At El Corte Inglés Group Companies, we are committed to safeguarding your personal information and protecting it from misuse.

This document identifies the Data Controller, what your personal information will be used for, the legal grounds for processing data, how and why we collect it, how we use it, your rights in this regard and also the processes put in place to ensure your privacy.

We assume that by providing us with your personal information and using our websites, you have read and understood the terms and conditions set out relating to personal data protection. El Corte Inglés Group Companies undertake to comply with prevailing Spanish and European law regarding data protection. As such, they endeavour to process your data lawfully, honestly and with transparency.

Scope of Application

This document is valid for all companies in the El Corte Inglés Group.

Considerations to bear in mind

What is a Data Controller?

A Data Controllers is defined in the General Data Protection Regulation as follows:

“Data controller” or “controller”

The individual or legal person, public authority, service or other body which, acting alone or in conjunction with others, specifies the purposes of processing and means by which this is performed.

All El Corte Inglés group companies are, to some extent, data controllers of their customers' personal information.

If you have any enquiry, comment or concern, or would like to make a suggestion about how we use personal information, you can email the El Corte Inglés Group Data Protection Officer at

Information on the El Corte Inglés Group companies

Innovation is one of the hallmarks of all companies comprising the El Corte Inglés Group. We are constantly adding new products in areas as diverse as fashion and accessories, decoration and household, technology, food and catering and culture.

Business name El Corte Inglés

  • Corporate address: Calle Hermosilla, 112. 28009 - Madrid.
  • Email:
  • Telephone: +34 91 401 85 00
  • Tax ID A-28017895
  • Madrid Commercial Register: Volume 519, Folio 1, Section 8, Page M-9,880, Entry 197;
  • Website:

Company name: Seguros El Corte Inglés, Vida, Pensiones y Reaseguros, S.A.U.

Company name: Centro de Seguros y Servicios. Correduría de Seguros, S.A.U, Grupo de Seguros El Corte Inglés

Company name: Sfera Joven, S.A

  • Corporate address: Hermosilla, 112. 28009 Madrid.
  • Email:
  • Telephone: + 34 901 122 122
  • Tax ID A - 83036137
  • Madrid Commercial Register: Volume 16,668. Folio 40, Section 8, Page-284,400, Entry 1.
  • Website:

Company name: Supercor, S.A.

  • Corporate address: Hermosilla, 112. 28009 Madrid.
  • Email:
  • Telephone: + 34 901 122 122
  • Tax ID A - 78476397
  • Madrid Commercial Register: Volume 3,099, Folio 189, Section 8, Page M-52,978, Entry 3;
  • Website:

Company name Viajes El Corte Inglés, S.A.


The main purpose for collecting your personal information is to provide an improved service, which is what you as a customer expect of us.

We collect your personal information so that we can process your purchases, orders or requests, whether it be in one of our shopping centres, warehouses, agencies, supermarkets, or via our websites or applications, by telephone or by completing a form.

Below, we've included the main purposes for collecting data at El Corte Inglés Group companies:

  • Compliance with legal obligations, including but not limited to Law 10/2010 on the Prevention of Money Laundering.
  • To manage the purchase of products or services sold by one of the El Corte Inglés Group Companies, including distance selling and handling of shipments and returns.
  • To create and manage a personal account with a single record allowing it to be used to purchase products and services available on any El Corte Inglés Group company's website.
  • To hold customer requests for information, suggestions and complaints in one place so that they are easier to process and resolve.
  • To manage events lists (weddings, communions, birthdays, etc.).
  • To manage bookings and ticket sales to events distributed by El Corte Inglés.
  • Service improvement surveys.
  • Market research and commercial research, reports on consumption habits, statistical data and market trends for providing products and services that might be appealing to customers.
  • To create profiles and perform analyses on our customers' behaviour when using our websites or applications, but only if you give your consent.
  • To provide you with regular updates regarding our latest products, offers, opportunities, etc. The channels we use most frequently are: email, regular post, telephone, SMS, and Push messaging, but only if you have given your consent.
  • Image capturing of persons and vehicles for security reasons and to assist with planning for emergencies and evacuating buildings.
  • To manage VAT refunds on purchases by tourists who are non-EU residents.
  • Staff recruitment.


We collect information about you through different means. In some cases, you will contact us to share personal information; in other cases, we collect your personal data using other means. Below, we've outlined the different methods we use for collecting your personal information, along with a few examples of how the information is used.


