chic&basic Habana Hoose (+34) 935 95 65 05 chic&basic Born Boutique (+34) 932 954 652 chic&basic Velvet (+34) 934 234 647 chic&basic Lemon Boutique (+34) 933 426 666 chic&basic Zoo (+34) 932 954 652 chic&basic Tallers (+34) 934 121 097 chic&basic dot (+34) 911 08 75 65 chic&basic Reding (+34) 934 121 097 chic&basic Gravity (+351) 22 976 6740 Casa Teva by chic&basic (+351) 218 383 250 Honest Budapest by chic&basic (+36) 61 872 8292
chic&basic Habana Hoose (+34) 935 95 65 05 chic&basic Born Boutique (+34) 932 954 652 chic&basic Velvet (+34) 934 234 647 chic&basic Lemon Boutique (+34) 933 426 666 chic&basic Zoo (+34) 932 954 652 chic&basic Tallers (+34) 934 121 097 chic&basic dot (+34) 911 08 75 65 chic&basic Reding (+34) 934 121 097 chic&basic Gravity (+351) 22 976 6740 Casa Teva by chic&basic (+351) 218 383 250 Honest Budapest by chic&basic (+36) 61 872 8292
en
Language Español Español Language English English Language Portugués Portugués Language Deutsch Deutsch Language Français Français Language Italiano Italiano Language Hungaro Hungaro
Check-in
15/03/2026
Check-out
16/03/2026
Discount code
Start Privacy Policy

Privacy Policy. Protection of personal data in accordance with the GDPR

Data Controllers

In the context of this website, there are two data controllers responsible for processing your personal data, each acting independently for their respective purposes:

A. Responsible for the Web Platform and Initial Booking (The Intermediary):

  • Company Name: CHIC&BASIC BORN, S.L.
  • Tax ID Number: B-64054265
  • Address: Princesa, 50, 08003 Barcelona
  • Contact: newsletter@chicandbasic.com
  • Purpose: Management and maintenance of the web platform, initial booking process, and sending of commercial communications (if consented to).

B. Responsible for the Execution of the Accommodation Contract (The Service Provider):

  • Identification: The company operating the hotel selected for your stay. This may be:
    • ARGENTERIA 2021, S.L. with Tax ID Number B42857169 and address at Paseo De Gracia 67 - Barcelona - 08008 (Barcelona)
    • CHIC&BASIC BORN, S.L. with Tax ID Number B64054265 and address at Calle Princesa 50 - Barcelona - 08003 (Barcelona)
    • CHIC&BASIC TALLERS, S.L. with Tax ID Number B64054216 and address at Calle Princesa 50 - Barcelona - 08003 (Barcelona)
    • CHIC&BASIC LEMON, S.L. with Tax ID Number B09868779 and address at Calle Pelayo 6 - Barcelona - 08001 (Barcelona)
    • HOTEL NOVA, S.A. with Tax ID Number A58377540 and address at Calle Gravina 5-7 - Barcelona - 08001 (Barcelona)
    • HVA PATRIMONIAL INVERSORA XXI, S.L. with Tax ID Number B66438409 and address at Paseo De Gracia 67 - Barcelona - 08008 (Barcelona)
    • CBHOTELS OPORTO, LDA with registration number PT515441465 and address at Rua de José Falcão 129 - Porto - 4050 (Portugal)
    • SHH OPCO PORTUGAL, LTD. with registration number PT518421597 and address at Rua das Farinhas 13 - Lisboa - 1100 (Portugal)
    • SHH OPCO HUNGARY KFT. with registration number HU32562275 and address at Dohány Utca 66 - Budapest - 1074 (Hungría)
    • CBHOTELS TOKYO HOOSE, UNIPESSOAL LDA with registration number PT518867366 and address at Rua das Oliveiras 61 - Porto - 4050 (Portugal)
  • Purpose: Execution of the accommodation contract, check-in, check-out, billing, compliance with passenger registration regulations and any other applicable legal obligations, and provision of services during the stay.
  • Full Identification: The full details of this company (Name, Tax ID number, and Address) will be provided in the booking summary and in the confirmation email.

