1. Identity of the person responsible for the processing of personal data

FREIXENET, S.A. with NIF/CIF A08018939 (hereinafter, Data Controller) is the responsible for the processing of the User’s and informs you that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and Organic Law 3/2018 of 5 December (LOPDGDD). Your contact details are as follows:



Contact telephone number: +34 938.917.030

Contact email:


You can contact the Data Protection Officer (DPD) through the following platform:


We kindly ask you to immediately inform the Data Controller of any modification of your personal data so that the information contained in the Data Controller’s files is always up to date and free of errors.


  1. Purposes of the processing for which the personal data is used


a) Respond to the questions that the interested party sends to the Data Controller that is, the maintenance of the relationship established in the forms filled in by the latter or to respond to a request or consultation.

b) To send to the interested party commercial communications (for information purposes only, but not limited to newsletters, offers, as well as informative communications and/or advertising of GRUPOFREIXENET) about our products that may be of interest to the interested party.


  1. Personal data categories

The categories of data that we may collect in order to manage the aforementioned processing are identification and contact data.

We inform you that the required data are essential to carry out the requested services, and your refusal to provide them implies the impossibility to develop them.

The information provided by the User to the Data Controller through the forms must be accurate and truthful. The User guarantees the authenticity of all data communicated and will keep the information provided to the Data Controller updated so that it corresponds, at all times, with the real situation of the User. In the event of inaccurate, incomplete or false statements communicated by the User, the User shall be solely responsible for any damages that may be caused to the Data Controller or third parties as a result.

If you provide personal data of third parties through the registration forms on this page, you agree to inform, prior to their inclusion, of the content of this privacy policy.

This Web Site uses cookies to enable the operation and delivery of the services offered on this Web Site. We may also collect information about you through the use of cookies or similar technologies if you expressly consent to it. These tools allow us to obtain data relating to your browsing habits, tastes and preferences. Please see our Cookie Policy  for more information on this subject.


  1. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the express and explicit consent given by the User in each case, being able to withdraw it at any time.


With regard to the processing of personal data for the sending of information related to the services provided by the firm, the basis of legitimacy will be additionally the legitimate interest of the Correspondents.


In any case, the Data Controller will be entitled to the processing of your data when it is necessary for the execution of the contract. For the latter, the communication of the minimum personal data is a require to enter into the contract, so that, in case of failure to provide them, the Correspondents may not be able to provide the product or service requested.


We also inform you that the legal basis for the processing may be the fulfillment of a legal obligation in those cases where a law so provides.



  1. Periods of conservation of personal data


Personal data will only be kept for the minimum time necessary for the purposes of their processing and, in any case, until the user requests their deletion. Subsequently, your data will remain duly blocked until the prescription of the legal actions that according to the applicable regulations may arise.


  1. Recipients of personal data

The Data Controller contract with third party data processors in order to provide their services. Except for these entities, your data will not be communicated to other third parties, nor will they be transferred to other countries located outside the European Union.

In the event that the Data Controller intend to transfer personal data to a third country or international organization, the User will be informed about the third country or international organization to which the data is intended to be transferred, as well as the existence or absence of an adequacy decision of the Commission, and if applicable, the consent of the User will be requested and the purposes of the communication and the identity of the third party to whom the data will be communicated will be specified.

All of the above, with the exception of those cases in which a legal requirement makes it necessary to communicate such data to a third party.


  1. Rights deriving from the processing personal data

The User may exercise the following rights recognized in the RGPD and in the Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights against the Correspondents:

