Privacy Policy

1. Introduction

This Privacy Policy explains how Best Restaurants in Barcelona ("we," "us," or "our") collects, uses, and protects your personal information when you use our website and services. By using our website, you agree to the collection and use of information in accordance with this policy.

We are committed to protecting your privacy and ensuring the security of your personal information. This policy is designed to help you understand what information we collect, why we collect it, and how you can manage, export, and delete your information.

This policy applies to all services offered by Best Restaurants in Barcelona, including our website, mobile applications, and any other related services or features we may offer.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Create an account or profile on our platform
• Submit restaurant reviews, ratings, or photos
• Make restaurant reservations through our platform
• Subscribe to our newsletter or promotional communications
• Participate in surveys, contests, or promotions
• Contact our customer support team
• Apply for restaurant partnership programs

This information may include:

• Full name and contact details (email, phone number, address)
• Profile information (username, password, profile picture)
• Dining preferences and dietary restrictions
• Payment information for reservations or promotions
• Photos and videos you upload
• Communication preferences
• Social media handles when you link your accounts

2.2 Automatically Collected Information

When you use our services, we automatically collect:

• Device information (operating system, browser type, device identifiers)
• IP address and location data
• Usage data and browsing patterns
• Referral sources and exit pages
• Time spent on pages and features used
• Error logs and performance data
• Language preferences

2.3 Information from Third Parties

We may receive information about you from:

• Social media platforms when you connect your accounts
• Restaurant partners and service providers
• Payment processors for transaction verification
• Marketing and analytics partners
• Public databases and directories

3. How We Use Your Information

3.1 Core Service Functionality

• Processing and managing restaurant reservations
• Displaying personalized restaurant recommendations
• Managing your account and profile
• Processing payments and transactions
• Providing customer support and assistance
• Facilitating communication with restaurants

3.2 Service Improvement

• Analyzing user behavior and preferences
• Developing new features and services
• Improving search algorithms and recommendations
• Conducting research and analytics
• Testing and debugging platform features

3.3 Communication and Marketing

• Sending service updates and notifications
• Delivering personalized recommendations
• Marketing communications (with consent)
• Special offers and promotions
• Surveys and feedback requests

3.4 Legal and Security

• Preventing fraud and abuse
• Ensuring platform security
• Complying with legal obligations
• Resolving disputes
• Enforcing our terms of service

4. Legal Basis for Processing (GDPR)

Under the EU General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

4.1 Contractual Necessity

• Managing your account and profile
• Processing reservations and payments
• Providing customer support

4.2 Legitimate Interests

• Improving our services
• Ensuring platform security
• Preventing fraud
• Marketing our services

4.3 Legal Obligation

• Complying with legal requirements
• Responding to legal requests
• Maintaining required records

4.4 Consent

• Marketing communications
• Cookie usage
• Processing sensitive data

5. Data Sharing and Disclosure

5.1 Service Providers

We share data with trusted service providers for:

• Payment processing and fraud prevention
• Cloud hosting and storage
• Analytics and performance monitoring
• Customer support services
• Email and communication services

5.2 Restaurant Partners

We share necessary information with restaurants for:

• Reservation management
• Customer service
• Special requests handling
• Feedback and reviews

5.3 Legal Requirements

We may share information when:

• Required by law or legal process
• Protecting our rights and safety
• Investigating fraud or violations
• Responding to government requests

6. Data Security

We implement comprehensive security measures including:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication
• Secure data backup systems
• Employee security training
• Incident response procedures

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to promptly notify you of any security incidents affecting your data.

7. Your Privacy Rights

7.1 GDPR Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure ("right to be forgotten")
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent

7.2 Exercise Your Rights

To exercise your rights:

• Use our privacy dashboard in your account settings
• Contact our Data Protection Officer
• Submit a request through our contact form
• Email us at [email protected]

7.3 Response Timeline

We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 60 days, but we will notify you of any delays.

8. Cookies and Tracking

8.1 Types of Cookies We Use

• Essential cookies for basic functionality
• Analytical cookies for performance monitoring
• Functional cookies for personalization
• Advertising cookies for targeted marketing
• Social media cookies for content sharing

8.2 Cookie Management

You can manage cookies through:

• Our cookie consent banner
• Browser settings
• Third-party opt-out tools

8.3 Do Not Track

We honor Do Not Track (DNT) signals. When DNT is enabled, we disable non-essential tracking.

9. International Data Transfers

We may transfer your data to countries outside the European Economic Area (EEA). We ensure adequate protection through:

• EU Standard Contractual Clauses
• Privacy Shield certification
• Binding Corporate Rules
• Adequacy decisions

10. Data Retention

We retain your data for as long as necessary to:

• Provide our services
• Comply with legal obligations
• Resolve disputes
• Enforce agreements

Specific retention periods:

• Account information: Until account deletion
• Transaction records: 7 years
• Marketing preferences: 3 years
• Usage logs: 12 months

11. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information:

• Contact us immediately
• We will promptly remove the information
• We will terminate any associated accounts

Parents can review, delete, or refuse further collection of their child's information.

12. Changes to This Policy

We may update this Privacy Policy to reflect:

• Changes in our practices
• New features or services
• Legal requirements
• Security updates

We will notify you of any material changes through:

• Email notifications
• Website announcements
• App notifications

13. Contact Information

For privacy-related inquiries or concerns: