Your privacy and trust are important to us, and for that reason, in this Privacy Policy we offer you important information about how we treat your personal information. We recommend that you read carefully the following information and, if after doing so, you have any questions, you can get in touch with us through our contact form.

This Privacy Policy applies to and in accordance with the provisions of our Legal Notice and Terms of Use. 

Data Controller and declaration of regulatory compliance. Contact of the Data Protection Officer (DPO)

The owner of this website is CERVESES MORITZ SA (hereafter MORITZ) a company inscribed in the Mercantile Register of Barcelona, Volume 45334, Page 198, Section 8, Sheet B 187561, Inscription 29, CIF number A-61812897 and whose registered address is Ronda Sant Antoni, 39, 08011 Barcelona (Spain).

If you would like to get in touch with us, you can do so via our:

  • Contact Form
  • Telephone: (+34) 902 365 900

Or if you prefer, you can send us a letter to the aforementioned address.

If your query is related to the use of your personal data, or if you would like to unsubscribe to any of our services, you can do so HERE or contact our DPO at the email dpo(@)

MORITZ respects the current Spanish and European legislation regarding the Protection of Personal Data, specifically Regulation 2016/679 of the European Parliament and Council of April 27th, 2016, and according to the state of technology, the nature of the data and the risks to which they are exposed, MORITZ will apply the appropriate technical and organisational measures to guarantee the confidentiality and privacy of the personal data collected via this website, as well as the integrity, availability and security of the same, taking the necessary actions to prevent any alteration, loss, unauthorised access or fraudulent use of the data processed.

MORITZ guarantees that the personal data of the User is treated in a lawful, faithful and transparent manner, and that it has been collected with the explicit consent of the User who has been given prior information regarding the purpose of this processing, expressly indicated in this Privacy Policy.

MORITZ will not process or share the personal data of users except as permitted by current regulations, at the requirement of the competent authorities, or with the express consent of the User who has been previously informed.

MORITZ will not use the personal data of its users for purposes other than those previously informed before the data is sent by the User.

Personal information and processing of personal data. What does it mean?

Personal information refers to any information that relates to an identified or identifiable natural person, direct or indirectly, (name, identification number, location information or specific factors of physical, psychological, genetic, mental, economic, cultural or social identity of the person, exact information of the geographical location, financial information and bank account numbers, as well as singular elements of identification, such as National Identity Number, IP address, MAC address, social security number, driver's license number, etc.).

Personal information which is especially protected is that which is related to race or ethnic origin, political opinion, religious belief, membership of workers' associations, physical or mental health, additional medical information, including biometric and genetic data or sexual preference, background or convictions.

The operations, management and technical procedures that are carried out in an automated or non-automated manner and that make possible the collection, registration, organisation, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, diffusion or any other form of enabling access or interconnection, limitation, deletion or destruction of personal data or sets of personal data are considered to be the processing of personal data.

MORITZ does not gather, or process personal data of users classified as especially protected. If you want to know how we treat your personal data, we invite you to continue reading this Privacy Policy.

How we use your personal information

Transparency and information about personal data protection

We want to make our privacy practices clear so that you can make informed decisions about the use of your personal information by MORITZ.

Our values for the treatment of personal data:

                  Lawfulness and loyalty

We will always require your prior consent to process your personal data for one or more specific purposes of which we will inform you of in advance of sending the data. Unless the processing of personal data is based on some other legitimate cause in accordance with the current applicable law.


We only require from the users, data which is strictly necessary for the purposes of data processing.

                  Limitation on the term of conservation

We keep the data for the necessary time according to the purpose of the processing, in each case informing you of the period of conservation. We revise and update the personal databases, eliminating inactive registers or those that are no longer necessary due to the purpose of the processing having finished.


We apply the appropriate technical and organisational security measures for the processing of personal data, ensuring confidentiality and minimising the risk of unauthorised access or improper use of personal data of users by third parties.