We collect personal information that you provide us through one of the El Corte Inglés Group websites, email, mobile phone, when you purchase a service, when you fill out a form and others. In any case, when we collect your information, we will inform you of the Data Controller, the purpose for collection, the recipients, as well as how to exercise your rights granted by prevailing law on data protection.

For instance, it is likely that you provide us with information when you contact our customer service, place an order, register with our websites, update your preferences and account details, fill out a questionnaire, or take part in a competition, etc.

Generally, the personal information you provide us with is: first name and surname(s), address, ID, date of birth, email address, contact telephone number and payment details. In isolated cases, depending on how we anticipate using your data and to what end, data may be collected about you as a person, your education and career, employment details, commercial information, social circumstances, finances and insurance, and transfers of goods and services.

If you have never requested that we send you commercial correspondence, you can sign up for the various newsletters we provide or you can email us at


We collect and store limited personal information and anonymous overall statistics for all users visiting our websites, either because you have actively provided us with that information or because you are merely browsing our websites. The information we collect includes the IP address of the device you are using, the browser used, your operating system, the date and time our website was accessed, the web address via which you accessed our websites, as well as information about how you use our websites.

We use this information to give us an idea of how long it takes our websites to load, how the websites are used, the number of hits on the different sections and the type of information that draws most hits. It also helps to ascertain whether the website is working as it should. If we detect functional faults or errors, if helps us to fix them and improve our websites' performance, so that we can offer a better service for all users.

This information is collected using cookies. For further details, please refer to the cookies policy available on each El Corte Inglés Group Company website.


The use of social networks is becoming increasingly widespread. As a result, the El Corte Inglés Group has a presence on most of them and may use them to contact you.

The information we collect via social networks sometimes includes personal information that is publicly available online. We always ensure that all information used by us correctly acknowledges its source or is made anonymous.

It is likely that these social networks have their own privacy policies explaining how your personal information is used and shared. We recommend you carefully read the privacy policies before using social networks so that you can be certain you agree with how your personal information is collected and shared.


The El Corte Inglés Group APPs have a geolocation feature for pinpointing your whereabouts to show you the nearest establishment. Enabling the geolocation feature on your mobile device means you can make the most of the applications' full range of functionalities. If it is not enabled, we will remind you to turn on geolocation by sending you a message requesting permission beforehand.

This geolocation service will not be used to inform third parties of your location, except where this is a legal requirement.

Most mobile devices offer users the option of disabling location services. This option is likely to be found in the settings menu of your device. If you have any questions regarding how to disable your device's location services, we recommend that you contact your mobile service provider or the manufacturer of your device.

If you wish to disable location services on an Android device, go to Location services in your mobile phone's Settings menu. Most Android devices allow location services to be disabled for the entire mobile phone, such as GPS services and other companies' location services. Generally, location services will not be enabled unless you check the box to enable them.

If you wish to disable location services on your iPhone, you can do this for all models from the Settings menu by selecting Location Services. In order to disable location services for the whole device, slide the bar until the Off option appears. In order to disable location services for a certain application, slide the bar next to each application until the Off option appears.


There are a number of reasons why we are legally entitled to process your personal details:

  • In order to fulfil a contract and/or commercial relationship
  • In order to comply with the various legal obligations.
  • For legitimate interest, including security, fraud prevention, improving services and products through market research or in order to handle requests, enquiries or any complaints.
  • For sending customised offers by El Corte Inglés Group, having first obtained your consent.


If you have given us your consent, the information that you provide us will be communicated to companies comprising the El Corte Inglés Group, which will process them for the purposes described above. Not all the purposes described above involve the transfer of data, especially considering that the data are collected directly by each of the Group companies.

There are cases where we have to disclose the data you have provided us to third parties in order to carry out the requested service. These include travel and hotel bookings, logistics, transport and delivery companies, installation and/or assembly companies, home refurbishments, etc.

In addition, there are companies that provide us with other kinds of services, such as information technology (information storage and processing), security services, financial services, audit services, etc.

These third parties may only access personal information required for providing said services. They are required to keep your personal information confidential and may not use it in any way other than as requested by us.

El Corte Inglés Group companies accept liability at all times for personal information provided to us. We request that companies with which we share your personal information protect it to the same extent as we do.

In addition, your personal information will be accessible by Public authorities, Judges and Courts for addressing any liabilities arising as a result of processing your personal data.


The personal information we collect is held in Spain. Nevertheless, it is possible that some Group companies operate in other countries, in which case your personal information would be held in that company's country of operation.