We also inform you that we have a Data Protection Officer registered with the Spanish Data Protection Agency. Their contact details are: GRUPO ATICO34 SL lopd-gdd@atico34.com

Purposes and Legal Basis for Processing

Your personal data will be processed for the following purposes, based on the following legal grounds:

  • Purpose of Processing: Management of the Reservation and Execution of the Accommodation Contract
    • Legal Basis (Art. 6 GDPR): Execution of a contract (art. 6.1.b)
    • Retention Period: During the contractual relationship and the legal periods (tax, guest registration).
  • Purpose of Processing: Compliance with Legal Obligations (Traveler registration, tax authorities)
    • Legal Basis (Art. 6 GDPR): Legal obligation (art. 6.1.c)
    • Retention Period: 4 years (tax authorities) and 3 years (traveler registration, according to regulations).
  • Purpose of Processing: Management of resumes received through the website for personnel selection processes
    • Legal Basis (Art. 6 GDPR): Execution of pre-contractual measures (art. 6.1.b)
    • Retention Period: 1 year unless the interested party requests its deletion beforehand or an employment relationship is maintained.
  • Purpose of Processing: If you have provided us with your resume, we may share your data with any of the companies in the group in connection with your application
    • Legal Basis (Art. 6 GDPR): Consent (art. 6.1.a)
    • Retention Period: 1 year unless the data subject requests its deletion beforehand or an employment relationship is maintained.
  • Purpose of Processing: To communicate customers' personal data to companies within the group for the purpose of consolidating accounts between companies within the group and for the harmonization of corporate policies and strategic, commercial, and financial management
    • Legal Basis (Art. 6 GDPR): Legitimate interest (art. 6.1.f), Legal obligation (art. 6.1.c)
    • Retention Period: 6 years in accordance with commercial regulations.
  • Purpose of Processing: Maintenance of the Web Platform
    • Legal Basis (Art. 6 GDPR): Legitimate interest (art. 6.1.f)
    • Retention Period: As necessary for the purpose.
  • Purpose of Processing: Sending Commercial Communications (Newsletter)
    • Legal Basis (Art. 6 GDPR): Consent of the data subject (art. 6.1.a)
    • Retention Period: Until the data subject revokes consent.

Communication and Data Transfer between Independent Controllers

In order to formalize and execute your reservation, CHIC&BASIC BORN, S.L. (Web Platform Controller) will communicate the personal data of your reservation (name, contact details, dates of stay, reservation details) to the company operating the hotel you have selected (the Service Provider). This communication is necessary for the execution of the accommodation contract (Art. 6.1.b GDPR) that you are going to formalize with the Service Provider.

Likewise, for the provision of certain services, we use technology providers that may process personal data outside the European Economic Area (EEA), such as the hotel management system through Mews Systems B.V. In these cases, international data transfers are carried out with the appropriate safeguards required by data protection regulations, in particular by signing Standard Contractual Clauses approved by the European Commission, or other legally valid mechanisms, in order to ensure a level of protection equivalent to that of the EEA. You can access detailed information at: https://www.mews.com/en/terms-conditions/data-processing-transfer-policy-partners

For the management of reservations and communication with our customers at CHIC&BASIC LEMON, S.L., CHIC&BASIC TALLERS, S.L. (Velvet), and ARGENTERIA 2021, S.L., we use the Bookline platform and its associated providers. Some of these providers, such as AWS, Google Cloud, Microsoft Azure, Twilio, 360dialog, and others, may process personal data outside the European Economic Area (EEA), mainly in the United States. These international data transfers are carried out with the guarantees required by data protection regulations, including the signing of Standard Contractual Clauses approved by the European Commission, in order to ensure a level of protection equivalent to that of the EEA. The data is used exclusively for the management of reservations, communication with customers, transcription of calls and interaction analysis, as well as for the proper provision of the service. You can find more information at: https://bookline.ai/politica-de-privacidad-hoteles/ 

At CHIC&BASIC LEMON, S.L. and CBHOTELS OPORTO LDA, the Quicktext platform and its associated providers are used for managing reservations, customer service via chatbot, pre-stay communications, and reservation confirmation. Some of these providers, such as LLC in the United States, may process personal data outside the European Economic Area (EEA). These transfers are carried out with the guarantees required by data protection regulations, through Standard Contractual Clauses approved by the European Commission, ensuring a level of protection equivalent to that in Europe. More information at: https://www.quicktext.im/privacy-policy 

If you have provided us with your resume, we may share your data with any of the companies in the group in connection with your application.

Based on our legitimate interest, the data may be transferred to companies in the same business group for the purpose of consolidating accounts between the companies in the group and for the purpose of harmonizing corporate policies and strategic, commercial, and financial management.

We also inform you that we use third-party services (e.g., Google reCAPTCHA) that may involve the processing of data outside the EEA. In these cases, we ensure that the transfer is carried out under adequate safeguards (e.g., Standard Contractual Clauses approved by the European Commission).

No additional communications of your data will be made to third parties, except where legally required.

