Skip to content
LeonCaves

Last updated: 2026-05-09

Privacy policy

This Privacy Policy describes how Leon Caves (operated by Euroques S.L.) collects, uses and protects the personal data you share with us through this website, in compliance with Regulation (EU) 2016/679 (GDPR) and the Spanish LOPDGDD 3/2018.

1. Data controller

Euroques S.L.
CIF B24368698
Carretera León - La Bañeza km 1 nº6, 24391, Ribaseca, León (Spain)
Email: hello@cavesleon.com

2. What data we collect and why

  • Booking & contact data (name, email, phone, country, hotel, party size, preferred date/time, message): collected when you fill in our forms, with the legal basis of pre-contractual steps at your request (art. 6.1.b GDPR) and your explicit consent for marketing (art. 6.1.a GDPR).
  • Technical data (IP address, user agent): collected for security and fraud prevention based on our legitimate interest (art. 6.1.f GDPR). We never combine it with your identity unless legally required.
  • Cookies: see our Cookie Policy for details. Optional cookies require your prior, granular and revocable consent (art. 22.2 LSSI-CE).

3. How long we keep your data

Booking records: as long as the commercial relationship lasts plus the statutory periods imposed by Spanish tax (4 years), commercial (6 years) and consumer protection law. Contact messages with no booking: deleted after 24 months. Marketing consent: until you unsubscribe.

4. Who we share your data with

  • Supabase (database & authentication, EU region) as our data processor, under a GDPR-compliant DPA.
  • Vercel (hosting) as our data processor, under a GDPR-compliant DPA.
  • Tax and accounting authorities, where legally required.

We do not sell your data. We do not transfer it outside the EEA except through the providers above and only with EU Standard Contractual Clauses in place.

5. Your rights

You have the right to access, rectify, erase, restrict, port and object to the processing of your personal data, and to withdraw consent at any time without affecting the lawfulness of prior processing. Write to hello@cavesleon.com with proof of identity and we'll respond within one month.

If you believe your rights have been infringed, you can file a complaint with the Spanish Data Protection Agency (AEPD, aepd.es).

6. Security

We apply industry-standard security measures including TLS in transit, encryption at rest, role-based access control and audit logging. Notwithstanding, no system is 100% secure. If you suspect a breach involving your data, contact us immediately.

7. Children

Our experiences are wine-tastings and are not directed to minors. We do not knowingly collect personal data from children under 14 without parental consent.

8. Changes

We may update this policy. Material changes will be communicated via email to active customers and announced on this page.