In some cases, US-based cloud computing services are contracted, which involves data being transferred internationally. In such cases, the appropriate guarantees will be made to protect your information. You can obtain additional information on these guarantees by writing to


Where we provide links to websites not operated or monitored by El Corte Inglés Group companies, you will be notified without delay, since the El Corte Inglés Group exercises no control over said websites, nor is it responsible for their content, and it exercises no control over how third parties collect and use your personal information. It is likewise not responsible for third-party websites and makes no claim in this respect.

It is likely that these websites have their own privacy policies explaining how your personal information is used and shared. We recommend you carefully read the privacy policies before using these websites so that you can be certain you agree with how your personal information is collected and shared. 


We only store your personal information for as long as is necessary to use it in accordance with the purpose for which it was collected, and in compliance with the legal basis for processing as per applicable law. We will hold your personal information for as long as there is a contractual and/or commercial relationship with you, or until such time as you exercise your right to erasure and/or limitation of the processing of your data.

In such cases, we will duly block the information as instructed, and we will not use it. However, it may be necessary for making or disputing claims, or its processing may result in legal or contractual liability issues to be addressed. In these instances, the data would have to be recovered.


Data protection regulations allow you to exercise your rights, before the data controller, of access, rectification, objection, erasure, limitation of processing, portability and of not being subject to individual decision-making.

These rights are characterised as follows:

  • They are exercised free-of-charge
  • If the requests are manifestly unfounded or excessive (for example, they are of a repetitive nature) the data controller may:
    • Charge a fee proportional to the administrative costs incurred.
    • Refuse to act.
  • Requests must be answered within one month, although, if the complexity and number of requests are significant, the term can be extended for an additional two months.
  • The data controller must notify you of the means by which you can exercise these rights. These channels must be accessible; additionally, this right cannot be denied for the sole reason of selecting another means.
  • If the request is submitted electronically, the information will be provided by these means whenever possible, unless the data subject requests otherwise.
  • If the data controller does not process the request, it will notify you within one month of the reasons for its non-action and of the option of filing a claim before a Supervisory Authority.
  • You may exercise your rights directly or through legal representation.
  • It is possible that the data processor will respond to your request on behalf of the data controller, if the two parties have so established in the contract or legal document governing their relationship.

Right of access

The right of access grants you the ability to contact the data controller to learn whether or not your personal data are being processed.

Download the right of access form here

Right to rectification

The right to rectification grants you the ability have any inaccurate personal data rectified by the data controller without undue delay.

Taking into account the purposes of the processing, you have the right to have any incomplete personal data completed, including through an additional declaration.

In your request, you must indicate the data in question and the correction that needs to be made. In addition, when necessary, you must include supporting documentation that demonstrates the inexact data or the incomplete nature of your data.

Download the right to rectification form here

Right to object

As its name indicates, the right to object implies that you can oppose the data controller's processing of your personal data in the following cases:

  • When they are subject to processing based on a task in the public interest or legitimate interest, including profiling.
  • When the processing is used for direct marketing, including the preparation of profiles mentioned above.

Download the right to object form here

Right to erasure

The right to erasure can be exercised before the data controller by requesting erasure of your personal under the following circumstances:

  • When your personal data are no longer necessary for the reasons they were collected or otherwise processed.
  • The processing of your personal data was based on the consent you gave to the data controller, which you later withdraw, unless said processing is based on another reason that legitimises it.
  • The processing by the data controller was based on the legitimate interest of or in compliance with a task of public interest, and no other reasons to legitimise the processing of your data exist.
  • Your personal data are subject to direct marketing, including the creation of profiles related to the aforementioned marketing.
  • Your personal data have been processed illegally.

Nevertheless, this right is not unlimited, as it may be feasible not to proceed with erasure whenever processing is necessary for exercising freedom of expression and information; for complying with a legal obligation; for complying with a task carried out in public interest or in the exercise of public powers conferred on the data controller; for reasons of public interest, in the field of public health, for purposes of public archive, for scientific, historical research or statistical purposes; or for the formulation, exercise or defence of claims.

The data controller will be obliged to block the data when rectification or erasure is carried out.

Data blocking consists of the identification and safeguarding of data, adopting technical and organisational measures to prevent their processing, including their display, except when producing the data for judges and courts, the Public Prosecutor or the Competent Public Administrations, especially the data protection authorities, should any claims arise from the processing and only for the corresponding term.

Once this term has elapsed, the data must be destroyed.

