Privacy Policy

1. IDENTITY OF THE DATA CONTROLLER

 

BALBONI & LG BARBCN S.L. (hereinafter the “Company”),

a limited liability company under Spanish law,

Tax Identification Number (NIF): B75831164

Registered Office: CL FLORIDABLANCA NUM.88, 08015 Barcelona, ​​Spain

Contact: bar.rosabarcelona@gmail.com

Acting as the data controller within the meaning of the GDPR,

is responsible for the processing of personal data carried out via the website:

www.rosabarcelonabar.com (hereinafter the “Website”).

 

2. PURPOSE AND SCOPE

 

The purpose of this Policy is to provide all data subjects with clear, complete, and transparent information regarding:

• the processing of personal data carried out

• its purposes

• its legal bases

• the recipients of the data

• any transfers outside the European Union

• the rights of users

It applies to all browsing on the Site.

 

3. CATEGORIES OF DATA PROCESSED

 

3.1 No Direct Collection

The Site does not allow:

• account creation

• entry of personal data

• direct booking

• online payment

Consequently, the Company does not collect personal data via direct entry.

 

3.2 Data Collected Automatically

During browsing, certain technical data may be collected via cookies and similar technologies.

 

Data concerned:

• IP address (processed in accordance with the anonymization mechanisms provided by the tools used)

• Cookie identifiers

• Browser type and version

• Operating system

• Language and regional settings

• Pages viewed

• Viewing time

• Browsing history

This data:

• may constitute personal data within the meaning of the GDPR, even in the absence of direct identification

• is processed in a pseudonymized and/or aggregated manner where possible

 

3.3 Data Source

Data is collected:

• directly from the User's device

• via browsing technologies (cookies, technical logs)

No data is obtained from third-party sources without the User's voluntary interaction.

 

The Company ensures that it collects and processes only the data strictly necessary for the purposes pursued, in accordance with the principle of data minimization provided for in Article 5 of the GDPR.

 

4. DATA PROCESSING SCHEDULE

​

​

​

​

​

​​​

 

5. PURPOSES OF PROCESSING

 

Data is processed to:

• ensure the proper functioning of the Site

• guarantee the security, integrity, and availability of the systems

• prevent misuse or unauthorized use of the Site

• analyze Site traffic and performance

• improve usability and the content offered

• ensure the maintenance and administration of the Site

No processing is carried out for the purposes of:

• direct marketing

• sales prospecting

• profiling

• automated decision-making

 

6. LEGAL BASIS

 

6.1 Legitimate Interest (Article 6.1.f GDPR)

The processing related to:

• the operation of the Site

• security

• maintenance

• continuous improvement

is based on the legitimate interest of the Company.

 

Balance test:

• These processing operations are strictly necessary

• They are proportionate to the intended purpose

• They meet users' reasonable expectations

• They do not unduly infringe on rights and freedoms

 

6.2 Consent (Article 6.1.a GDPR)

Analytical cookies are placed only after prior consent.

 

The User may withdraw their consent at any time, as easily as they gave it.

 

7. DATA RECIPIENTS

 

Data may be processed by subcontractors, including:

• Google (audience analysis)

• Wix (hosting and infrastructure)

These providers:

• act as data processors within the meaning of Article 28 of the GDPR

• are contractually bound

• provide appropriate safeguards

For more information:

• https://policies.google.com/privacy

• https://www.wix.com/about/privacy

 

8. DATA TRANSFERS OUTSIDE THE EUROPEAN UNION

 

Some data may be transferred:

• to the United States (Google services)

• to Israel (hosting via Wix)

These transfers are governed by:

• adequacy decisions (Israel)

• standard contractual clauses (SCCs) adopted by the European Commission

 

9. DATA RETENTION PERIOD

 

Data is retained for proportionate periods • Analytical cookies: 13 months

• Associated data: 25 months

• Security logs: maximum 6 months

​

10. DATA SECURITY

 

Given the nature of the Site (a showcase website without direct collection of personal data), the Company implements technical and organizational measures proportionate to the risks, including:

- secure hosting via the Wix platform

- use of secure communication protocols (HTTPS)

- limiting access to technical data to authorized personnel only

- regular monitoring and maintenance of technical infrastructure

These measures aim to guarantee a level of security appropriate to the processing actually carried out, in accordance with the principle of proportionality.

 

11. NO PROFILING OR AUTOMATED DECISION-MAKING

 

The Company does not:

• engage in any profiling

• make any automated decisions

within the meaning of Article 22 of the GDPR.

 

12. THIRD-PARTY SERVICES AND LIABILITY

 

The Site provides links to third-party services:

• booking platforms

• GetYourGuide

• social networks

• messaging services

These services act as independent data controllers.

 

When accessing these services:

• the User leaves the Site

• data is processed according to their own policies

The Company disclaims all liability in this regard.

 

13. USER RIGHTS

 

In accordance with Articles 15 to 22 of the GDPR, the User has the following rights:

• Right of access

• Right to rectification

• Right to erasure

• Right to restriction of processing

• Right to object

• Right to data portability

The User may also:

• Withdraw their consent at any time

• Object to processing based on legitimate interest

Contact: [email to be completed]

The Company undertakes to respond within a maximum of one month.

 

14. RIGHT TO COMPLAINT

 

The User may file a complaint with:

Agencia Española de Protección de Datos (AEPD)

 

15. DATA PROTECTION OFFICER

 

Given the limited, occasional, and non-sensitive nature of the processing,

the Company has not appointed a Data Protection Officer (DPO).

 

16. COOKIES

 

The Site uses cookies in accordance with the Cookie Policy accessible on the Site.

 

The User can manage their preferences at any time via the cookie banner.

 

17. UPDATES

 

This Policy may be modified at any time to ensure its compliance with legal and regulatory developments.