In this policy you will find all the information regarding how MORITZ uses your personal data. In general, we gather, use, disclose, transfer and store personal information when necessary in order to provide our services and for operational and business purposes, as detailed in this Privacy Policy.

How do we obtain your data? The type of personal information that we gather

We gather your information via:

The contact Form

The “work with us” form

The form to book your visit to the factory

The use of cookies

q  When you exercise any of your data protection rights before us.

Through the aforementioned channels, we can collect the following information:

q  Name and surnames

q  Date of Birth

q  Address

q  Telephone

q  National or Foreign Identification Number to subscribe you to our job offers via the “Work with us ” form and in the instance that a data protection right is exercised and is provided by the user to prove his identity.

q  Email address

q  Education

q  Employment status

q  Discount code, which if obtained through a collaborator, can enable you to be identified

q  When attaching your CV on the “Work with us” form, we collect all personal information contained in this document

q  Any other information and/or file that you freely decide to transfer to MORITZ

q  The information collected through the use of cookies, which you can consult in our cookies policy .

Your commitment, the veracity of the data that you provide us with

The User declares that the personal data provided to MORITZ in any area of use of this website is true.

As a User you must be aware that you are solely responsible for any damage or loss, direct or indirect, that could be caused to MORITZ as controller of this website, or to a third party, if you fill out any form with false information or that from a third party without having their prior consent, causing deception, damage or injury.

So that we can keep your data accurate and updated, we ask the User to inform us of any variation that may occur with the data provided.

 Consent of those under 18 years of age

The website is not intended to be used by children under the age of 18 years, so if you are below that age, you are not authorised to browse and use this website.

MORITZ prohibits the sending of personal data through this website by users under 18 years of age. In the event that MORITZ detects users who may be under the indicated age, it will not process their data or answer their requests.

MORITZ reserves the right to request a copy of your National Identification or equivalent document to prove your legitimacy in case of having reasonable doubt over the User being below legal age. However, MORITZ cannot verify the accuracy of the data provided, nor will MORITZ be liable for those who are underage and who access the website and the contents of MORITZ, in breach of said access condition.

MORITZ recommends that parents, representatives or legal guardians supervise or take the necessary precautions while those under the age of 18 are browsing the internet, and also to establish filters on the information and contents that those minors can or cannot access.

    The purpose of the processing by MORITZ


MORITZ states that all the personal data provided through this website by the User will be incorporated and processed by MORITZ, as data controller, with the following purposes:

  • To manage inquiries made through the Contact form and to give the appropriate response.
  • To include your application in our employment selection processes.
  • To send you commercial communication regarding our news, latest information, products and services, only in the case of you expressly having authorised this previously.
  • To process your reservation to visit our factory.
  • To manage new registrations and cancel registered users of the MORITZ databases for electronic communications.
  • To handle the exercising of the rights of those interested.
  • Legal Obligations: We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection or investigation of a crime, the prevention of loss or fraud or in order to comply with the requirements of internal and external audits, with our objectives of security of information, crime prevention, which may mean that they are treated: (a) in virtue of the applicable law, which may include laws outside the country of residence of the User; (b) to respond to requests from courts, security agencies, regulatory bodies and other public and governmental authorities, which may include authorities outside the country of residence of the User; (c), and to protect our rights, privacy, security or property, or those of others.
  • Legitimate interest: For reasons of business management MORITZ may pass your personal information on to related companies or to third parties for business management purposes, which are located outside the European Economic Area, always verifying the compliance with the guarantees required by the European data protection regulations.

Prior to the submission of any request or information via the email addresses published on this website, the User declares to have read this Privacy Policy, which for legal purposes has given unequivocal, free, specific and informed consent to the processing of your personal data for said purposes, without prejudice to your subsequent entitlement to exercise your rights in accordance with current regulations and the provisions of this Privacy Policy.

This express consent implies the authorisation of the processing of your data by MORITZ in the terms established in this Privacy Policy, as well as by the parties jointly responsible and those in charge of this processing, with which MORITZ maintains a contractual relationship and compliance control.

