Privacy Policy

NOUS SOMMES ESSENCE, as the data controller and in accordance with the provisions of Regulation (EU) 2016/679 on general data protection and Organic Law 3/2018 of December 5 on the protection of personal data and the guarantee of digital rights, provides you with this detailed privacy policy to inform you in detail about how we process your personal data and protect your privacy and the information you provide to us.

In this privacy policy, we explain your rights regarding your personal information and how to exercise them. In addition, if you need to contact the relevant data protection authority, we provide you with the contact details.

We, the parties responsible for processing your data:

Identity: WE ARE THE ESSENCE*

Headquarters: Via Augusta 48-54, 6 4, 08006, Barcelona.

Email: rgpd@somosesencia.es

* COMPANIES RELATED TO SOMOS ESENCIA: TIBRIO SL with tax identification number B61143699 and registered office at Paseo Marítimo de la Barceloneta, 30. 08000 Barcelona. Registered in the Barcelona Trade Register under number 36520, folio 94, S.8, sheet B 152077, contact number 932 25 12 72 and email address rgpd@somosesencia.es TIERRA DEL NINOT S.L., with CIF B66453838 and registered office located at C/ Casanova, 133. 08036 Barcelona. Registered in the Barcelona Trade Register under volume 44,696, folio 204, H ja B 463858, contact number 931 31 15 50, and contact email rgpd@somosesencia.es BRISA PALAU DE MAR S.L. with CIF B67047910 and registered office at Edifici Palau De Mar, Plaça de Pau Vila, 1, 08039 Barcelona. Registered in the Barcelona Trade Register under volume 46024, folio 220, sheet B 507108, contact number 931 31 15 49 and contact email rgpd@somosesencia.es. ECOBAR SOUTH with CIF B44794931 and registered office at Av. Vilanova 11, Local 3-4, 08018, Barcelona Registered in the Barcelona Trade Register under volume 48713, folio 32, sheet B593514, telephone 936 099 510, and contact email rgpd@somosesencia.es SUPERSANO SL with CIF B66514134 and registered office at Carrer Roger de Llíria 124, Local 2, 08037, Barcelona. Registered in the Barcelona Trade Register under number 44766, folio 51, sheet 465847, contact number 932 075 431, and contact email rgpd@somosesencia.es PILBAN ACTUEL SL with CIF B64346182 and registered office at Pg. Marítim de la Barceloneta 1, 08003, Barcelona. Registered in the Barcelona Trade Register under number 39003, folio 33, sheet B334767, contact number 932 241 253 and contact email rgpd@somosesencia.es, MITFOR BROS, S.L., with CIF B58513896 and registered office at Vía Augusta 48-54 6º4, 08006 Barcelona. Registered in the Barcelona Trade Register under volume 9212, folio 62, sheet B-77217 First entry, telephone number 937 687 482 and contact email rgpd@somosesencia.es,

1. What type of information might we collect about you?

Personal data collected from users and customers may be grouped into the following categories:

Basic information and contact details: such as first name, last name. Please also provide your billing address, email address, and phone number.

Financial and economic data: this group would include payment information, as well as commercial transactions carried out with us. This includes data used to verify your identity for the acceptance of payments and financial checks relevant to carrying out commercial transactions.

Professional and employment-related data: this category would include your professional interests and your professional identity published online. For example, your LinkedIn profile.

Technical data: including IP address, registration data, browser and version used, time zone, and type of plugins installed in your browser, operating system, and other technologies used when accessing our platform.

User data: such as your name, your preferences history, suggestions you have submitted, or any type of survey you have responded to.

Browsing data: includes information about how you browse when you visit our platform.

Marketing and communication preferences: we collect your preferences for receiving marketing communications and news from us, the consents you have given for this purpose, and your preferred channel.

Images captured by CCTV cameras: Here are the images that could be captured by CCTV cameras in our restaurants and offices.

We will never collect personal data that is specially protected or considered sensitive.

2. How do we collect your personal data?

As a general rule, most of your personal information is provided to us directly by you, whether in person at restaurants, by phone, by mail, via web forms, or by responding to surveys. However, we may also obtain information from:

  • From a company in the group.
  • From third parties related to us.
  • From a third party who has previously obtained your express consent for this purpose.
  • Among the cookies we activate on our website — For more information on the use of our cookies, please see our cookie policy.
  • From our facility access systems, where applicable. Such as registration and reception records, filing systems in the case of employees, video surveillance cameras, communication and instant messaging systems, email, or social media.

3. What can happen if you do not provide us with your personal information?

When we are required by law to collect your personal data, or when it is essential for us to enter into a contract with you, if you do not wish to provide us with your personal data, we may not be able to serve you. If we have to cancel our services for this reason, we will inform you first if necessary.

4. For what purpose do we process your personal information?

We have attached a detailed table indicating the purpose for which we collect your data and the legal basis that entitles us to do so.

