Privacy policy

SOM ESSÈNCIA, as the Data Controller and owner of this website, in accordance with the provisions of Regulation (EU) 2016/679, General Data Protection Regulation and Organic Law 3/2018, of December 5, on Personal Data Protection and Guarantee of Digital Rights, makes this privacy policy available to you in detail in order to inform you, in detail about how we process your personal data and protect your privacy and the information you provide us.

In this privacy policy, we explain your rights regarding your personal information and how to exercise them. Additionally, if you need to contact the competent authority in matters of data protection, we provide you with the contact details.

Ours, those responsible for processing your data:

Identity: WE ARE ESSENCE*

Registered office: Via Augusta 48-54, 6 4, 08006, Barcelona.

Email: rgpd@somosesencia.es

* COMPANIES RELATED TO SOMOS ESENCIA: TIBRIO SL with Tax ID number B61143699 and registered office at Passeig Marítim de la Barceloneta, 30. 08000 Barcelona. Registered in the Barcelona Mercantile Registry in volume 36520, folio 94, S.8, page B 152077, contact number 932 25 12 72, and email address rgpd@somosesencia.es TERRA DEL NINOT S.L., with Tax ID number B66453838 and registered office at C/ Casanova, 133. 08036 Barcelona. Registered in the Barcelona Mercantile Registry with volume 44,696, folio 204, H ja B 463858, contact number 931 31 15 50 and contact email rgpd@somosesencia.es BRISA PALAU DE MAR S.L. with Tax ID number B67047910 and registered office at Edifici Palau De Mar, Plaça de Pau Vila, 1, 08039 Barcelona. Registered in the Barcelona Mercantile Registry under volume 46024, folio 220, page B 507108, contact number 931 31 15 49, and contact email rgpd@somosesencia.es. ECOBAR SUD with Tax ID number B44794931 and registered office at Av. Vilanova 11, Local 3-4, 08018, Barcelona Registered in the Barcelona Mercantile Registry under Volume 48713, Folio 32, Page B593514, telephone number 936 099 510, and contact email rgpd@somosesencia.es SUPERSANO SL with Tax ID number B66514134 and registered office at Carrer Roger de Llíria 124, Local 2, 08037, Barcelona. Registered in the Barcelona Mercantile Registry with volume 44766, folio 51, page 465847, contact number 932 075 431, and contact email rgpd@somosesencia.es FULL ACTUAL SL with Tax ID number B64346182 and registered office at Pg. Marítim de la Barceloneta 1, 08003, Barcelona. Registered in the Barcelona Mercantile Registry under Volume 39003, Folio 33, Page B334767, contact number 932 241 253, and contact email rgpd@somosesencia.es, MITFOR BROS, S.L., with Tax ID number B58513896 and registered office at Vía Augusta 48-54 6º4, 08006 Barcelona. Registered in the Barcelona Mercantile Registry with Volume 9212, Folio 62, Page B-77217 First Register, telephone 937 687 482 and contact email rgpd@somosesencia.es,

1. What type of information might we collect about you?

The personal data collected from users and customers can be grouped into the following categories:

Basic and contact details: Such as your first name and last names. Also include your billing address, email address, and phone number.

Financial and economic data: this group would include payment details, as well as commercial transactions carried out with us. Including data to verify your identity for the acceptance of payments and the relevant financial controls to be able to carry out commercial transactions.

Professional and work details: this category would include your professional interests and your professional identity published online. For example, your LinkedIn profile.

Technical data: including IP address, registration data, browser and version used, location and time zone, type of plug-ins installed in your browser, operating system, and other technology used to access our platform.

User data: such as your name, preference history, suggestions sent by you, or any type of survey you have responded to.

Browsing data: includes information related to your browsing mode when you visit our platform.

Marketing and communication preferences: we collect your preferences for receiving commercial communications and news from us, the consents granted for this purpose, and the channel of your choice.

Images captured by video surveillance cameras: Here are the images that may be captured by video surveillance cameras in our restaurants and offices.

We will never collect personal data that is specially protected or considered sensitive.

2. How do we collect your personal data?

As a general rule, most of your personal information is provided directly by you, either in person at restaurants, by telephone, email, web forms, or by responding to surveys. However, we may also obtain information from:

  • of a company in the group.
  • From third parties linked to us.
  • From a third party who has previously obtained your express consent for this purpose.
  • About the cookies enabled on our website — For more information about the use of our cookies, please visit our cookie policy.
  • From our access systems to the facility, when available. Such as billing and reception records, filing systems in the case of employees, video surveillance cameras, communication and instant messaging systems, email, or social networks.

3. What can happen if you do not provide us with your personal information?

When we are required by law to collect your personal data, or when this data is essential for entering into a contract with you, if you do not wish to provide us with your personal data, it may be impossible for us to serve you. In the event that we find ourselves in the need to cancel our services because of this, we will notify you when necessary.