The personal information that MORITZ possesses regarding its users is not always obtained directly from the users.

Our servers automatically collect certain information through cookies that can identify the User.


International transfers

In some cases, MORITZ uses tools and services from third-parties to manage some of the services offered on this website. Some of these services may be owned by third parties who are resident outside the European Economic Area.

MORITZ tries to use secure tools whose servers are preferably in Spain, or failing that, in a member state of the European Union, or that comply with European law in accordance with the guidelines and recommendations made by the Spanish Agency for Data Protection, European Commission and the EU agreements of reference in terms of international data transfer.

In the instance that the international transfer of data is required, the acceptance of this Privacy Policy means that the User expressly consents to said transfer.

Security measures applicable to the processing of personal data

In order to protect the personal data of web users, MORITZ ensures and controls their data controllers, in the application of appropriate technical and organisational measures to the state of the art in order to protect personal data, taking into account the reach, context and purpose of the processing, as well as the risks of variable probability and severity for the rights and freedoms of the interested parties, aiming to be capable of ensuring the confidentiality, integrity, availability and resilience of the treatment systems and services.

In particular, MORITZ has implemented on this website an encryption and authentication Protocol which guarantees that the personal data consulted by us is transmitted to our servers through a secure SSL connection ("Secure-Socket-Layer") (TLS). 1.2, ECDHE_RSA with P-256 and AES_128_GCM), in order to protect them from third parties.

Our policies and procedures for the security of information are reviewed and updated regularly in order to meet the needs of our business, technological changes and regulatory requirements.

  • We implement technical and organisational measures to store and transfer information in a secure manner, in order to protect it from attacks or accidental loss, as well as from access, use, destruction or disclosure which is unauthorised.
  • We have a risk assessment strategy for privacy and security, as well as a disaster recovery plan and business continuity plan which are designed to safeguard the continuity of our services and to protect our staff.
  • We apply adequate restrictions to the access to personal information.
  • We require from our suppliers, data controllers with the accredited security controls that are appropriate to the processing of personal data that, in each case, they perform.
  • We require our employees and contractors to have continuous training.

Notification of breaches of security of personal data

In the event that there is a breach of security of personal data, unless it is improbable that such a breach of security constitutes a risk to the rights and freedoms of natural persons, MORITZ will notify the Spanish Agency for Data Protection within 72 hours of becoming aware of the incident, describing the nature of the violation, the possible consequences that may arise and the adopted or proposed measures to remedy the security breach; and if possible, the categories and the approximate number of affected parties and affected data will be made known.

Likewise, MORITZ will notify interested parties, as soon as possible, when it is probable that the violation of the security of personal data poses a high risk to the rights and freedoms of natural persons, describing the possible consequences that may arise and the measures taken or proposed to remedy this security breach.

Exercise of rights

At any time, the User can withdraw their consent and/or exercise their rights of access, rectification, deletion, limitation, opposition and transferability detailed in European regulations for the protection of personal data, by sending an email to dpo (@) or by written post to CERVESES MORITZ, SA, Calle Ramón Berenguer IV, 1, 50007, Zaragoza (Spain).

In which case, the User must indicate the right that they wish to exercise, the website of which they exercise their right, and must attach a copy of their ID or any other valid identification document that proves their identity, including that which allows electronic identification.


What do these rights consist of?

The right of access gives legitimacy to the User to obtain information about which personal data is being processed, the purpose of this processing, the categories of data processed, the term or criteria of conservation, the recipients or categories of recipients; if profiles are made of significant information of the applied logic and the consequences of the intended processing; the exercise of rights of rectification or deletion of personal data and limitation or opposition to the processing and the right to present a claim to the control authority.

To exercise it, the User does not need to issue a justification, unless it has been exercised in the last six months.

