1. USER INFORMATION
Mamacafé Restaurant S.L., as the Data Controller, informs you that, in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (RGPD) and the L.O. 3/2018, of 5 December, on data protection and guarantee of digital rights (LOPDGDD), we will treat your data as reflected in this Privacy Policy.
In this privacy policy we describe how we collect your personal data and why we collect it, what we do with it, how we protect it and your options regarding the processing of your personal data.
OBTAINING PERSONAL DATA
You do not have to provide any personal data to browse mamacaferestaurant.com. The cases in which you do provide your personal data are as follows:
When contacting through the contact / reservation forms or send an email.
This Policy applies to the processing of your personal data collected by the company for the provision of its services. If you accept the measures in this Policy, you agree that we will treat your personal data as defined in this Policy.
2.Contact
Holder: Mamacafe Restaurant S.l.
Trading name: Mamacafe Restaurant
CIF: B63921159
Address: Calle Doctor dou, 10 – 2, Barcelona, 08001, Barcelona
e-mail: info@mamacaferestaurant.com
3. KEY PRINCIPLES
We have always been committed to providing our services with the highest degree of quality, which includes treating your data securely and transparently. Our principles are:
Legality: We will only collect your Personal Data for specific, explicit and legitimate purposes.
Data minimization: We limit the collection of personal data to what is strictly relevant and necessary for the purposes for which it was collected.
Purpose Limitation: We will only collect your personal data for the stated purposes and only according to your wishes.
Accuracy: We will keep your personal data accurate and up to date.
Data Security: We apply appropriate and proportionate technical and organizational measures to the risks to ensure that your data is not damaged, such as unauthorized disclosure or access, accidental or unlawful destruction or accidental loss or alteration and any other form of illicit treatment.
Retention: We retain your personal data legally and appropriately and only for as long as is necessary for the purposes for which they were collected. At the same time that the purposes for which they were collected end they will be suppressed
4. COLLECTION AND PROCESSING OF YOUR PERSONAL DATA
The types of data that can be requested and processed are:
Identifying data.
We also automatically collect data about your visit to our website as described in the cookie policy.
Whenever we request your personal data, we will inform you clearly of what personal data we collect and for what purpose. The personal data and the purpose of the processing by the Holder is different depending on the information capture system:
Booking Forms: The Owner requests personal data which may include: Name and surname, email address, telephone number and address of your website in order to respond to your booking request.
Contact forms: The Owner requests personal data, which may include: Name and surname, e-mail address, telephone number and address of your website in order to respond to your queries.
For example, the Owner uses this data to respond to your messages, doubts, complaints, comments or concerns you may have regarding the information included on the website, the processing of your personal data, questions regarding the legal texts included. on the website, as well as any other queries you may have and which are not subject to the conditions of the website or the contract.
Retention periods of personal data
Personal data will only be retained for the minimum time necessary for the purposes of its treatment and, in any case, only during the following period: Until the end of the reservation or resolution of the query, or until the User requests its deletion.
Personal data of minors
Respecting the provisions of articles 8 of the RGPD and 7 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, only those over 14 years of age may grant their consent for the treatment of your personal data in a lawful way by mamacafe restaurant. If it is a minor under 14 years of age, the consent of the parents or guardians will be necessary for the treatment, and this will only be considered lawful to the extent that they have authorized it.
RECIPIENTS
Your personal data will not be transferred to third parties or provided access to any additional service providers, but to provide the services strictly necessary, I use three service providers, in their own privacy terms:
WordPress.org: WordPress is a content management system launched on May 27, 2003, focused on creating any type of website. You can check its privacy policy at https://wordpress.org/about/privacy/
IONOS: Accommodation Service 1 and 1 IONOS Spain S.L.U. with registered office at Avinguda de la Vega, 1 Veganova Building 3 Floor 5 Puerta C d’Alcobendas, CP 28108, Madrid. Cif: B85049435, you can consult its privacy policy at https://www.ionos.es/terms-gtc/terms-privacy/
Gmail: is an email service provided by the American company Google LLC. You can view their privacy policy at https://policies.google.com/privacy?hl=en#infocollect
Secrecy and security of personal data
mamacafe restaurant undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, so as to guarantee the security of personal data and avoid accidental destruction, loss or alteration or illicit personal data transmitted, stored or otherwise processed, or unauthorized communication or access to such data.