4. For what purpose do we process your personal information?

We have attached a detailed table explaining the purpose for which we collect your data and the legal basis that legitimizes us to do so.

5. Purpose of processing Why do we collect your information? What is the legal basis for processing your information?

  • To provide you with our services, accept payments, and charge fees
    • Contract enforcement
    • In its own legitimate interest (for example, to manage possible non-payments)
  • Register as a web user or new customer
    • Express consent of the interested party
    • Contract enforcement
  • Managing our relationship with our customers, including: Notifying them of changes to our terms and conditions or policies and asking them to respond to a survey or review our products/services.
    • Contract enforcement
    • Compliment of a legal obligation
    • In our own legitimate interest (to update our records and find out our customers' opinions about our products/services)
  • Sending commercial communications, newsletters, and advertising through any communication channel. Sending commercial communications related to our products and services to customers who have made prior reservations, with the aim of informing them about news, promotions, special events, and other offers that may be of interest to them, considering that there is a prior relationship derived from the reservation made at our restaurants.
    • Express consent of the interested party
    • In your own legitimate interest (provided that you have not expressed your desire to stop receiving communications, 'opt-out')
  • Respond to inquiries and/or provide information requested by the interested party, including sending quotes.
    • Legitimate interest
    • Contract enforcement
    • Consent of the data subject
    • Compliment of a legal obligation
  • Management of user interactions on our social networks
    • Compliance with a legal obligation (for example, removing offensive, racist, profane, or insulting comments; maintaining an environment of respect and integration; preserving the privacy of minors, etc.)
    • Legitimate interest (when we remove third-party advertising from our networks, for example)
  • Use analytical data to improve the web browsing experience, implement marketing strategies, and optimize contracting processes through the use of cookies.
    • Legitimate interest
    • Consent of the interested party (by accepting the use of analytical cookies, for example)
  • Manage and protect our business and our website. This includes detecting browsing issues, data analysis, web testing, etc.
    • Compliment of a legal obligation
    • Legitimate interest (managing our company, providing security for our networks, preventing fraud, etc.)
  • Suggest and recommend services that may be of interest
    • In legitimate interest (to grow our business), with the right to opt out of receiving further communications at any time.
  • Provide personal information to authorities or upon judicial request. Compliance with a legal obligation.
  • To provide greater security at our physical facilities (installation of CCTV/video surveillance cameras, access control). In our legitimate interest and in the interest of third parties. For example, to detect the commission of an act that is harmful to our employees or customers.
  • Updating and improving our customer records
    • In compliance with a legal obligation
    • In execution of a contract
  • In legitimate interest (to verify that we can continue to contact our customers regarding issues related to their subscriptions, orders, or purchased products).
  • Ensuring job security, personnel management, and the employability of candidates
    • In compliance with a legal obligation
    • In your own legitimate interest and that of third parties. To improve the experience of our employees in the performance of their duties.
  • Resolve complaints, incidents, or queries through designated channels (email and telephone).
    • Interested consent
    • In legitimate interest
    • Legal Obligation
  • Provide complaint forms to users who request them through user support (contact form, telephone, or email).
    • Compliance with legal obligations
  • Monitoring of the European Commission's online dispute resolution procedure, in particular under the ODR platform: http://ec.europa.eu/consumers/odr/. Tracking of complaints and procedures filed by users with consumer agencies (register with identification code)
    • Compliance with legal obligations

6. With whom can we share your personal data?

We may need to share your personal information with:

  • Companies in the Group
  • Third parties that we outsource to or service providers that we use to provide our services.
  • Third parties we need to manage our business.
  • The banking institutions we work with.

All the providers we work with are contractually bound to us. We can guarantee that they comply with all the necessary security measures to safeguard your personal information, and that they will use your personal data solely and exclusively for the specified purposes, in accordance with our instructions.

We also share personal information with law enforcement agencies when required by law.

7. How do we store your personal information?

All information you provide, both through this website and through other channels, will be stored on Microsoft Office servers. These servers are located within the European Economic Area.

8. How long will we keep your personal data?

Your data will be kept for as long as your business relationship with us lasts or until you exercise your right to cancel, object, or limit processing.

Furthermore, if we have not had any relevant contact with you for a period of two years, we will delete your personal data from our systems, unless we are required by law to retain it (for example, at the request of an authority, or in relation to possible litigation).

We inform you that our information retention policies comply with the terms established by the various legal responsibilities for the purposes of limitation periods:

  • As a general rule:

Pursuant to Article 30 of the Commercial Code, and without prejudice to other criteria, all company documents and/or information shall be retained for 6 years.

This affects all accounting, tax, labor, or commercial documentation, including correspondence.

  • Specific terms:

Our company must also set minimum terms depending on the type of data involved and taking into account the different limitation periods, which each department must be aware of.