In case of exercising your right of access, MORITZ is legally obliged to make a decision on the access request within a maximum period of one month, from when the request is received, providing a copy of the objective of the processing of personal data or allowing remote access to them. MORITZ will also facilitate any other additional copy which has been requested by the interested party, upon payment of the fee generated by the administrative expenses for its issuing.

MORITZ may deny access and invoke the protection of the Spanish Agency for Data Protection with the motive of having exercised said access in the previous six months, or because it foresees or impedes a national or EU regulation.

 The right of rectification legitimates the User to demand MORITZ rectifies the data that they understand to be inaccurate or incomplete. For this, the User must indicate to us what data they refer to and the correction that must be made, by providing the documentation that justifies it. In this case, MORITZ must make the rectification as soon as possible and always within one month of receiving the request. This period may be extended for another two months if necessary, taking into account the complexity and number of applications. MORITZ will inform the interested party of the extension within the first month of the request being received.

The right of erasure (or "right to be forgotten") means that the User has the right to have the data deleted when the treatment is unlawful, the interested party has withdrawn their consent or has exercised the right of opposition and no other legitimate reasons for their processing remain; or they are no longer necessary in relation to the purposes for which they were collected or processed; or they must be erased to fulfil a legal obligation of MORITZ.

The interested party will not have the right for MORITZ to delete their data when the processing is necessary to exercise the right to freedom of expression and information; to fulfil a legal obligation; for the formulation, exercise or defence of claims; for public interest based on current legislation for reasons of public health or for historical, statistical or scientific research purposes.

MORITZ will respond to your request as soon as possible and, in any case, within one month of receiving your request. This period may be extended for another two months if necessary, taking into account the complexity and the number of applications. MORITZ will inform the interested party of the extension within one month of receiving the request.

The right of opposition means that the User has the right to the processing of their personal data not being carried out or that it ceases, in the instances in which the processing is based on direct marketing, profiling; the interest or rights and freedoms of the interested party prevail, especially if it is a child, over the legitimate interest of MORITZ or of third parties; historical, statistical or scientific research, unless the processing is necessary for reasons of public interest.

MORITZ will respond to your request as soon as possible and, in any case, within one month of receiving your request. This period may be extended for another two months if necessary, taking into account the complexity and the number of applications. MORITZ will inform the interested party of the extension within one month of receiving the request.

The right to the limitation of processing means that the User has the right to decide which personal data they do not want processed again in the future, being able to exercise this right when they have previously challenged the accuracy thereof; when the processing is illegal and instead of exercising the erasure of it, they decide to limit its future processing; or when they consider that MORITZ no longer needs the personal data for authorised processing purposes, but instead, the User needs them for the formulation, exercise or defence of claims.

In case of limitation of processing, the restriction may be lifted if there is consent from the interested party; the possibility that the treatment affects the protection of the rights of another natural or legal person; a judicial procedure that justifies it; or if there is an important reason of public interest based on current legislation.

MORITZ will respond to your request as soon as possible and, in any case, within one month of receiving your request. This period may be extended for another two months if necessary, taking into account the complexity and the number of applications. MORITZ will inform the interested party of the extension within one month of receiving the request.

The right to transferability means that the User has the right to receive the personal data provided to MORITZ or that MORITZ transmits to another controller, in a structured, common use and machine readable format, provided that the processing is carried out by automated means and the processing is based on the consent that the User provided it on one day for one or several specific purposes, or for the execution of a contract to which he was party.

The right to transferability will not apply when the transmission is technically impossible; nor when it may adversely affect the rights and freedoms of third parties; nor when the processing has a mission of public interest based on current legislation.

MORITZ will respond to your request as soon as possible and, in any case, within one month of receiving your request. This period may be extended for another two months if necessary, taking into account the complexity and the number of applications. MORITZ will inform the interested party of the extension within one month of receiving the request.

How do we share the information with third parties? Data Controllers

We share personal information with third parties to provide services or conduct business operations in the terms described in this Privacy Policy, or when we consider that the law allows or demands it. When we share personal information, we do so in accordance with privacy and data security requirements.