5. Purpose of processing Why do we collect your information? What is the legal basis for processing your information?

  • Provide you with our services, accept payments and fees due
    • Contractual performance
    • In their own legitimate interest (for example, to manage potential payment defaults)
  • Register as a user or new customer
    • Express consent of the person concerned
    • Contractual performance
  • Manage our relationship with our customers, including: informing you of changes to our terms of employment or policies, and asking you to respond to a survey or evaluate our products/services.
    • Contractual performance
    • Compliance with a legal obligation
    • In our legitimate interest (to update our records and find out our customers' opinions on our products/services)
  • Send commercial communications, newsletters, and advertising through any communication channel. Send commercial communications relating to our products and services to customers who have already made reservations, in order to inform them of news, promotions, special events, and other offers that may be of interest to them, given that there is a prior relationship arising from the reservation made at our restaurants.
    • Express consent of the person concerned
    • In your own legitimate interest (as long as you have not expressed a desire to no longer receive communications, "unsubscribe")
  • Respond to requests and/or provide the information required by the interested party, including sending quotes.
    • Legitimate interest
    • Contractual performance
    • Consent of the person concerned
    • Compliance with a legal obligation
  • Managing user interactions on our social networks
    • Compliance with a legal obligation (for example, to remove offensive, racist, profane, or insulting comments; to maintain an environment of respect and integration; to protect the privacy of minors, etc.)
    • Legitimate interest (when we remove third-party advertising from our networks, for example)
  • Use analytical data to improve the web browsing experience, implement marketing strategies, and optimize recruitment processes through the use of cookies.
    • Legitimate interest
    • Consent of the interested party (by accepting the use of analytical cookies, for example)
  • Manage and protect our business and our website. This includes detecting navigation issues, analyzing data, web testing, etc.
    • Compliance with a legal obligation
    • Legitimate interest (management of our company, security of our networks, fraud prevention, etc.)
  • Suggest and recommend services that may interest you
    • In a legitimate interest (to develop our business), you have the right to refuse to receive further communications at any time.
  • Provide personal information to authorities or upon judicial request. Compliance with a legal obligation.
  • Strengthening the security of our physical facilities (installation of video surveillance cameras and video surveillance, access control). In our legitimate interest and in the interest of third parties. For example, to detect acts that are harmful to our employees or customers.
  • Update and improve our customer files
    • In accordance with a legal obligation
    • In fulfillment of a contract
  • In a legitimate interest (to verify that we can continue to contact our customers regarding issues related to their subscriptions, orders, or purchased products).
  • Ensuring job security, personnel management, and the employability of candidates
    • In accordance with a legal obligation
    • In their own legitimate interest and that of third parties. To improve the experience of our employees in the performance of their duties.
  • Resolve complaints, incidents, or requests through authorized channels (email and phone).
    • Interested consent
    • In a legitimate interest
    • Legal obligation
  • Provide claim forms to users who request them via user support (contact form, telephone, or email).
    • Compliance with legal obligations
  • Monitoring of the European Commission's online dispute resolution procedure, particularly on the ODR platform: http://ec.europa.eu/consumers/odr/Tracking user complaints and procedures with consumer protection agencies (registration with identification code)
    • Compliance with legal obligations

6. With whom can we share your personal data?

We may need to share your personal information with:

  • The companies in the group
  • Third parties that we outsource to or service providers that we use to provide our services.
  • Third parties we need to manage our activities.
  • The banking institutions we work with.

All suppliers we work with are contractually bound to us. We can guarantee that they comply with all necessary security measures to protect your personal information and that they will use your personal data solely and exclusively for the specified purposes, in accordance with our instructions.

We will also share personal information with law enforcement agencies when required by law.

7. Where do we store your personal information?

All information you provide to us, both via this website and through other channels, will be hosted on Microsoft Office servers. These servers are hosted in the European Economic Area.

8. How long will we keep your personal data?

Your data will be kept for the duration of your business relationship with us or if you exercise your right of cancellation or opposition, or limitation of processing.

In addition, if we have not maintained relevant contact with you for a period of two years, we will delete your personal data from our systems, unless we are required by law to retain it (for example, at the request of an authority or in the context of a potential dispute).

We inform you that our information retention policies comply with the time limits set by the various legal responsibilities for the purposes of limitation periods:

  • As a general rule:

In accordance with the provisions of Article 30 of the Commercial Code, and unless other criteria apply, all company documents and/or information will be retained for six years.

This applies to all accounting, tax, social, or commercial documents, including correspondence.

  • Specific deadlines:

Our company must also set minimum retention periods based on the type of data processed and taking into account the various limitation periods, which each department must be aware of.

