Privacy Policy

1. Data Controller Identification

In accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR) and Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights, users are hereby informed that the personal data collected through the website www.mainbeste.com will be processed by:

Data Controller: Mainbeste Wellness S.L.
Tax Identification Number: ESB75715375
Registered Office: Paseo de la Castellana 81, 15th floor, 28046, Madrid, Spain
Contact email: info@mainbeste.com

Mainbeste Wellness S.L. (hereinafter, Mainbeste) is fully committed to ensuring the confidentiality, integrity, and security of the personal data of its users and clients.

2. Purpose of Processing and Categories of Data

The personal data provided by the user may be processed for the following purposes:

  1. Handling enquiries or requests for information submitted through contact forms, email, or social media channels.
  2. Processing orders, payments, and deliveries made through the online store, as well as managing returns, claims, or incidents.
  3. Customer service and after-sales support.
  4. Management of registered user accounts.
  5. Sending commercial and promotional communications, provided that the user has given their explicit consent.
  6. Improving the browsing experience and performing statistical analysis of website usage through cookies and analytical tools.
  7. Managing applications or recruitment processes, where curricula vitae or related forms are submitted.

The data collected may include: first name, last name, postal address, telephone number, email address, payment details, shipping information, IP address, and technical data relating to the device or browser used.

3. Lawful Basis for Processing

The processing of personal data is based on the following lawful grounds:

  • The explicit consent of the data subject for the sending of communications or the use of cookies.
  • The performance of a contract, in the case of purchases or requested services.
  • Compliance with legal obligations, including tax and accounting requirements.
  • Mainbeste’s legitimate interest in improving its services, customer care, and fraud prevention.

4. Data Retention

Personal data will be retained for the following periods:

  • Customer and billing data: retained for six (6) years in accordance with tax and accounting obligations.
  • Contact or subscription data: retained until the user requests deletion or withdraws consent.

  • Applications or curricula vitae: retained for twelve (12) months from the date of receipt.
  • Analytical or technical data: retained in accordance with the periods established in the Cookies Policy.

Once the applicable retention periods have elapsed, the data will be securely deleted or anonymised.

5. Data Recipients and Data Disclosure

Mainbeste does not transfer personal data to third parties, except where required by law or where necessary for the performance of a contract or the provision of a service.
The following data processors may have access to personal data, under data processing agreements entered into in accordance with Article 28 of the GDPR:

  • Web hosting and infrastructure services (e.g. [hosting provider name]).
  • Secure payment gateways, such as Stripe, PayPal or Redsys, as applicable.
  • Courier and logistics services for order delivery.
  • Email marketing or CRM platforms, such as Mailchimp, MailerLite or Holded, as applicable.
  • Analytical tools (e.g. Google Analytics), with anonymised data.

In all cases, confidentiality is guaranteed and strict compliance with applicable data protection regulations is ensured.

6. International Data Transfers

Where any service provider is located outside the European Economic Area (EEA), Mainbeste ensures that personal data is processed in accordance with the Standard Contractual Clauses approved by the European Commission or within countries subject to an adequacy decision, pursuant to Articles 45 and 46 of the GDPR.

7. Data Subject Rights

The user may exercise the following rights at any time:

  • Access to their personal data.
  • Rectification of inaccurate or incomplete data.
  • Erasure of data (“right to be forgotten”).
  • Objection to or restriction of processing.
  • Data portability to another data controller.

To exercise these rights, the user must submit a written request to info@mainbeste.com, specifying the right they wish to exercise and enclosing a copy of a valid identification document.

Where the user considers that their rights have been infringed, they may lodge a complaint with the Agencia Española de Protección de Datos (AEPD) via its official website.

8. Security Measures

Mainbeste has implemented the necessary technical and organisational measures to ensure the security and confidentiality of personal data, preventing loss, alteration, unauthorised access, or disclosure.
These measures include, among others, restricted access protocols, encrypted communications, and preventive monitoring systems.

9. Processing of Minors’ Data

Mainbeste does not direct its services to individuals under the age of sixteen (16).
Should the unintentional processing of personal data relating to a minor be detected, such data will be immediately deleted.

10. Profiling and Automated Decision-Making

Basic segmentation activities may be carried out (for example, based on customer category or purchase history) for the purpose of personalising offers and communications.
Under no circumstances will automated decisions producing legal effects or similarly significant effects on the user be adopted.

11. Cookies and Web Analytics

This website uses first-party and third-party cookies for technical, analytical, and advertising purposes.
Users may obtain full information regarding their use and configure their preferences in Mainbeste’s Cookies Policy.

12. Amendments to the Policy

Mainbeste reserves the right to amend this Privacy Policy in order to adapt it to regulatory, technical, or operational changes affecting the website.
Any material changes will be communicated through a visible notice on the website or by email, where appropriate.

13. Date of Last Update

This Privacy Policy was last updated on 21 November 2025.

Shopping Cart
Scroll to Top