MORITZ informs the User that some of our suppliers can process their personal data as data controllers, for example with our commercial partners and third-party service providers, when necessary for the provision of services, internal management, support of software, systems and platforms, cloud hosting services and carrying out electronic communications. In such cases, the provider can only access personal data when MORITZ informs the User and maintains a contractual relationship with the data controller that guarantees confidentiality, not using the personal information of the users that we put at their disposal for other purposes, different from those necessary for the execution of the contract, as well as compliance with our internal regulations on privacy and security of information.

If MORITZ is required by the competent authorities to respond to legal requirements, the criminal investigation of possible illegal activity, or claims that there is content that infringes the rights of third parties or the protection of rights, property or safety of third parties, it may pass to the competent authorities the personal information of users.

If the rights of the website were transferred to another entity, MORITZ undertakes to commit to the subrogation and commitment of the new managing entity who is responsible for the processing of personal data for the continuation of this Privacy Policy, advising that if the personal information is to be used in a way which is contrary to this policy, the user must be notified previously.

Cookies Policy

MORITZ uses cookies (small files of information that are downloaded onto the computer terminal of a User when accessing a website, in order to store data that can be updated and retrieved by the person in charge of their installation) and other tracking technologies to carry out certain functions that are considered essential for the correct functioning and visualisation of the website and, in some cases, to store and manage the preferences of the User, enable content and collect analytical and usage data.

To obtain these analyses, this website may automatically store certain information in the server logs through the use of cookies or other technologies (such as the use of local storage and browser session) that collect non-personal data about their use and navigation related to the use of this website by the User. These records usually include information such as the type of browser, browser language, date and time of access request, URL, model of equipment or device, the version of the operating system and data regarding the mobile network used to access and navigate through this website.

If you wish to obtain more information about how we use cookies and to know how you can avoid them being installed, you can visit our Cookies policy.

How long will we process your data for?

The personal data provided will be kept for as long as the contractual relationship that brings us together subsists, during the legal conservation periods, or until the User requests its deletion, in order to keep you informed about actions promoted by MORITZ, provided that such treatment is suitable, relevant and limited to what is necessary for the purposes for which the data was collected in accordance with this Privacy Policy.

Reuse of this policy

MORITZ does not authorise the copying, reproduction or reuse of this privacy policy that has been specifically analysed to respond to the obligations inherent in this website.

Applicable legislation and jurisdiction

MORITZ has its headquarters in Spain, so the content of this Privacy Policy has been drafted by virtue of Spanish legislation and applicable regulations of the European Union.

The User accepts that the claims or complaints against MORITZ that come from or are related to the use of this website and more specifically to the processing of their personal data will be resolved by the court of the competent jurisdiction located in Barcelona. If MORITZ had to make any kind of claim, it will be done before the competent court of the User's address or in Barcelona if it is legal person or professional non-consumer.

If the User accesses this site from a location outside Spain, they are responsible for complying with all applicable local and international laws.

Reserving the right to modify the Privacy policy

MORITZ may modify these Terms at any time, in light of the evolution of the website and the contents offered in it, if deemed necessary, either for legal reasons, due to technical reasons, or due to changes in the nature or availability of the website, without any obligation to notify or inform the User of said modifications, being understood as sufficient their publication on the website.

Any modification, with respect to Users who use this website will take effect after said modification. The continued use of this site after the publication of any change, will be considered as an acceptance of the same. For this reason, at the end of this Privacy Policy, the date of the latest update will always be published, so that the changes made will be effective as of that date.

In case the User does not agree with the updates of our Privacy Policy, they may renounce them by not entering their personal data into the contact forms of the website or by exercising their rights as specified previously. If you are not satisfied that your rights have been adhered to, you can make a claim to the control authority.

Latest Update                                                                                                     

The latest update of the Privacy Policy was made on 05/12/2018.