  • Access Right: is the User’s right to obtain confirmation as to whether or not the Data Controller is processing his/her personal data and, if so, to obtain information on their specific personal data and the processing that the Data Controller have carried out or are carrying out, as well as, among other things, the information available on the origin of such data and the recipients of the communications made or planned for such data.
  • Rectification Right: is the User’s right to have his/her personal data held by the Data Controller amended if it proves to be inaccurate or, taking into account the purposes of the processing, incomplete, and to ensure the accuracy of the information undergoing processing.
  • Cancellation Right: is the User’s right, unless otherwise provided by law, to obtain the deletion of personal data when such data is no longer necessary for the purposes for which it was collected or processed; the User has withdrawn consent to the processing and there is no other legal basis; the User objects to the processing and there is no other legitimate reason to continue with the processing; the personal data has been processed unlawfully; the personal data must be deleted in compliance with a legal obligation
  • Limitation processing Right: is the User’s right to limit the processing of his personal data. The User has the right to obtain the limitation of the processing when he/she contests the accuracy of his/her personal data, i.e. exercises the rectification rights and the Data Controller is in the process of determining whether the request is admissible; the processing is unlawful, which implies the deletion of the data, but you do not want your data to be deleted by the Data Controller; the Data Controller no longer need the personal data, but the User needs it to make claims; and when the User has objected to the processing and the Data Controller is in the process of determining whether the request is admissible.
  • Data portability Right: if the processing is carried out by automated means, the User shall have the right to receive from the Data Controller his or her personal data in a structured, commonly used and machine-readable format and to transmit it to another controller. Whenever technically feasible, the Data Controller shall transmit the data directly to such other controller. Please note that this right does not apply to: data of third parties that you have provided to the Data Controller, and data that is your own, but which has been provided to the Data Controller by third parties.
  • Opposition Right: is the User’s right not to have his or her personal data processed or to stop the processing of such data by the Data Controller. As far as the processing is concerned, you may oppose the sending of commercial communications both own and third parties.
  • Derecho a no ser a no ser objeto de una decisión basada únicamente en el tratamiento automatizado, including profiling, which has an effect on or significantly affects.


If you would like more information about your rights, we suggest you visit the website of the Spanish Data Protection Agency, as well as the European Data Protection Regulation.


The User may exercise his/her rights by means of a written communication addressed to the Data Controller of the treatment sent to the following address and/or platform:


Address: C/ Joan Sala, 2 – 08770 Sant Sadurní d’Anoia (Barcelona)



You must clearly indicate which right you wish to exercise and provide a copy of your identity document to prove your identification.


The data subject may, at any time, revoke the consent previously granted to use his or her data. In case of revocation of consent to store and process your data, the Data Controller will not be able to provide you with certain services.


  1. Complaints to the control authority

If the User considers that there is a problem or infringement of the regulations in force in the way his personal data is being processed, he/she shall have the right to effective judicial protection and to lodge a complaint with a supervisory authority, in particular in the State in which he has his habitual residence, place of work or place of the alleged infringement.

In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (, whose telephone numbers are 900 293 193 and 900 293 621 and mailing address are as follows C/ Jorge Juan, 6 – 28001 Madrid.


  1. Confidentiality and security of personal data

The Data Controller guarantee to the User that the processing carried out complies with all the provisions of the above-mentioned data protection regulations and that the data are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The Data Controller undertake to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, to ensure the security of personal data and prevent the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication of or access to such data.

The personal data will be treated as confidential by the data processors, who undertake to inform and ensure by means of a legal or contractual obligation that such confidentiality is respected by their employees, associates, and any other person to whom they make the information accessible.


  1. Links to third party websites

The website may include hyperlinks or links that allow access to websites of third parties other than the Data Controller and which are therefore not operated by the Data Controller.

The owners of these websites will have their own data protection policies, being themselves, in each case, responsible for their own files and their own privacy practices.


  1. Origin and accuracy of the data

The totality of the data collected comes from the interested party. The User, by accepting this Privacy Policy, declares and undertakes to ensure the truthfulness and accuracy of the data provided, as well as being the legitimate owner of them.

Likewise, the User undertakes to keep his/her data always updated, and to promptly inform the Data Controller of any significant modification, such as a change in the ownership of his/her bank account, or the modification of his/her e-mail account provided through the relevant forms hosted on the Grupo Freixenet website.

In this sense, the User shall be solely responsible for the non-compliance with the above, exonerating the Data Controller from all liability with respect to such data that the User has not previously communicated to them.


  1. Acceptance and changes in this Privacy Policy

It is necessary that the User has read and agrees with the conditions on the protection of personal data contained in this Privacy Policy, and that he/she accepts the processing of his/her personal data so that the Data Controller Processors can proceed in the manner, for the periods and for the purposes indicated. The use of the website implies acceptance of the Privacy Policy.

The Data Controller reserves the right to modify its Privacy Policy, according to its own criteria, or motivated by a legislative, jurisprudential or doctrinal change of the Spanish Data Protection Agency.