Privacy Policy

SOMOS ESENCIA, as Data Controller and of this website, in accordance with the provisions of Regulation (EU) 2016/679, General Data Protection and the Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights, offers you this privacy policy in order to inform you, in detail, about how we treat your personal data and protect your privacy and the information you provide us.

In this privacy policy, we explain your rights regarding your personal information and how to exercise them. Additionally, if you need to contact the competent data protection authority, we provide you with their contact details.

We, the data controllers of your data:

Identity: WE ARE ESSENCE*.

Registered office: Via Augusta 48-54, 6 4, 08006, Barcelona.

E-mail: rgpd@somosesencia.es

* COMPANIES LINKED TO SOMOS ESENCIA: TIBRIO SL with CIF B61143699 and registered office at Paseo Marítimo de la Barceloneta, 30. 08000 Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 36520, Folio 94, S.8, Page B 152077, contact telephone number 932 25 12 72, and email rgpd@somosesencia.es TIERRA DEL NINOT S.L., with CIF B66453838 and registered office at C/ Casanova, 133. 08036 Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 44.696, Folio 204, H ja B 463858, contact telephone number 931 31 15 50 and contact email rgpd@somosesencia.es BRISA PALAU DE MAR S.L. with CIF B67047910 and registered office at Edifici Palau De Mar, Plaça de Pau Vila, 1, 08039 Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 46024, Folio 220, Page B 507108, contact telephone number 931 31 15 49 and email rgpd@somosesencia.es,. ECOBAR SLU provided with CIF B44794931 and registered office at Av. Vilanova 11, Local 3-4, 08018, Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 48713, Folio 32, Page B593514, telephone number 936 099 510 and contact email rgpd@somosesencia.es SUPERSANO SL provided with CIF B66514134 and registered office at Carrer Roger de Llúria 124, Local 2, 08037, Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 44766 Folio 51, Page 465847, contact telephone number 932 075 431, and contact email rgpd@somosesencia.es PILBAN ACTUAL SL with CIF B64346182 and registered office at Pg. Marítim de la Barceloneta 1, 08003, Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 39003, Folio 33, Page B334767, contact telephone number 932 241 253 and contact email rgpd@somosesencia.es, MITFOR BROS, S.L, with VAT number B58513896 and registered office at Via Augusta 48-54 6º4, 08006 Barcelona. Registered in the Mercantile Registry of Barcelona in Volume 9212, Folio 62, Page B-77217 1st Inscription, telephone 937 687 482 and contact email rgpd@somosesencia.es,

1. What kind of information about you might we collect?

The personal data we collect from users and customers can be grouped according to the following categories:

Basic and contact information: such as first name, last name. Including also your billing address, email and phone number.

Financial and economic data: this group would include payment details, as well as commercial transactions carried out with us. Including data to verify your identity for the acceptance of payments and the pertinent financial verifications in order to carry out commercial transactions.

Professional and employment data: this category would include your professional interests and your professional identity published online. For example, your LinkedIn profile.

Technical data: including IP address, registration data, browser and version used, time zone and usage, type of plugins installed in your browser, operating system and other technology used during access to our platform.

User data: such as name, preferences history, suggestions submitted by you or any type of survey you have answered.

Navigation data: includes information related to your navigation mode when you visit our platform.

Marketing and communication preferences: we collect your preferences to receive commercial communications and news from us, the consents granted for this purpose and the channel of your choice.

Images captured by video surveillance cameras: this includes images that may be captured by video surveillance cameras in our restaurants and offices.

We will never collect personal data that is specially protected or considered sensitive.

2. How do we collect your personal data?

As a general rule, most of your personal information is provided to us directly by you, either in person at restaurants, by telephone, by mail, on web forms or by responding to surveys. However, we may also obtain information from:

  • From a group company.
  • From third parties related to us.
  • From a third party who has previously obtained your express consent to do so.
  • About the cookies we enable on our website - For more information about the use of our cookies, you can visit our cookie policy.
  • Of our access systems to the facilities, if any. Such as, for example, entry and reception registers, employee clocking-in systems, video surveillance cameras, communication and instant messaging systems, email or social networks.

3. What can happen if you do not provide us with your personal information?

If we are obliged by law to collect your personal data or, if it is essential for us to enter into a contract with you, if you do not wish to provide us with your personal data, it may not be possible for us to serve you. In the event that we need to cancel our services because of this, we will notify you first when necessary.

For what purposes do we process your personal information?

Attached is a detailed table with the purpose for which we collect your data and the legal basis that legitimizes us to do so.  

‍5. Purpose of processing Why do we collect your information? What is the legal legitimacy to process your information?