Source of data and method of collection

The personal data we process has been provided directly by you. If you provide us with data belonging to other people, you guarantee that you have their express consent and that you have informed them of the content of this Policy. You also release us from any liability arising from a breach of this obligation.

Accuracy of personal data

If you do not provide us with your data or do so incorrectly or incompletely, we will not be able to respond to your request, making it impossible to provide you with the requested information or to contract the services.

The data owner guarantees that the data provided is true, accurate, complete, and up-to-date. You will inform us of any changes to the data provided through the channels indicated in the header of this policy.

Exercising your Rights

You may exercise your rights of access, rectification, erasure, restriction of processing, portability, and objection by sending your request in writing to:

  • For matters related to the website and marketing (Data Controller A): newsletter@chicandbasic.com or to the address Princesa, 50, 08003 Barcelona
  • For matters related to your stay and the accommodation contract, please contact the hotel operator at the address provided in your booking confirmation

You also have the right to lodge a complaint with the competent supervisory authority (Spanish Data Protection Agency - www.aepd.es) if you consider that the processing does not comply with current regulations.

The user declares that all the information provided by them is true and correct, and undertakes to keep it up to date, communicating any changes to the Data Controller.

Data collected by users of the services

In cases where the user includes files containing personal data on shared hosting servers, the Data Controller shall not be held liable for any breach of the GDPR by the user.

Intellectual property rights https://www.chicandbasic.com/es

The Data Controller is the owner of all copyright, intellectual property, industrial property, know-how, and any other rights related to the content of the website and the services offered therein, as well as the programs necessary for its implementation and related information.

The reproduction, publication, and/or use of the contents of the website https://www.chicandbasic.com/es, in whole or in part, for purposes other than strictly private use is not permitted without prior written consent.

Intellectual property of the software

The user must respect the third-party programs made available by the Data Controller, even if they are free and/or publicly available.

The Data Controller has the necessary exploitation and intellectual property rights for the software.

The user does not acquire any rights or licenses for the contracted service, for the software necessary for the provision of the service, or for the technical information for monitoring the service, with the exception of the rights and licenses necessary for the fulfillment of the contracted services and only for the duration of the same.

For any action that exceeds the fulfillment of the contract, the user will need written authorization from the Data Controller, and the user is prohibited from accessing, modifying, or viewing the configuration, structure, and files of the servers owned by the Data Controller, assuming civil and criminal liability for any incident that may occur on the servers and security systems as a direct result of negligent or malicious action on their part.

Intellectual property of hosted content

Any use contrary to intellectual property legislation of the services provided by the Data Controller is prohibited, in particular:

  1. Any use that contravenes Spanish law or infringes the rights of third parties.
  2. The publication or transmission of any content that, in the opinion of the Data Controller, is violent, obscene, abusive, illegal, racist, xenophobic, or defamatory.
  3. Cracks, software serial numbers, or any other content that infringes the intellectual property rights of third parties.
  4. The collection and/or use of other users' personal data without their express consent or in contravention of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
  5. The use of the domain's mail server and email addresses for sending unsolicited bulk mail.

The user is fully responsible for the content of their website, the information transmitted and stored, hypertext links, third-party claims, and legal actions relating to intellectual property, third-party rights, and the protection of minors.

The user is responsible for complying with the laws and regulations in force and the rules relating to the operation of the online service, e-commerce, copyright, maintenance of public order, and universal principles of Internet use.

The user shall indemnify the Data Controller for any expenses incurred as a result of the user being held liable in any case attributable to the user, including legal fees and expenses, even in the case of a non-final court decision.

Protection of hosted information

The entity responsible for processing makes backup copies of the content hosted on its servers, but is not responsible for the accidental loss or deletion of data by users. Similarly, it does not guarantee the total replacement of data deleted by users, as such data may have been deleted and/or modified during the period of time since the last backup.

The services offered, except for specific backup services, do not include the replacement of content stored in the backups made by the data controller when this loss is attributable to the user; in this case, a fee will be determined according to the complexity and volume of the recovery, always subject to the user's prior acceptance.

The replacement of deleted data is only included in the price of the service when the loss of content is due to causes attributable to the data controller.

Commercial communications

In accordance with the LSSI, no advertising or promotional communications will be sent by email or other equivalent electronic means of communication that have not been previously requested or expressly authorized by the recipients thereof.

In the case of users with whom there is a prior contractual relationship, the data controller is authorized to send commercial communications relating to products or services similar to those initially contracted with the customer.

In any case, after proving their identity, users may request that no further commercial information be sent to them through the Customer Service channels.