Basic privacy information

Responsible Restaurant Booking & Distribution Services S.L.
Avenida de la Constitución nº 24 4th floor (41001, Seville)
B90227976
Purpose Management and control of contractual relations, as well as for the activity of advertising (in case of acceptance) or commercial prospecting on our products and services, and the activities of those selection processes for recruitment of job candidates.
Legitimation Unambiguous consent through web access, execution of a contract or pre-contractual measures (both contracts with customers and suppliers, as well as those of candidate management), legitimate interest (commercial contacts, execution of security measures on the company), legal obligation (corporate obligations of the company).
Addressees
  • Public agencies or authorities
  • Service providers
Data retention As long as they are necessary to achieve the purposes of the contract and depending on the circumstances that apply in each case by legal obligation, being in any case, the minimum necessary.
Rights of interested parties You may exercise your rights of access, rectification, suppression, opposition, portability, limitation and, where appropriate, withdrawal of consent of your personal data by sending an e-mail to dpo@covermanager.com.


Detailed privacy information

At CoverManager we care about your privacy. Therefore, and in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on data protection of natural persons and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantees of Digital Rights, we would like to provide you with more information about the processing of the data that we carry out.


1. Who is the Controller of the processing of your personal data?

Domain name: covermanager.com

Company name: Restaurant Booking & Distribution Services S.L.

Trade Name: CoverManager

Registered Office: Avenida de la Constitución nº24 4th floor (41001, Seville)

NIF:B90227976

Email: dpo@covermanager.com

Data protection officer: Helena Campos



2. For what purposes do we process your personal data?

As the party responsible for the processing of your data, we will only process them for the purpose of managing and controlling contractual relations, for answering queries made by our customers through our contact email, for commercial prospecting activities regarding our products and services, and for the activities involved in selection processes for the recruitment of candidates for jobs. We respect in all cases the principle of data minimization, so the treatment will always be appropriate, proportional and limited to what is strictly necessary. Profiling will not be carried out in order to make automated decisions.


During the booking process on our customer's websites, CoverManager receives personal data under a data processor contract. In order to avoid duplicate bookings, our customers authorise us to cross-reference data (only the telephone number used to make the booking).



3. How long will we keep your data?

The personal data provided will be kept for the duration of the contractual relationship or, where appropriate, for the years necessary and minimum to comply with those legal obligations of the company, and always for the time strictly necessary for the purpose for which they have been collected. All this while the right of deletion, limitation or cancellation of the same is not exercised.


4. What is the legitimacy for the processing of your personal data?

The legal basis for data processing is unambiguous and express consent and the fulfillment of contractual and legal obligations.



5. Who are the recipients of your personal data?

Unless legally obliged to do so and in the cases provided for by the data protection regulations in force at any given time, under no circumstances will we pass on your data to third parties for processing without informing you in advance and requesting your consent.


In order to provide its services, CoverManager relies on a number of service providers (legal assistance, auditors, document destruction, e-mail manager) to facilitate its work. Due to the efficiency of the service, some of these service providers are located in territories outside the European Economic Area which do not provide a level of data protection equivalent to that of the European Union. In such cases, we inform you that we transfer your data with adequate guarantees and always maintaining the security of your data, as we use the most appropriate tools for the international transfer of data, such as Standard Contractual Clauses or any other relevant complementary measures. In particular, we use the following providers outside the EEA:


  • Gmail as an email service provider. You can access Google's privacy policy here.
  • When contacting our Hospitality team we will use the Freshdesk (Freshworks, Inc.) ticket management tool, transferring only and exclusively the data strictly necessary for the resolution of the incident. Privacy policy available here.
  • We use Twilio Inc as an email service provider, access their privacy policy here.
  • Jotform for sending web forms. Information about their privacy policy here.
  • Occasionally, if you authorise us to do so, we will contact you via WhatsApp, whose privacy policy can be reviewed here.

