Privacy Policy

This privacy policy aims to inform the user (hereinafter, the “User”) of the website (hereinafter, the “Website”) about the collection and processing of their personal data.

1.- Who is responsible for processing your data?

The person responsible for processing your data is Abat Coffee & Sandwich SL (hereinafter, the “Owner”) with CIF B65818551 and registered office at c/ Abat Oliba, 76 Baixos 1 (08242) Manresa (Barcelona).

For any questions related to this Privacy and Data Protection Policy, the User can contact the Owner at the email address

2.- Why is the Owner legitimately processing data?

The Owner processes the User’s personal data in order to provide the services that the User has requested through the Website. Therefore, the User gives their consent by accepting this Privacy Policy and the corresponding checkboxes.

The Owner takes the protection of your privacy and personal data very seriously. Therefore, your personal information is stored securely and treated with the utmost care, in full compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, regarding the protection of individuals concerning the processing of personal data and the free circulation of such data (hereinafter, “GDPR”).

3.- What are the purposes of processing your data?

This Privacy Policy regulates access to and use of services provided by the Owner to Users interested in the services and content hosted on the Website.

In accordance with the GDPR, we inform you that your personal data will be processed for the following purposes:

(i) Provide the services requested by the User on the Website.

(ii) Send newsletters and commercial and promotional communications related to the Owner’s services, by email, SMS/MMS, mail, telephone, or other equivalent electronic means, if the User so wishes.

However, the User may revoke their consent in each commercial communication received and at any time by notifying the following email address:

4.- Data retention

The data collected by the Owner will be kept for as long as the contractual relationship for the provision of services between the parties is maintained, unless the User requests the deletion of this data.

The User is informed that their data will be collected only for the purposes set out in the paragraphs above and will not be processed in a manner incompatible with these purposes.

5.- Accuracy of data provided by Users

The User guarantees that the personal data provided is accurate and is responsible for informing the Owner of any changes to it. The User will be responsible for the accuracy of the data provided, and the Owner reserves the right to exclude from registered services any users who have provided false data, without prejudice to other actions that may be taken in law.

It is recommended to exercise the utmost diligence in the protection of data through the use of security tools, and the Owner cannot be held responsible for theft, alteration, or illegal loss of data.

Any changes or updates to this data should be communicated to the Owner through the means of communication available in this Privacy Policy.

6.- How do I revoke my consent and exercise my rights?

The User has the right to (i) access their personal data, as well as to (ii) request the rectification of inaccurate data, or, where appropriate, (iii) request its deletion, (iv) request the limitation of the processing of their data, (v) object to the processing of their data, (vi) exercise the right to be forgotten and vii) request data portability. They also have the right not to be subject to decisions based solely on automated processing.

To exercise these rights, it is necessary for the User to prove their identity to the Owner by sending a photocopy of their National Identity Document or any other legally valid means.

Users can exercise all these rights through the means of communication provided in this Privacy Policy.

Without prejudice to any other administrative remedy or judicial action, Users have the right to file a complaint with a Control Authority, in particular in the Member State of their habitual residence, place of work, or the place of the alleged infringement if they consider that the processing of their personal data does not comply with regulations or if they are not satisfied with the exercise of their rights. The Control Authority to which the complaint has been lodged will inform the complainant about the progress and outcome of the complaint.

7.- Security and data retention.

The protection of the privacy and personal data of its customers and visitors is of utmost importance to the Owner. Therefore, the Owner does everything in its power to prevent the misuse of your data. Only authorized personnel can access your data.

The Owner maintains the appropriate security of personal data protection in accordance with applicable regulations and has established all technical means at its disposal to prevent loss, misuse, alteration, unauthorized access, and theft of data that Users provide through the Website, without prejudice to informing that security measures on the Internet are not impregnable.

The Owner undertakes to comply with the duty of secrecy and confidentiality regarding personal data in accordance with applicable law.

The personal data provided will be retained by the Owner for the time necessary to provide the service.

8.- Links

This website may contain links to other websites. Please note that we are not responsible for the data processing carried out by the owners of other websites. This Privacy Policy is valid exclusively for the information we collect on this website. We recommend that you read the privacy policies of the websites we link to from our website or visit in any other way.

9.- Updates and changes to the Privacy Policy

The Owner reserves the right to make changes to this privacy policy. When these changes occur, Users will be notified through notices on the Website, or by any other appropriate means depending on the circumstances.