Who we are

Website URL: https://www.goco.com
Owner: Paula González-Carrascosa Ortiz
Trade name: goco
Contact email: gco.psico@gmail.com
Professional license number: AO14239
Location: Marbella, Málaga, Spain

What personal data we collect and why

This website may collect the following personal data through its contact form:

  • Full name
  • Email address
  • Phone number
  • Message or inquiry

These data are collected solely for the purpose of responding to your inquiry and providing professional psychological support if needed. The legal basis for processing your data is your explicit consent when submitting the form.

Additionally, the site may automatically collect technical information, such as your IP address or the browser used, through necessary cookies and systems like reCAPTCHA, which protect the form against spam and automated access.

No health data is collected through the form. Any clinical information is only handled within the context of the direct therapeutic relationship, with signed informed consent.

Comments

This website does not allow comments, so no personal data are collected through this channel.

Media

Users cannot upload media files to this website.

Contact forms

Data submitted through the contact form is stored solely to respond to the user's request and is kept for a maximum period of 6 months. It is not used for commercial purposes nor shared with third parties.

This form includes protection through Google reCAPTCHA, which may involve the collection of certain technical data by Google to verify that the user is not a robot. Check their policy here: https://policies.google.com/privacy

Cookies

This website uses technical cookies necessary for its operation and protection against spam through reCAPTCHA.
Currently, no analytics or advertising tracking cookies are used. If any are added in the future, you will be informed and consent will be requested through a cookie notice in accordance with GDPR.

Analytics

This site currently does not use analytics or tracking tools.

Who we share your data with

No personal data are shared with third parties besides the following cases:

  • Web hosting provider: The site is hosted on a privately managed server. This provider may have access to technical data necessary for the site's operation, always under security and confidentiality measures.
  • Google LLC: for the functionality of reCAPTCHA.

If an online appointment booking system (such as Eholó) is integrated, users will be explicitly informed before entering their data.

How long we retain your data

  • Contact form data: up to 6 months
  • Technical cookies: according to standard duration (session or persistent cookies lasting up to 1 year)
  • Clinical information collected during therapy: according to healthcare regulations, up to 5 years after the last session

Your rights

You have the right to:

  • Access your personal data
  • Correct them if they are inaccurate
  • Request their deletion
  • Limit or object to their processing
  • Transfer them to another controller
  • Withdraw your consent at any time

To exercise these rights, you can write to gco.psico@gmail.com.
If you believe your data has not been properly handled, you can file a complaint with the Spanish Data Protection Agency (AEPD).

Where your data is sent

Your data is not transferred outside the European Economic Area (EEA), except in cases where services like Google (reCAPTCHA) are used, which may involve international transfers. In such cases, the application of standard contractual clauses or other valid mechanisms in accordance with the GDPR is ensured.

Contact information

For privacy-related matters, contact:

Paula González-Carrascosa Ortiz
Email: gco.psico@gmail.com

How we protect your data

This website and any information that may be generated through it are protected by:

  • SSL encryption (secure browsing)
  • Anti-spam protection with reCAPTCHA
  • Restricted access to clinical information
  • Best practices in personal data management in accordance with current regulations

What procedures we have in place for data breaches

If a security breach affecting your personal data is detected, a response protocol will be activated in accordance with the GDPR, notifying the AEPD and, if applicable, the affected users within a maximum of 72 hours.

Third-party data

We do not receive user data from third parties or advertisers.

Automated decision-making and profiling

We do not carry out any automated profiling or decision-making using user data.

Regulatory requirements of the sector

As a psychology professional, I comply with the provisions of the Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights, the Regulation (EU) 2016/679 (GDPR), as well as the applicable healthcare legislation.