← Back to home
Legal

Privacy Policy

Last updated: 27 May 2026

1. Data controller

The data controller for personal data processed through this website is:

  • Controller: James Martin Emms
  • NIF/NIE: X9948056G
  • Trading name: Inative Reservations — Inative Group
  • Address: Calle de la Hiedra, 6, 30710 Los Alcázares, Murcia, Spain
  • Contact email: hello@inativereservations.com

2. Processing purposes

We process your personal data for the following purposes:

  • Responding to enquiries and demo requests: managing and responding to messages submitted via the contact form on the website.
  • Pre-contractual communications: managing communications with potential clients prior to formalisation of the service.
  • Legal compliance: fulfilling obligations established by applicable legislation.
  • Website improvement: where you consent to analytics cookies, analysing aggregate patterns of website usage to improve the service.

3. Legal basis

The legal bases for processing are the following:

  • Consent (Art. 6.1.a GDPR): for the processing of analytics cookies, where you have given your express consent.
  • Pre-contractual measures (Art. 6.1.b GDPR): for responding to enquiries and demo requests, as these are steps taken at the request of the data subject prior to entering into a contract.
  • Legitimate interest (Art. 6.1.f GDPR): for basic communication management and spam prevention measures, where these interests are not overridden by your rights and freedoms.
  • Legal obligation (Art. 6.1.c GDPR): where processing is required to comply with applicable legal obligations.

4. Categories of data

The following categories of personal data may be processed depending on the interaction:

  • Contact form: name, restaurant or company name, email address, telephone number (optional), type of enquiry, free-text message.
  • Navigation data: technical data such as browser type, device, IP address and pages visited, collected through essential cookies or, where you consent, analytics cookies.

We do not process special categories of data (sensitive data) as defined in Article 9 of the GDPR.

5. Retention periods

Personal data is retained for the following periods:

  • Contact and enquiry data: for the duration of the pre-contractual or commercial relationship, plus a period of up to three years from the last interaction, unless a longer period is required by law.
  • Analytics data: for the period specified in the relevant cookie policy, from the date of consent.
  • Legal obligation data: for the periods prescribed by applicable tax, mercantile and administrative legislation.

After the applicable retention period, data will be securely deleted or anonymised.

6. Recipients

Your personal data will not be sold or transferred to third parties for their own marketing purposes. Data may be shared with:

  • Email service providers: used to send transactional messages related to your enquiry or demo request (acting as data processors under a data processing agreement).
  • Hosting and infrastructure providers: for operation and maintenance of the website and platform (acting as data processors).
  • Public authorities: where required by law or a valid legal order.

All third-party processors are required to handle data in accordance with this Privacy Policy and applicable data protection law.

7. International transfers

Your personal data is primarily processed within the European Economic Area (EEA). Where any service provider is located outside the EEA, transfers are carried out under the safeguards required by Chapter V of the GDPR, including Standard Contractual Clauses (SCCs) adopted by the European Commission.

8. Data subject rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR): to obtain confirmation of whether we process your data, and to receive a copy of the data we hold.
  • Right to rectification (Art. 16 GDPR): to request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): to request deletion of your data, where applicable grounds exist.
  • Right to restriction of processing (Art. 18 GDPR): to request that we limit processing of your data in certain circumstances.
  • Right to data portability (Art. 20 GDPR): to receive your data in a structured, commonly used format where processing is based on consent or contract.
  • Right to object (Art. 21 GDPR): to object to processing based on legitimate interest.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@inativereservations.com, including sufficient information to verify your identity. We will respond within one calendar month of receiving your request.

9. Right to complain to a supervisory authority

If you consider that the processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority. In Spain, this is the Agencia Española de Protección de Datos (AEPD), accessible at www.aepd.es. You may also complain to the supervisory authority of your country of residence.

10. Security measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures are reviewed and updated as necessary in line with the current state of technology and the risks involved in processing.

In particular:

  • All data transmitted between your browser and this website is encrypted using TLS/HTTPS.
  • SMTP credentials and server access keys are stored outside the publicly accessible web directory and are not included in source code.
  • Contact form submissions include technical anti-spam measures to prevent automated abuse.

11. Minors

This website and the Inative Reservations platform are intended for business use by hospitality professionals. We do not knowingly collect personal data from individuals under 16 years of age. If you believe that a minor has submitted personal data through our website, please contact us at hello@inativereservations.com so that we can delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our processing activities or applicable law. The date of the latest revision is shown at the top of this page. Where changes are material, we will take appropriate steps to inform you. Continued use of the website after the publication of any update constitutes acceptance of the revised policy.

For any questions about this Privacy Policy or our data processing practices, please contact us at hello@inativereservations.com.