Basic privacy information
Responsible |
Restaurant Booking & Distribution Services S.L. Avenida de la Constitución nº 24 4th floor (41001, Seville) B90227976 |
Purpose |
Management and control of contractual relations, as well as for the activity of advertising (in case of acceptance) or commercial prospecting on our products and services, and the activities of those selection processes for recruitment of job candidates. |
Legitimation |
Unambiguous consent through web access, execution of a contract or pre-contractual measures (both contracts with customers and suppliers, as well as candidate management), legitimate interest (commercial contacts, execution of security measures on the company), legal obligation (corporate obligations of the company). |
Addressees |
- Public agencies or authorities
- Service providers
|
Data retention |
As long as they are necessary to achieve the purposes of the contract and depending on the circumstances that apply in each case by legal obligation, being in any case, the minimum necessary. |
Rights of interested parties |
You may exercise your rights of access, rectification, suppression, opposition, portability, limitation and, where appropriate, withdrawal of consent of your personal data by sending an e-mail to dpo@covermanager.com. |
Detailed privacy information
At CoverManager we care about your privacy. Therefore, and in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on data protection of natural persons and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantees of Digital Rights, we would like to provide you with more information about the processing of the data that we carry out.
1. Who is the Controller of the processing of your personal data?
Domain name: covermanager.com
Company name: Restaurant Booking & Distribution Services S.L.
Trade Name: CoverManager
Registered Office: Avenida de la Constitución nº24 4th floor (41001, Seville)
NIF:B90227976
Email: dpo@covermanager.com
Data protection officer: Helena Campos
2. For what purposes do we process your personal data?
As the party responsible for the processing of your data, we will only process them for the purpose of managing and controlling contractual relations, for answering queries made by our customers through our contact email, for commercial prospecting activities regarding our products and services, and for the activities involved in selection processes for the recruitment of candidates for jobs. We respect in all cases the principle of data minimization, so the treatment will always be appropriate, proportional and limited to what is strictly necessary. Profiling will not be carried out in order to make automated decisions.
During the booking process on our customer's websites, CoverManager receives personal data under a data processor contract. In order to avoid duplicate bookings, our customers authorise us to cross-reference data (only the telephone number used to make the booking).
3. How long will we keep your data?
The personal data provided by our customers will be kept for the duration of the contractual relationship or, where appropriate, for the minimum number of years necessary to comply with the company's legal obligations, and always for the time strictly necessary for the purpose for which they have been collected. All of this as long as the right to suppression, limitation or cancellation of the same is not exercised.
4. What is the legitimacy for the processing of your personal data?
The legal basis for data processing is unambiguous and express consent and the fulfilment of contractual and legal obligations.
5. Who are the recipients of your personal data?
Unless legally obliged to do so and in the cases provided for by the data protection regulations in force at any given time, under no circumstances will we pass on your data to third parties for processing without informing you in advance and requesting your consent.
In order to provide its services, CoverManager relies on a number of service providers (legal assistance, auditors, document destruction, e-mail manager) to facilitate its work. Due to the efficiency of the service, some of these service providers are located in territories outside the European Economic Area which do not provide a level of data protection equivalent to that of the European Union. In such cases, we inform you that we transfer your data with adequate guarantees and always maintaining the security of your data, as we use the most appropriate tools for the international transfer of data, such as Standard Contractual Clauses or any other relevant complementary measures. In particular, we use the following providers outside the EEA:
- Gmail as an email service provider. You can access Google's privacy policy here.
- When contacting our Hospitality team we will use the Freshdesk (Freshworks, Inc.) ticket management tool, transferring only and exclusively the data strictly necessary for the resolution of the incident. Privacy policy available here.
- We use Twilio Inc as an email service provider, access their privacy policy here.
- Jotform for sending web forms. Information about their privacy policy here.
- Occasionally, if you authorise us to do so, we will contact you via WhatsApp, whose privacy policy can be reviewed here.
CoverManager receives personal data from its clients under a processor contract for the purpose of handling bookings; in certain cases, our clients, as data controllers, will authorise us to pass on their data to other companies in their group, as well as to other companies with which they cooperate. In addition, if payment is required in the booking process, we will pass your details directly to Stripe Inc (see their privacy policy here). CoverManager does not record card numbers or payment details at any time.
6. What are your data protection rights and how can they be exercised?
At any time, if the data subject considers that his or her data is not being treated in an appropriate manner or as required by the data subject, he or she may lodge a complaint with CoverManager's Data Protection Officer or with the Spanish Data Protection Agency (www.aepd.es/en).
In accordance with current data protection legislation, the rights that you can exercise against CoverManager are:
-
The right to request access to personal data to obtain more information about the data we process.
-
Right to request rectification of inaccurate or incomplete data
-
Right to request deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected
-
The right to object to the processing, in which case CoverManager will stop processing the data, except for compelling legitimate reasons or for the exercise or defence of possible claims.
-
Right to data portability: in case you want your data to be processed by another entity, CoverManager will facilitate the portability of your data to the new controller if applicable.
-
The right to limit their processing, in certain circumstances provided for in Article 18 GDPR, in which case they will only be kept by CoverManager for the defence of possible claims.
-
Right to withdraw consent: where consent has been given for a specific purpose, you have the right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal.
At any time, if the data subject considers that his or her data is not being treated appropriately or as required by the data subject, he or she may lodge a complaint with CoverManager's Data Protection Officer or with the Spanish Data Protection Agency (www.agpd.es).
All data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, the provider does not guarantee that the information and services provided will be completely tailored to your needs.
Similarly, the user may unsubscribe from any of the subscription services provided by clicking on the unsubscribe section of all e-mails sent by the provider.
The provider has adopted all the technical and organisational measures necessary to guarantee the security and integrity of the personal data it processes, as well as to prevent their loss, alteration and/or access by unauthorised third parties.
7. What security measures do we apply?
CoverManager maintains the highest levels of security to protect your personal data against loss, destruction, accidental damage and unauthorized or unlawful access, processing or disclosure, such as firewalls, access control procedures and cryptographic mechanisms. To achieve this, the user/customer allows the provider to obtain data for the purposes of the corresponding authentication of access controls.
CoverManager will carry out a risk assessment of the processing, taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity to the rights and freedoms of individuals.
In order to ensure an adequate level of security, based on the assessment carried out, the following security measures, among others, shall be applied where appropriate:
-
Pseudonymisation and encryption of personal data, where appropriate.
-
Ability to ensure the continued confidentiality, integrity, availability and resilience of processing systems and services.
-
Ability to restore availability and access to personal data quickly in the event of a physical or technical incident.
-
Presence of the process of verification, evaluation and periodic audit of the effectiveness of technical and organisational measures to ensure the security of processing.
-
Periodic assessment of the risk of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed. Periodic assessment of unauthorized access or communication of such data.
-
Measures to ensure that any person acting under CoverManager's authority has access to personal data only in accordance with CoverManager's instructions.
9. Confidentiality
CoverManager undertakes to treat personal data that may be collected with absolute confidentiality, pledging to maintain secrecy regarding them and ensuring the duty to protect them by adopting all necessary measures to prevent alteration, loss and unauthorized access or treatment, in accordance with the provisions of applicable law.
10. Use of Cookies
CoverManager uses its own and third party cookies, collecting information about the use of the website to optimize its operation. You can obtain detailed information on the use of cookies by CoverManager by consulting our Cookies Policy.
11. Responsibility
The only person responsible for filling in the forms with false, inaccurate, incomplete or out-of-date data will be the user who enters them.
12. Updates
CoverManager reserves the right to modify and/or update the information on data protection when necessary for proper compliance. In the event of any changes, the new text will be published on this page where you will be able to consult the most recent version of our Privacy Policy.