This table lists the limitation periods that affect or may affect our organization:

Occupancy, for the purpose of offenses: 3 years (Art. 4.1 RD 5/2000)

Social Security, for the purpose of offenses: 4 years (Art. 4.2 RD 5/2000)

Prevention of Occupational Risks, for the purpose of infringements: 5 years (Art. 4.3 RD 5/2000)

Tax, for the purposes of tax debts: 4 years (Art. 66 Law 58/2003)

Tax authorities, for the purpose of verifying offset taxes or deductions applied: 10 years (Art. 66 bis Law 58/2003)

Accounting and commercial law: 6 years (Art. 30 of the Civil Code)

Crimes against the Public Treasury and Social Security: 10 years (Art. 131 LO 10/1995)

You will not be subject to decisions based on automated processing that have an effect on your data.

9. Our communications

All personal information you provide will be incorporated into our information systems. By accepting this privacy policy, you expressly consent to the following activities and/or actions, unless you indicate otherwise:

  • To send you commercial, promotional, and direct marketing communications through any enabled communication medium, to inform you of activities, services, promotions, advertising, news, offers, and other information about services and products related to us and our group.
  • By sending communications electronically, provided that you have subscribed to our NEWSLETTER and have not unsubscribed.
  • The storage of data during the periods specified in the applicable provisions.

10. How to stop receiving marketing communications (opt out)?

You may revoke any express consent you have given us to send you commercial information at any time. To do so, you can request to unsubscribe using the option (opt out) when it is enabled on our app/website, or by sending us an email with the subject "unsubscribe" to rgpd@somosesencia.es.

In accordance with the LSSICE, we never send SPAM, therefore we will not send you commercial emails unless you have requested or authorized them. However, in all our communications, you will have the option to revoke your consent.

We will not process your personal data for any purpose other than those described, except where required by law or court order.

11. User responsibility - Declaration of truthfulness

By providing us with your personal information through electronic channels, you declare that you are over 14 years of age and that all the information provided to SOMOS ESENCIA is true, accurate, complete, and up to date. To this end, the user confirms that they are responsible for the accuracy of the data provided and that they will keep this information duly updated so that it reflects their actual situation, being responsible for any false or inaccurate data that they may provide, as well as for any direct or indirect damages that may arise.

12. If you send us your resume

If you wish to send us your CV via our website, please note that the data you provide will be processed in order to include you in any selection process that may arise, analyzing your professional profile with the aim of selecting the most suitable candidate for the possible vacancy.

We do not accept resumes sent through other channels (for example, delivered by hand on paper). If there are any changes to your details, please notify us in writing as soon as possible so that we can keep your details up to date.

CVs will be kept for a maximum period of one year, after which they will be securely destroyed and all data contained therein will be deleted. We guarantee total confidentiality. In this regard, once the aforementioned period has elapsed, if you wish to continue participating in possible selection processes, you will need to resubmit your CV.

The data may be processed and/or communicated to the companies that make up our group for as long as your resume is kept on file and for the same purposes indicated above.

13. How do we keep your information secure?

We take the protection of your data very seriously. Therefore, we guarantee the implementation of appropriate physical, organizational, and technological security measures, controls, and procedures to prevent your information from being accidentally lost, maliciously used, or accessed.

We limit access to your data to individuals and entities with the right to do so, and we ensure that all our staff are properly trained. Everyone involved in the processing of your personal data is subject to a duty of confidentiality.

In addition, we apply technical procedures to respond to any suspicion that may involve a breach of data security. If necessary, we will notify you and the supervisory authority (the AEPD in Spain), in accordance with current regulations.

14. How to exercise your ARCO-POL rights?

Both the GDPR and its transposition into Spanish law (the LOPDGDD) guarantee you the exercise of the following rights. You can exercise them at any time and always free of charge:

Right of access: Right to receive a copy of your personal information.

Right of rectification: Right to request the correction of errors in personal information.

Right to erasure/deletion (right to be forgotten): Right to request that we delete your personal information in certain situations.

Right to restriction: Right to request the restriction of the processing of your data.

Right to object: The right to object to:

-the processing of your data for direct marketing purposes (including profiling).

-in certain circumstances, because we continue to process your data. For example, processing carried out on the basis of our legitimate interest.

Right to portability: Right to receive your personal information in a structured, readable format and/or to transmit this data to a third party—in specific situations.

Automated individual decision-making: Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects you.

To exercise any of the aforementioned rights, you can send us your request in writing to the email address provided specifically for this purpose: rgpd@somosesencia.es

You must attach to your request information about exactly what you need and, in any case, proof of your identity, valid in law.

15. Data protection supervisory authority

We hope to resolve any questions or concerns you may have about your personal information. However, if you wish to file a complaint with the competent authority, you have the right to do so.

In Spain, the highest authority on data protection is the Spanish Data Protection Agency (AEPD).

https://www.aepd.es/es - Tel: 91 266 35 17.

16. Changes to this privacy policy

SOMOS ESENCIA reserves the right to modify this policy to adapt it to new legislation or case law.

Somo Essence Isotype - White

Reserve your table