Privacy Policy

This legal text provides details on how we collect and process your personal data through the use of our website http://www.engage-mh.com, including any information you may provide to us through the site when submitting your data via the form provided for that purpose.

By providing us with your data, you acknowledge that our services are not available to individuals who are legally prohibited from giving consent. Therefore, when you submit any forms, you guarantee that you have the legal capacity to provide consent.

Below, we provide information regarding the data protection policy of DG Invest Hospitality, S.L. and IPIH Espagne, S.L.

1. Data Controller

Contact details of the Data Controller:

DG Invest Hospitality, S.L. and IPIH Espagne, S.L.
Tax ID (CIF): B09801119 / B55134704
Registered addresses:

• Calle Albasanz nº 63, 28037 Madrid
• Cl. Can Gordi nº 1, 08403 Granollers, Barcelona
  Telephone: +34 977742712
  Email: engage@engage-mh.com

Company Registrations:

• Madrid Commercial Register: Volume 3370, Folio 101, Sheet GI 70084, Entry 1 (22.03.22)
• Barcelona Commercial Register: Volume 2868, Folio 29, Sheet GI 53565, Entry 1 (5.04.12)

DG Invest Hospitality, S.L. and IPIH Espagne, S.L. are responsible for your personal data (hereinafter, “we”, “us”, or “our”).

2. What Data Do We Collect?

The General Data Protection Regulation (GDPR) defines personal data as any information relating to an identified or identifiable natural person — that is, any information capable of identifying an individual. This does not include anonymous or aggregated data.

The personal data that may be collected directly from the data subject will be treated confidentially and incorporated into the respective data processing activities owned by DG Invest Hospitality, S.L. and IPIH Espagne, S.L.

On our website, we may process the following categories of personal data:

• Identity data: name
• Contact data: email address and telephone number

We do not collect any information related to special categories of personal data (such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health data, genetic or biometric data).

If we are legally required to collect personal data from you, or under the terms of a contract between us, and you refuse to provide it, we may be unable to perform the contract or provide the requested service, and you must inform us in advance.

3. How Do We Collect Your Personal Data?

We collect personal data through the following means:

• Via our website form, email, phone, or postal mail, when you:
  • Request information about our services
  • Contract our services
  • Request a quotation
• Through automated technologies or interactions:
  Our website may automatically collect technical data about your device, browsing actions, and usage patterns. This data is gathered through cookies or similar technologies. For more information, please refer to our Cookie Policy (insert link).
• Through third parties:
  • Google: analytical or search data (outside the European Union).

4. Purpose and Lawful Basis for Processing Your Data

The most common purposes for processing your personal data are:

• For the execution of a contract between DG Invest Hospitality, S.L. and IPIH Espagne, S.L. and you.
• When you have given your consent for us to process your data.
• When it is necessary to comply with a legal or regulatory obligation.
• When it is necessary for our legitimate interests or those of a third party.

You may withdraw your consent at any time by emailing engage@engage-mh.com, or by following the instructions in the section on the exercise of data protection rights below.

Form / Context	Purpose	Type of Data	Lawful Basis for Processing
Contact Form	To manage inquiries and requests for information received through the website	Name, Email, Telephone	Consent of the data subject (Art. 6.1.a GDPR); Pre-contractual measures (Art. 6.1.b GDPR); Legitimate interest of the controller (Art. 6.1.f GDPR)

Purpose: We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible reason, in which case we will notify you in advance and explain the lawful basis for doing so.

5. Data Retention Period

We will retain your data only for as long as necessary to fulfill the purposes for which it was collected and to determine any potential liabilities arising from such purposes and processing. The applicable retention period will depend on the relevant legal requirements in force.

6. Minors

DG Invest Hospitality, S.L. and IPIH Espagne, S.L. do not authorize individuals under 14 years of age to provide personal data through the means available on this website (such as completing web forms, requesting services, or contacting us via email).

Therefore, any individual who provides personal data using these methods formally declares that they are over 14 years of age, and DG Invest Hospitality, S.L. and IPIH Espagne, S.L. shall be exempt from any liability arising from non-compliance with this requirement.

If your child, who is below the age limit, has provided personal information to DG Invest Hospitality, S.L. or IPIH Espagne, S.L., please contact us to exercise the applicable rights.

If any of the services offered by DG Invest Hospitality, S.L. and IPIH Espagne, S.L. are directed at minors under 14, appropriate mechanisms will be established to obtain the consent of parents or legal guardians.

7. Exercising Data Protection Rights

How to exercise your rights:
Users may contact DG Invest Hospitality, S.L. or IPIH Espagne, S.L. by sending a letter to the registered address or by email to engage@engage-mh.com, including a copy of their ID or similar identification document, to exercise the following rights:

• Right of access: You may request confirmation on whether we are processing your personal data.
• Right to rectification: You may request correction of inaccurate data or exercise the right to erasure (“right to be forgotten”).
• Right to restriction: You may request restriction of processing; in this case, data will only be retained for the exercise or defense of claims.
• Right to object: You may object to the processing of your data, and we will stop processing unless there are legitimate grounds or for the defense of legal claims.
• Right to data portability: You may request that your data be transferred to another entity.

You may use the forms provided by the Spanish Data Protection Agency (AEPD) to exercise these rights: click here.

If you believe there is an issue with how DG Invest Hospitality, S.L. or IPIH Espagne, S.L. is handling your data, you have the right to file a complaint with the supervisory authority — in Spain, this is the Agencia Española de Protección de Datos (AEPD).

We may request specific information to confirm your identity and ensure your right to access your personal data (or exercise any other rights). This is a security measure to prevent personal data from being disclosed to unauthorized individuals.

All requests will be processed within the legal timeframe of one month. If your request is particularly complex, we may require more time, but we will notify you accordingly.

8. Data Disclosure and Service Provision

In the course of our work, we may require assistance from third parties who will process data solely to provide the contracted services and who are subject to appropriate safeguards to ensure your rights.

These third parties may include:

• Service providers offering system administration and IT support.
• Professional advisors such as lawyers, auditors, and insurers providing legal, financial, or consulting services.

All data processors to whom we transfer your data will respect its security and process it in accordance with the GDPR.
We only allow such processors to handle your data for specific purposes and under our instructions.

For transparency, you may request a list of these third-party service providers by emailing engage@engage-mh.com.

9. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way.

Access to your data is restricted to employees, agents, contractors, and third parties who have a legitimate business need to know. They will only process your data according to our instructions and are subject to confidentiality obligations.

We have also implemented procedures to handle any suspected data breach, and we will notify you and the competent Supervisory Authority of any breach in accordance with Articles 33 and 34 of the GDPR.