  • To provide you with our services, to accept payments and collections due
    • Contract execution
    • In its own legitimate interest (e.g. to manage possible unpaid debts)
  • Register as a web user or new customer
    • Express consent of the person concerned
    • Contract execution
  • Manage our relationship with our customers, which includes: Notifying you of changes to our terms and conditions or policies and requesting that you respond to a survey or rate our products/services.
    • Contract execution
    • Fulfillment of a legal obligation
    • In our own legitimate interest (to update our records and learn our customers' opinions about our products/services)
  • Sending commercial communications, newsletters, newsletters and advertising, by any communication channel. Sending commercial communications related to our products and services to customers who have made previous reservations, in order to inform them about news, promotions, special events and other offers that may be of interest to them, considering that there is a previous relationship derived from the reservation made in our restaurants.
    • Express consent of the person concerned
    • In legitimate self-interest (as long as you have not expressed your desire to stop receiving communication, 'opt-out')
  • Respond to inquiries and/or provide information requested by the interested party, including the sending of quotations.
    • Legitimate self-interest
    • Contract execution
    • Consent of the person concerned
    • Fulfillment of a legal obligation
  • Manage user interactions on our social networks.
    • Compliance with a legal obligation (e.g. to remove offensive, racist, profane or insulting comments; to maintain an atmosphere of respect and integration, to preserve the privacy of minors, etc.).
    • Legitimate self-interest (when we remove third-party advertising from our networks, for example).
  • Use analytical data to improve the web browsing experience, implement marketing strategies and optimize recruitment processes through the use of cookies.
    • Legitimate self-interest
    • Consent of the data subject (by accepting the use of analytical cookies, for example).
  • Manage and protect our business and our website. This includes detecting browsing problems, data analysis, web testing, etc.
    • Fulfillment of a legal obligation
    • Legitimate self-interest (running our business, securing our networks, preventing fraud, etc.).
  • Suggest and recommend services that may be of interest to you.
    • In legitimate interest (to grow our business), you have the right to opt out of receiving further communications at any time.
  • To provide personal information to the authorities or as required by law. Fulfillment of a legal obligation
  • To provide our physical facilities with greater security (installation of CCTV cameras / video surveillance, access control). In legitimate interest and in the interest of third parties. For example to detect the commission of an act harmful to our employees or customers.
  • Updating and improving our customer records
    • In compliance with a legal obligation
    • In execution of a contract
  • In legitimate interest (to verify that we can continue to contact our customers for matters related to their subscriptions, orders or products purchased).
  • Ensuring job security, personnel administration and employability of candidates
    • In compliance with a legal obligation
    • In our own legitimate interests and those of third parties. To improve the experience of our employees in the performance of their duties.
  • Resolve complaints, incidents or queries through authorized channels (email and telephone).
    • Consent of the interested party
    • In legitimate interest
    • Legal obligation
  • Provide complaint forms to users who request them through customer service (contact form, telephone or mail).
    • Compliance with legal obligation
  • Monitoring of the European Commission's online dispute resolution procedure, in particular under the ODR platform: http://ec.europa.eu/consumers/odr/. Follow-up of user complaints and procedures before Consumer Agencies (register with identification code).
    • Compliance with legal obligation

With whom may we share your personal information?

We may need to share your personal information with:

  • Group companies
  • Third party companies that we subcontract or service providers that we use to provide our services.
  • Third parties we need to manage our business.
  • The banks we work with.

All suppliers we work with are contractually bound to us. We can guarantee that they comply with all necessary security measures to safeguard your personal information, that they will use your personal data only and exclusively for the specified purposes, in accordance with our instructions.

We will also share personal information with law enforcement when we are required by law to do so.

7. Where do we store your personal information?

All information you provide to us, both through this website and through other channels, will be hosted on Microsoft Office servers. These servers are hosted within the European Economic Area.

8. How long will we keep your personal data?

Your data will be kept for the duration of the business relationship with us or exercise your right of cancellation or opposition, or limitation to treatment.

Also, if we have not maintained relevant contact with you for a period of two years, we will delete your personal data from our systems, unless we are required by law to retain it (e.g. at the request of an authority, or in connection with possible litigation).

We inform you that our information retention policies are in accordance with the time periods established by the different legal responsibilities for statute of limitations purposes:

  • As a general rule:

Pursuant to the provisions of Article 30 of the Commercial Code, and except for other criteria, all company documents and/or information shall be kept for 6 years.

This concerns all accounting, tax, labor and commercial documentation, including correspondence.

  • Specific deadlines:

Our company must also set minimum deadlines depending on the type of data involved and according to the different statute of limitations, which each department must be aware of.

This table lists the time periods of requirements that affect or may affect our organization:

Labor, for infringement purposes: 3 years (Art. 4.1 RD 5/2000).

Social Security, for infringement purposes: 4 years (Art. 4.2 RD 5/2000).

Prevention of Labor Risks, for the purpose of infractions: 5 years (Art. 4.3 RD 5/2000).