This table lists the limitation periods that affect or may affect our organization:

Employment, for the purposes of violation: 3 years (Art. 4.1 RD 5/2000)

Social security, for violations: 4 years (Art. 4.2 RD 5/2000)

Prevention of occupational risks, for the purposes of infringements: 5 years (Art. 4.3 RD 5/2000)

Tax, for tax debts: 4 years (Article 66 of Law 58/2003)

For the purposes of verifying compensated expenses or deductions applied: 10 years (Art. 66 bis Law 58/2003)

Accounting and commerce: 6 years (Art. 30 of the Civil Code)

Offenses against public finances and social security: 10 years (Art. 131 LO 10/1995)

You will not be subject to decisions based on automated processing that affects your data.

9. Our communications

All personal information you provide to us will be integrated into our information systems. If you accept this privacy policy, it means that you give your express consent to the following activities and/or actions, unless you tell us otherwise:

  • To send you commercial, promotional, and direct marketing communications by any activated means of communication, to inform you about activities, services, promotions, advertising, news, offers, and other information about services and products related to us and our group.
  • When you send communications electronically, provided that you are subscribed to our NEWSLETTER and have not unsubscribed.
  • Data retention for the periods specified in the applicable provisions.

10. How can I stop receiving marketing communications (unsubscribe)?

You may revoke any express consent you have given us to send you commercial information at any time. To do so, you can request to unsubscribe by using the (unsubscribe) option when it is enabled in our application/website, or by sending us an email with the subject line "unsubscribe" to rgpd@somosesencia.es.

In accordance with the LSSICE, we never send SPAM. Therefore, we will not send you commercial emails unless you have requested or authorized them. However, in all our communications, you will have the option to revoke your consent.

We will not process your personal data for purposes other than those described, unless legally required or requested by a court order.

11. User responsibility - Declaration of truthfulness

By providing us with their personal information electronically, users declare that they are over 14 years of age and that all data provided to SOMOS ESENCIA is true, accurate, complete, and up to date. To this end, the user confirms that they are responsible for the accuracy of the data provided and that they will keep this information up to date so that it corresponds to their actual situation, being responsible for any false or inaccurate data they may provide, as well as for any direct or indirect damage that may arise.

12. If you send us your resume

If you wish to send us your CV via our website, we inform you that the data provided will be processed in order to include you in any selection processes that may arise, by analyzing your professional profile with the aim of selecting the most suitable candidate for the position in question.

We do not accept CVs submitted through other channels (for example, CVs delivered by hand on paper). If any of your details change, please inform us in writing as soon as possible so that your details can be updated accordingly.

Programs will be kept for a maximum period of one year, after which they will be securely destroyed and all data included will be deleted. We guarantee total confidentiality. In this regard, after the aforementioned deadline, if you wish to continue participating in any selection processes, you must resubmit your resume.

The data may be processed and/or communicated to member companies of our group for as long as your program is retained and for the same purposes as those indicated above.

13. How do we secure your information?

We take the protection of your data very seriously. For this reason, we guarantee the implementation of appropriate physical, organizational, and technological security measures, controls, and procedures to prevent accidental loss, malicious use, or access to your information.

We limit access to your data to authorized individuals and entities, and we ensure that all our staff are properly trained. All individuals involved in the processing of your personal data are subject to a duty of confidentiality.

In addition, we implement technical procedures to respond to any suspicion that may constitute a breach of data security. If necessary, we will inform you and the supervisory authority (the AEPD in Spain), in accordance with current regulations.

14. How to exercise your ARCO-POL rights?

The GDPR and its transposition into Spanish law (the LOPDGDD) guarantee you the following rights. You may exercise these rights at any time and free of charge:

Right of access: The right to receive a copy of your personal information.

Right to rectification: The right to request the correction of errors in personal information.

Right to erasure (right to be forgotten): The right to request that we delete your personal information in certain situations.

Right to restriction: The right to request the restriction of the processing of your data.

Right to object: The right to object to:

-to the processing of your data for direct marketing purposes (including profiling).

-in certain circumstances so that we can continue to process your data. For example, processing carried out on the basis of our legitimate interest.

Right to portability: The right to receive your personal information in a structured, readable format and/or to transmit this data to a third party in specific situations.

Automated individual decision-making: Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects you.

To exercise any of the above rights, you can write to us with your request at the email address specifically provided for this purpose: rgpd@somosesencia.es

You must include information about exactly what you need with your request and, in all cases, proof of your identity that is valid under the law.

15. The supervisory authority for data protection

We are eager to answer any questions or concerns you may have regarding your personal information. However, if you wish to file a complaint with the competent authority, you have the right to do so.

In Spain, the highest authority in data protection matters is the Spanish Data Protection Agency (AEPD).

https://www.aepd.es/es - Tel: 91 266 35 17.

16. Changes to this privacy policy

SOMOS ESENCIA reserves the right to modify this policy to adapt it to new legislation or case law.

Somo Essence Isotype - White

Reserve your table