Skip to content

Protecció de dades

Who is RESPONSIBLE FOR processing your personal data?

Responsible for processing: CATERING ARCASA, SL C / Gaspar Fàbregas 81, planta 3 – 08950- Esplugues de Llobregat



We process the personal data of our contacts, clients and suppliers in order to manage the commercial relationship with our organization and, especially, contractual aspects, sending information about our organization and the sector, organizing activities, campaigns or events, and the sending of informative and commercial communications (also electronically).

How long do we keep your PERSONAL data?

Personal data will be kept for a period of six (6) years in accordance with current accounting regulations and, where appropriate, for ten (10) years according to the regulations on the prevention of money laundering.

In any case, CATERING ARCASA, SL will keep your personal data as long as they are necessary for the contractual provision and unless you request their deletion. However, it will keep them for the period of time necessary to comply with the legal obligations that correspond in each case according to the type of data.

What is the lawful basis for the processing of your data?

The legal basis for data processing is the mutual interest and the consent of the user.

To whICH recipients will your data be communicated?

The data may only be communicated to organizations of the same group or linked to CATERING ARCASA, SL in the field of managing their products and / or services for the same purposes referred to above, as well as to those competent Public Administrations when required by current regulations.

The employees of CATERING ARCASA, SL who have authorized access rights in accordance with the internal security structure of CATERING ARCASA, SL can access your data with the objectives described in this Data Protection Policy. All CATERING ARCASA, SL employees have been trained and informed of their responsibilities in this regard and sign the corresponding confidentiality agreement. Likewise, third-party organizations whose intervention is required and / or necessary for the proper management of the provision of the service can access your data.

CATERING ARCASA, SL has established contracts or contractual agreements and security measures with third parties to guarantee the adequate level of security and protection of personal data.

What are your rights in relation to your personal data?

You can request access, rectification, deletion, limitation to processing, portability and opposition to the processing of your data at any time.

You may revoke your consent to the sending of commercial communications and exercise the rights referred to above by sending an email to, accompanied by documentary proof of your identity. Unless you indicate it to us through the unsubscribe option that you will find in electronic mailings, which will already provide us with your unsubscribe information.

If you do not get a satisfactory answer and you want to make a claim or obtain more information about any of these rights, you can contact the Spanish Agency for Data Protection (


The basic data for identification and relationship for the sending of proposals, commercial information and creation of invoices are kept, such as, for example, name and surname, shipping address, NIF / CIF or account number, if the client wants direct debit.


The information is not deleted unless the user requests the deletion and this deletion is applicable (see point 3). It will always be available, although it may be blocked for informational marketing/ commercial shipments or if the rights of deletion, limitation to treatment or opposition by the user have been exercised.

Backup copies of the servers that contain data are made, duly controlled and guarded.

What is the privacy and security policy REGARDING the information and its access?

Access to the database is protected by username and password.

In the case of remote access, it is done using the VPN protocol.

What is the Security Incident Response and Impact Analysis Policy?

CATERING ARCASA, SL has adopted appropriate technical and organizational protection measures. These measures have been applied to data affected by a potential breach of personal data security. Persons who are not authorized cannot access customer / user data.

CATERING ARCASA, SL has carried out and maintains an up-to-date analysis of the risks of vulnerability of personal data and its impact on the security and privacy of clients / users.

What is the policy for deleting information in the event of service terminations?

CATERING ARCASA, SL deactivates in its databases the accounts of customers / users who decide to unsubscribe and who have exercised their right to deletion.


CATERING ARCASA, SL is not legally obliged to appoint a DPD (Data Protection Delegate), in accordance with current legislation.


Regardless of this, CATERING ARCASA, SL has appointed a Person Responsible for Data Security, in order to ensure the correct operation of this Privacy Policy and to ensure that the requirements in relation to the personal data of users internal and external to the organization are preserved. You can contact our Data Security Manager at

In the event that CATERING ARCASA, SL identifies a personal data security violation that compromises one or more of its users, they will be notified about it as soon as possible. If the risk and violation were significant, the competent authority would also be notified.

×ATENCIÓ: Cookies no configurades en l'idioma actual. Revisa la teva configuració al plugin, gràcies!