Privacy policy

Last updated 7th of January 2024.


Moyagi Group AB, a company with the registration number 559199-5476 and registered address at Brunkebergstorg 3, 111 51, Stockholm, Sweden, (“Moyagi“, “we” or “us“) is the controller and responsible for the processing of your personal data, as described in this privacy notice (“Notice”).

We understand that your privacy is important to you, and we want you to feel that you can trust Moyagi when you share your personal information with us. This Notice is published with the aim of enabling you to understand the instances where Moyagi is responsible for the processing of your personal data, how we process your personal data, why we do so, and to inform you about your data protection rights. You have a right to information about how we process your personal data, therefore, we encourage you to read this Notice in full.

In any case, we are responsible for and committed to processing personal data in accordance with applicable data protection laws, such as the EU General Data Protection Regulation 2016/679 (“GDPR”) and applicable national data protection legislation. You can always get in touch with us using the contact details set out in section 10 below.


This Notice applies when we process personal data, that is any information (or combination of such information) that directly or indirectly can identify you as a unique person, as defined in the GDPR. Information that can directly identify you is, for example, your name or your email address. Information that can indirectly reveal your identity is, for example, an internal reference number such as your reservation number.

Please note that, in any case, we will not collect any categories of personal data that are considered special categories of personal data under the GDPR (e.g., information about your racial or ethnic origin or health, political opinions, religious or philosophical beliefs, trade union membership, etc) or about your criminal background. You may, however, disclose information about allergies or food preferences when you make a reservation, which may reveal information about a guest’s health. We will process this information to ensure that we respect such preferences or that we will not jeopardise the health of our guests.

This Notice applies to you in the following cases, if you are a:

  • Guest: When you make or wish to make a reservation to our restaurants and facilities.
  • Member: When you are a member of our membership club.
  • Visitor: When you visit or otherwise interact with us through our website: (“Website”).
  • Job applicant: When you apply for a job with us.

Most of the time, we collect your personal data directly from you, such as when you make a reservation through our Website. However, in some cases, you may disclose information about other guests, e.g. food preferences or disabilities. We strongly encourage you to be careful with any additional information you provide to us about yourself and other guests and that you only provide information that we actually need in the notes field. For example, if a specific guest has a specific allergy or needs specific assistance when visiting us, we don’t need to know the exact name of the guest but merely what we need to be aware of in relation to your reservation.

When it comes to corporate clients, we will also collect personal data from other sources, such as information that is publicly available, on your company’s website to contact you to discuss the opportunity of hosting your corporate event with us. In certain circumstances, personal data will be generated internally by our systems, such as internal reference numbers (e.g. reservation number).

When it comes to job applicants, we will collect the information that you choose to share with us in relation to your job application, such as your CV or personal letter. The further you proceed in the recruitment process, the more personal data will be collected/generated by us, such as interview notes or references from prior employers (after you have provided us with their contact details and have informed them that we will reach out for this purpose). In certain circumstances, personal data will be generated internally by our systems, such as internal reference numbers (e.g. application number). We strongly encourage you to be careful with any additional information that you provide to us about yourself and that you only provide information that we actually need for the recruitment purpose. For example, in your personal letter, we kindly ask you to not share any information that is considered a special category of personal data (see section 2) unless that is considered crucial in relation to the job tasks.


4.1 Guests, members and visitors

In the following table, you will find information about why and how we are processing your personal data when you are a Guest, Member, or Visitor:

4.2 Job applicants

In the following table, you will find information about why and how we are processing your personal data when you are a Job applicant:

4.3 General purposes


When you visit our Website, if you agree, we place Cookies on your device which will collect and share with us technical information, such as your IP address and the type of browser that you are using which constitute personal data (“Technical data”). We will further process this personal data collected through the cookies to improve the quality, functionality, and user experience of our Website. We base the processing on your prior consent and for as long as we have such consent. For more information about the types of cookies we use, the personal data categories processed, the purposes of processing and retention time, as well as how you can control cookies, please read our Cookie Policy.


We retain the personal data we collect from you where we have an ongoing legitimate business need to do so (e.g., to provide you with information you have requested or to exercise or defend legal claims) or to comply with applicable legal, tax requirements. Please see section 4 for information on the specific retention periods we apply for the purposes we have set out above.

When we have no ongoing legitimate business need or legal reason to process your personal data, we will either delete or anonymise it.


We disclose the personal data described above to the following categories of recipients:

  • Courts and similar judicial entities and/or law enforcement authorities if we are required to do so by law.
  • Service providers upon which we rely for our core operational activities.
  • If there is a change of ownership of our business, we will share personal data with the new owners so that they can continue to operate our business, provided that the new owners will only process personal data as we have set out in this Notice.