Tax, for tax debt purposes: 4 years (Art. 66 Law 58/2003).

Tax, for the purpose of verification of compensated quotas or deductions applied: 10 years (Art. 66 bis Law 58/2003).

Accounting and mercantile: 6 years (Art. 30 of the CC)

Crimes against the Public Treasury and Social Security: 10 years (Art. 131 LO 10/1995)

You will not be subject to decisions based on automated processing that produce effects on your data.

9. Our communications

Any personal information you provide to us will be incorporated into our information systems. If you accept this privacy policy, it means that you expressly consent to the following activities and/or actions, unless you tell us otherwise:

  • To send you commercial, promotional and direct marketing communications by any means of communication enabled, to inform you of activities, services, promotions, advertising, news, offers and other information about services and products related to us and our group.
  • To the sending of communications by electronic means, provided that you have subscribed to our NEWSLETTER and have not unsubscribed.
  • The retention of data for the periods provided for in the applicable provisions.

10. How to stop receiving marketing communications (opt-out)?

At any time you may revoke any express consent you have given us to send you commercial information. To do so, you can request to unsubscribe by using the option (opt-out) when it is enabled in our app/web, or by sending us an email with the subject "unsubscribe" to rgpd@somosesencia.es.

In accordance with the LSSICE, we never carry out SPAM, therefore, we will not send you commercial emails if they have not been requested or authorized by you. However, in all our communications, you will have the possibility to revoke your consent.

We will not process your personal data for any other purpose than those described above except by legal obligation or court order.

11. User's responsibility - Truthfulness statement

By providing us with your personal information through electronic channels, you declare that you are over 14 years of age and that all the information provided to SOMOS ESENCIA is true, accurate, complete, and up to date. To this end, the user confirms that they are responsible for the accuracy of the data provided and that they will keep this information suitably updated so that it reflects their actual situation, taking responsibility for any false or inaccurate data they may provide, as well as for any direct or indirect damages that may arise.

12. If you send us your resume

In the event that you want to send us your CV through our website, we inform you that the data provided will be processed to make you participate in the selection processes that may be carried out, carrying out an analysis of your professional profile in order to select the most suitable candidate for the vacancy.

We do not accept resumes submitted through other channels (e.g. hand-delivered on paper). In case of any change in the data, please inform us in writing as soon as possible, in order to keep your data updated.

CVs will be kept for a maximum period of one year, after which they will be securely destroyed and all data included will be deleted. We guarantee total respect for confidentiality. In this sense, after this period, if you wish to continue participating in possible selection processes, you must send your resume again.

The data may be processed and/or communicated to the companies of our group during the time your curriculum is kept and for the same purposes as mentioned above.

13. How do we keep your information secure?

We take the protection of your data very seriously. For this reason, we ensure that appropriate physical, organizational and technological security measures, controls and procedures are in place to prevent your information from being accidentally lost, used or accessed maliciously.

We limit access to your data to persons and entities authorized to do so and we ensure that all our staff is properly trained. All those involved in the processing of your personal data are bound by a duty of confidentiality.

In addition, we apply technical procedures to react to any suspected data security breach. If necessary, we will notify you and the supervisory authority (the AEPD in Spain), in accordance with current regulations.

14. How to exercise your ARCO-POL rights?

Both the RGPD and the standard of transposition into Spanish law (the LOPDGDD), guarantees you the exercise of the following rights. You can exercise them at any time and always free of charge:

Right of access: Theright to receive a copy of your personal information.

Right of rectification: The right to request correction of errors in personal information.

Right to erasure/deletion (right to be forgotten): The right to request that we delete your personal information in some situations.

Right of restriction: The right to request the restriction of the processing of your data.

Right of opposition: The right to oppose:

-to the processing of your data for direct marketing (including profiling).

-in certain circumstances to our further processing of your data. For example, processing carried out on the basis of our legitimate interest.

Right of portability: The right to receive your personal information in a structured form, in a readable format and/or to transmit this data to a third party - in specific situations.

Automated individual decisions: The right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or significantly affects.

To exercise any of the aforementioned rights, you may write to us with your request to the e-mail address specifically provided for this purpose: rgpd@somosesencia.es.

You must attach to your request information on exactly what you need and, in any case, legally valid proof of your identity.

15. The supervisory authority in data protection matters

We look forward to resolving any issues or concerns you may have regarding your personal information. But if you wish to file a complaint with the competent authority, you have the right to do so.

In Spain, the highest authority in data protection matters is the Spanish Data Protection Agency (AEPD).

https://www.aepd.es/es - Tel: 91 266 35 17.

16. Changes to this privacy policy

SOMOS ESENCIA reserves the right to modify this policy to adapt it to new legislation or case law.

Somo Essence Isotype - White

Reserve your table