Download the right to erasure form here

Right to limit processing

This new right involves securing the limitation of processing of your data by the data controller; although its exercise contains two aspects:

You may request the suspension of processing of your data:

  • When you challenge the accuracy of your personal data, for the period it takes the data controller to verify the data.
  • When you object to the processing of your personal data by the data controller on the basis of legitimate interest or a task of public interest, while it verifies whether these reasons prevail over yours.

Requesting the conservation of your data.

  • When the processing is unlawful, yet you oppose the erasure of your data and request the limitation of its use instead.
  • Whenever the data controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the formulation, exercise or defence of claims.

Download the right to limit processing form here

Right to portability

The purpose of this new right is to further strengthen your control over your personal data, so that when processing is carried out using automated methods, you receive your personal data in a structured, commonly-used, machine-readable and interoperable format, so that you can transmit them to another data controller for processing, provided that the processing is legitimised on the basis of consent or as part of the execution of a contract.

However, this right, by its very nature, cannot be applied when the processing is necessary for complying with a task of public interest or in the exercise of public powers conferred on the data controller.

Download the right to portability form here


To exercise your rights, El Corte Inglés and its Group companies provide you with the following means:

  • By sending a signed, written request addressed to El Corte Inglés, calle Hermosilla 112, 28009-Madrid, Ref. LOPD, which must be accompanied by a photocopy of the ID proving the identity of the person making the request.
  • By emailing a completed, signed form, including a photocopy and/or scanned copy of the ID proving the identity of the person making the request to
  • By calling Customer Service at 901 122 122.
  • By visiting Customer Service in any El Corte Inglés shopping centre that includes this department.

You may file a claim with the Spanish Data Protection Agency (AEPD), particularly if you are dissatisfied with how your request to exercise your rights has been handled. For more information, visit the website


We are committed to protecting your personal information. We use appropriate technical and organisational measures for protecting your personal information and privacy. We review said measures regularly. We protect your personal information using a combination of security checks. These are both physical and IT- or logic-based and include access checks restricting and managing how your personal information and data are processed, managed and handled. We also make sure that our employees are properly trained to protect your personal information. In accordance with our procedures, we may request proof of identity from you before sharing your personal information with you.

Pursuant to our security and confidentiality guarantee, we are particularly intent on offering you the highest possible level of security and protecting the confidentiality of personal information you have provided us with. As a result, commercial transactions are carried out in a secure server environment using SSL (Secure Socket Layer) protocol.

If you are having trouble accessing any part of our website, it could be due to the model or version of your browser or its configuration. If you need help finding a solution or if you have any questions about how our purchasing system works, call us on 902 22 44 11. We will be more than happy to help.

The Internet is a means of communication that enables commercial transactions to be made online. In this regard, one of the main concerns of Internet users is the online security of their data.

An E-commerce transaction is understood as the entire process of reaching a commercial agreement, including contact between the two parties: customer and company. Aspects that all commercial transactions must share are:

  • Authentication that guarantees the legal or physical personality with whom we are communicating.
  • Integrity, in other words, that alterations cannot be made to the content of the communication between the two parties.
  • Confidentiality, or guaranteeing that no unauthorised person may be privy to the content of the communication.

We are especially concerned with security and ensuring the confidentiality of the data provided by you. This has led to us becoming both founding members of @ECE (the Spanish E-Commerce Association) and signatories of Confianza Online, a system for settling possible disputes between consumers and companies in the context of E-Commerce and Interactive Advertising. This is backed by a large number of business associations, the National Institute of Consumer Affairs (INC), the Spanish Data Protection Agency (AEPD) and the Ministry of Science and Technology.


El Corte Inglés Group websites, applications and products are not usually intended for minors. However, there are occasions when we run a campaign, such as the launch of consoles or video games, which may appeal to minors. Nevertheless, we do not intentionally collect any personal information on minors without the authorisation of their parent(s) or guardian(s).

If you are a minor, please do not attempt to register as a user of our website, applications or products. If it comes to our attention that we have mistakenly obtained personal information from a minor, we will delete said information as soon as possible.


These are some of the precautionary measures that we recommend our customers take:

  • Do not give anyone your user id or password.
  • Do not make note of these in readily accessible places, such as a computer, diary, etc.
  • Always use our SSL security system.
  • Always close the browser session after having accessed a secure area or after entering your user id or password into the system.
  • Amendments to this data protection information

We will review and update data protection information when changes are made to the law or to any procedures for processing your personal information.

This data protection information was last revised and updated in October 2019.

Do you need help?

Contact us if you have a problem, question or suggestion.

View orders

You can consult your orders without logging into an account - You just need your order number and the email address you used.

© 1940-2020, El Corte Inglés S.A. All rights reserved.