Privacy Policy

Data controller: Beefeater, S.L. — Tax ID B29035995
Address: Calle de la Cruz, 14, 29640 Fuengirola, Málaga, Spain
Contact: info@thebeefeater.es · +34 952 47 15 47

Note: This English version is provided for convenience. In the event of any inconsistency, the Spanish version shall prevail as the legally binding text under Spanish law.

1. Data controller

The controller responsible for processing personal data collected via thebeefeater.es and via the restaurant's contact channels is:

Company name: Beefeater, S.L.
Tax ID (CIF): B29035995
Registered address: Calle de la Cruz, 14, 29640 Fuengirola, Málaga
Email: info@thebeefeater.es

2. Data we collect

thebeefeater.es has no contact forms, registration systems or any mechanism that directly collects personal data. No personal data is gathered simply by visiting the site.

Data provided through external contact channels

When a user initiates contact with the restaurant through the available channels (WhatsApp link, phone or email), they voluntarily provide certain data. Depending on the channel, this data may include:

Name (or alias) to identify you for the booking.
Phone number, when communication takes place via WhatsApp or phone.
Email address, when contact is by email.
Date, time and party size of the booking requested.

This data is not collected by the website, but provided directly by the user through third-party platforms (Meta Platforms/WhatsApp, phone carrier or email client). The website acts solely as a link to those channels.

Data collected by the website

The only data collected directly by the website is pseudonymised analytics via Google Analytics 4, and only when the user has given prior consent. See our Cookie Policy for details.

We do not collect special-category data (health, ethnic origin, religious beliefs, etc.). If you need to report food allergies or intolerances, please inform restaurant staff verbally.

3. Purpose and lawful basis

Data provided through external contact channels

The data you provide when contacting the restaurant is processed for the following purposes:

Booking management: to confirm, modify or cancel your table reservation. Lawful basis: performance of a contract or pre-contractual measures at the data subject's request (Art. 6.1(b) GDPR).
Service-related communications: to inform you of changes in opening hours, availability or booking conditions. Lawful basis: performance of the contract (Art. 6.1(b) GDPR).
Compliance with legal obligations: where required by applicable law. Lawful basis: compliance with a legal obligation (Art. 6.1(c) GDPR).

Data collected by the website

The pseudonymised analytics data collected through Google Analytics 4 is used for the following purpose:

Web analytics and service improvement: to obtain aggregate website usage statistics in order to improve the user experience. Lawful basis: consent of the data subject (Art. 6.1(a) GDPR), revocable at any time.

We do not carry out individual user profiling, automated marketing or automated decision-making with your data. Web analytics is aggregate and pseudonymised.

4. Retention period

Booking-related data is retained for a maximum of 3 years from the last communication, unless applicable tax or commercial regulations require a longer period. After that, data will be deleted or anonymised.

5. Recipients and international transfers

Your data is not shared with third parties for commercial purposes. The following service providers (data processors) may access it only to the extent necessary to provide the service:

Meta Platforms Ireland Ltd. — WhatsApp messaging platform used for booking management.
Google LLC — Google Analytics 4 service for web analytics (property G-SQ428B4ZPK), only when the user has given prior consent; and Google Maps, which is activated only by the user's manual action or when accepting all cookies. Fonts and icons are self-hosted on our own servers; no connection is made to Google or any CDN for font or icon delivery.

Meta Platforms Ireland Ltd. and Google LLC are subject to the EU-U.S. Data Privacy Framework, so international transfers are carried out with adequate safeguards under Article 45 GDPR.

We do not carry out international data transfers beyond those inherent in the use of the services mentioned.

6. Your rights

As a data subject, you may at any time exercise the following rights recognised by the GDPR and the Spanish LOPD-GDD:

Access: obtain information on the data we process.
Rectification: correct inaccurate or incomplete data.
Erasure: request deletion of your data when no longer necessary.
Restriction of processing: request restriction in certain circumstances.
Portability: receive your data in a structured, commonly used format.
Objection: object to the processing of your data in certain situations.

To exercise any of these rights, please send an email to info@thebeefeater.es indicating which right you wish to exercise and attaching a copy of your ID or equivalent identity document. We will respond within a maximum of one month.

7. Right to lodge a complaint

If you consider that the processing of your data does not comply with applicable law, you have the right to lodge a complaint with the competent supervisory authority in Spain:

Spanish Data Protection Agency (AEPD)
C/ Jorge Juan, 6, 28001 Madrid, Spain
www.aepd.es

8. Changes to this privacy policy

Beefeater, S.L. reserves the right to update this Privacy Policy to reflect regulatory or business changes. The current version will always be available on this page.

Last updated: May 2026