In certain cases, the processing of your personal data either directly by us or through our service providers, entails a transfer of your personal data outside the EU/EE. In such cases, we ensure that adequate safeguards are in place to require that your personal data will remain protected in accordance with this Notice and applicable data protection laws. We do this through one of the following measures:

  • By transferring the personal data to a country that is on the European Commission’s list of countries with an adequate level of protection, or;
  • By implementing a transfer mechanism such as the controller-to-controller or controller-to-processor standard contractual clauses that have been approved by the European Commission (as applicable from time to time) for the transfer of personal data to third countries.

If a standard contract is deemed ineffective due to the national law of the country of destination, we will take additional technical, organisational, or contractual measures to ensure an adequate level of protection when transferring personal data to countries covered by paragraph (ii) above.


According to the GDPR, you have various data protection rights that you can exercise, including the right to be informed in accordance with this Notice. Once we receive a request from you, we will respond as soon as possible, and in any case, within the deadline stipulated in applicable legislation. Kindly note that before taking any action, we will ask you to verify your identity.

The table below provides a summary of these rights including information on possible conditions and limitations on how each right can be exercised and executed.





Right to access
You have the right to access and receive a copy of your personal data that we process, as well as other supplementary information at any given time.
Your request may not affect the rights and freedoms of other individuals, such as their privacy and confidentiality rights.
Right to rectification
You can challenge the accuracy of your personal data at any given time, e.g. if you misspelled your name or email address when you make a reservation or send a job application, or request the completeness of your personal data.
If appropriate, we may ask you to provide a supplementary statement, depending on the purpose of processing.
Right to erasure
In certain cases, you are entitled to have your personal data erased (also known as the “right to be forgotten”), such as in cases where the personal data is no longer needed for the purpose for which it was collected, or if we no longer have a legal basis to continue processing it.
Kindly note that this right is not absolute and there are various lawful reasons why we may not be able to erase your personal data, for example: (i) where we have to comply with a legal obligation, (ii) where there is another lawful purpose for processing your personal data at hand.
Right to objection
You have the right to object to the processing of your personal data at any time. This means that we will stop or be prevented from processing further your personal data. You have the absolute right to object to receiving further marketing material or communications from us.
This right is only applicable where the processing is based on our legitimate interest which does not override your rights and freedoms. For more information see section 4.
Right to restriction
By exercising this right, you limit the way we will process your personal data for a certain period of time. This right is an alternative to requesting the erasure, in case you don’t want the deletion of your personal data.
A request to exercise this right is made in writing to [email protected]. If possible, please specify for how long you would like to restrict the processing, to ensure that our actions meet your expectations.
You have the right to request you restrict the processing of their personal data in certain circumstances, such as: (a) If you have contested the accuracy of your personal data. (b) If you consider that your personal data has been unlawfully processed and you oppose to erasure of your personal data. (c) When we no longer need the personal data, but you need to keep it in order to establish, exercise or defend a legal claim.
Right to withdraw your consent
You have the right to withdraw your consent to any processing for which you have previously given consent at any given time.
A request to exercise this right is made in writing to [email protected]. For the purpose of sending you marketing material, you can withdraw your consent by clicking the “unsubscribe button at the end of each email communication we send over.
If you withdraw your consent, such withdrawal will only take effect in regard to future processing.
Right to data portability
You have the right to request that we send your personal data to another controller in a n a structured, commonly used and machine-readable format.
A request to exercise this right is made in writing to [email protected]. If possible, please specify the type of information you would like to share and the recipient to ensure that our disclosure meets your expectations.
Such sharing is possible when the processing is based on your consent or a contract in place between us.

If you have any comments or complaints regarding our processing of your personal data, please contact us directly by using the contact information in section  10.

You also have the right to contact and lodge a complaint with the Swedish Authority for Data Protection Authority (“IMY”), which is the supervisory authority for the processing of personal data. IMY can be reached at:

Box 8114, 104 20 Stockholm
Email: [email protected]
Phone number: 08-657 61 00
IMY’s website: 

Kindly note that IMY requires that you exhaust our internal complaint process before looking into your complaint.


If we make changes to this Notice, we will notify you on our Website. You can see when this Notice was last updated by checking the “last updated” date displayed at the top of this Notice. Significant changes to how we collect or process your personal data will be notified to you via email.


Our contact information is:

Name: Moyagi Group AB (registration number 559199-5476)
Address: Brunkebergstorg 3, 111 51, Stockholm, Sweden
Email address: [email protected]