In order to manage reservations, CoverManager receives personal data from its customers under a processor contract; in certain cases, our customers, as Data Controllers, will authorize us to transfer their data to other companies in their group, or other companies with which they collaborate. In such cases, pursuant to Article 28.3 RGPD, we will only transfer this data after confirming that we have obtained the data subject's consent to such transfer. In addition, if in the booking process some kind of payment is required, we will transfer your data for this purpose by indication of the Data Controller directly to the Payment Service Provider, usually Stripe Inc (see their privacy policy here). CoverManager does not obtain in any case the card number or payment data.


6. What are your data protection rights and how can they be exercised?

At any time, if the data subject considers that his or her data is not being treated in an appropriate manner or as required by the data subject, he or she may lodge a complaint with CoverManager's Data Protection Officer or with the Spanish Data Protection Agency (www.agpd.es).


In accordance with current data protection legislation, the rights that you can exercise against CoverManager are:


  • The right to request access to personal data to obtain more information about the data we process.

  • Right to request rectification of inaccurate or incomplete data

  • Right to request deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected

  • The right to object to the processing, in which case CoverManager will stop processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.

  • Right to data portability: in case you want your data to be processed by another entity, CoverManager will facilitate the portability of your data to the new controller if applicable.

  • The right to limit their processing, in certain circumstances provided for in Article 18 GDPR, in which case they will only be kept by CoverManager for the defence of possible claims.

  • Right to withdraw consent: where consent has been given for a specific purpose, you have the right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal.

At any time, if the data subject considers that his or her data is not being treated appropriately or as required by the data subject, he or she may lodge a complaint with CoverManager's Data Protection Officer or with the Spanish Data Protection Agency (www.agpd.es).


All data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, the provider does not guarantee that the information and services provided will be completely tailored to your needs.


Similarly, the user may unsubscribe from any of the subscription services provided by clicking on the unsubscribe section of all e-mails sent by the provider.


The provider has adopted all the necessary technical and organizational measures to guarantee the security and integrity of the personal data it processes, as well as to prevent its loss, alteration and/or access by unauthorized third parties.


7. What security measures do we apply?

CoverManager maintains the highest levels of security to protect your personal data against loss, destruction, accidental damage and unauthorized or unlawful access, processing or disclosure, such as firewalls, access control procedures and cryptographic mechanisms. To achieve this, the user/customer allows the provider to obtain data for the purposes of the corresponding authentication of access controls.


CoverManager will carry out a risk assessment of the processing, taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity to the rights and freedoms of individuals.


In order to ensure an adequate level of security, based on the assessment carried out, the following security measures, among others, shall be applied where appropriate:


  • Pseudonymisation and encryption of personal data, where appropriate.

  • Ability to ensure the continued confidentiality, integrity, availability and resilience of processing systems and services.

  • Ability to restore availability and access to personal data quickly in the event of a physical or technical incident.

  • Presence of the process of verification, evaluation and periodic audit of the effectiveness of technical and organisational measures to ensure the security of processing.

  • Periodic assessment of the risk of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed. Periodic assessment of unauthorized access or communication of such data.

  • Measures to ensure that any person acting under CoverManager's authority has access to personal data only in accordance with CoverManager's instructions.

9. Confidentiality

CoverManager undertakes to treat personal data that may be collected with absolute confidentiality, pledging to maintain secrecy regarding them and ensuring the duty to protect them by adopting all necessary measures to prevent alteration, loss and unauthorized access or treatment, in accordance with the provisions of applicable law.


10. Use of Cookies

CoverManager uses its own and third party cookies, collecting information about the use of the website to optimize its operation. You can obtain detailed information on the use of cookies by CoverManager by consulting our Cookies Policy.


11. Responsibility

The only person responsible for filling in the forms with false, inaccurate, incomplete or out-of-date data will be the user who enters them.


12. Updates

CoverManager reserves the right to modify and/or update the information on data protection when necessary for proper compliance. In the event of any changes, the new text will be published on this page where you will be able to consult the most recent version of our Privacy Policy.



CoverManager Trial

Technology Partner for the Hospitality Industry