The Website has an SSL (Secure Socket Layer) certificate, which ensures that personal data is transmitted safely and confidentially, as the data is transmitted between the server and the User, and in feedback, fully encrypted or encrypted. .
However, because mamacafe restaurant cannot guarantee the unenforceability of the internet or the total absence of hackers or others who fraudulently access personal data, the Responsible for the treatment undertakes to notify the User without undue delay when a violation occurs security of personal data that is likely to pose a high risk to the rights and freedoms of natural persons. Following the provisions of article 4 of the RGPD, a violation of the security of personal data is understood to be any violation of security that causes the destruction, loss or accidental or illegal alteration of personal data transmitted, stored or otherwise processed, or unauthorized communication or access to said data.
Personal data will be treated as confidential by the Responsible for the treatment, who undertakes to inform about and guarantee through a legal or contractual obligation that said confidentiality is respected by its employees, associates, and any person to whom the information.
Thus, the User may exercise their rights by written communication addressed to the Data Controller with the reference “RGPD-https: //mamacaferestaurant.com”, specifying:
·Name, surname of the User and copy of the DNI. In the cases in which representation is admitted, it will also be necessary to identify the person representing the User by the same means, as well as the document proving the representation. The photocopy of the DNI may be replaced by any other legally valid means that proves identity.
·Request with the specific reasons for the request or information to which you want to access.
·Address for notification purposes.
·Date and signature of the applicant.
·Any document that proves the request you make.
This request and any other attached document may be sent to the following address and / or email:
Postal address: Calle Doctor dou, 10 – 2, Barcelona, 08001, Barcelona
Email: info@mamacaferestaurant.com
5. LEGITIMACY
In accordance with applicable data protection regulations, your personal data may be processed provided that:
He has given us his consent for the purpose of treatment. Of course you can withdraw your consent at any time.
· By legal requirement.
· To exist a legitimate interest that is not impaired by your privacy rights, such as sending business information either by subscribing to our newsletter or by your status as a customer.
· For it is necessary for the provision of any of our services through a contractual relationship between you and us.
6. YOUR RIGHTS
In relation to the collection and processing of your personal data, you can contact us at any time to:
· Access to your personal data and any other information indicated in Article 15.1 of the RGPD.
· Correct your personal data that is inaccurate or incomplete in accordance with Article 16 of the RGPD.
· Delete your personal data in accordance with Article 17 of the RGPD.
· Limit the processing of your personal data in accordance with Article 18 of the RGPD.
· Oppose the processing of your personal data in accordance with article 21 of the RGPD.
The exercise of these rights is personal and therefore must be exercised directly by the interested party, requesting it directly from the holder, which means that any customer who has provided their data at any time may address -to the Owner and request information on the data he has stored and how he has obtained them, request the rectification of the same, oppose the treatment, limit its use or request the cancellation of this data in the Holder’s files.
To exercise your rights of access, rectification, cancellation, portability and opposition you must send an email to info@mamacaferestaurant.com along with valid proof in law as a photocopy of the D.N.I. or equivalent.
ACCURACY AND TRUTHFULNESS OF PERSONAL DATA
You agree that the data provided to the Owner will be correct, complete, accurate and current, as well as to keep them properly updated.
As a User of the website, you are solely responsible for the veracity and correctness of the data you send to the site, exonerating the Owner of any responsibility in this regard.
Claims at the supervisory authority
In the event that the User considers that there is a problem or violation of current regulations in the way in which their personal data is being processed, they will have the right to effective judicial protection and to file a claim with a control authority, in particular, in the State in which you have your habitual residence, place of work or place of the alleged offense. In the case of Spain, the control authority is the Spanish Agency for Data Protection (http://www.agpd.es).
7. LEGAL INFORMATION
The requirements of this Policy complement, and do not replace, any other existing requirements under applicable data protection law, which will prevail in any case.
This policy is subject to periodic reviews and the company may change it at any time. When this happens, we will notify you of any changes and ask you to re-read the latest version of our Policy and confirm your acceptance.