The General Data Protection Regulation (GDPR) Regulation (EU) 2016/679 of April 27, 2016 (GDPR), the Organic Law (ES) 15/1999 of December 13 (LOPD) and the Royal Decree (ES) ) 1720/2007 of December 21 (RDLOPD).
Kriti Restaurant is the property of Anuradha Jatia. It is domiciled in Passatge Sert 6, Barcelona, 08003 with NIF nº Y3142538Q and email address firstname.lastname@example.org expressly guarantees that the data you provide us is kept with absolute confidentiality and in accordance with the provisions of current data protection regulations.
Treatment of your personal data
We inform you that the data collected on the website www.kritiveg.es during the user registration process or by completing forms, requests for information or subscriptions to newsletters will be included in a file for automated processing and will be used in the form and with the limitations and rights granted by the Organic Law 15/1999, of December 13, Protection of Personal Data (LOPD), in particular: Send information about the editorial news of Kriti Restaurant, respond to the information requested, invite events organised or participate Kriti Restaurant, inform promotions and/or discounts.
Time of conservation: the personal data and those obtained by navigation and consumption habits will be conserved while the interested party does not annul the express consent. The legitimacy for the data processing is the relationship maintained with the interested party as well as the express consent for the sending of commercial communications.
Kriti Restaurant is responsible for the custody of the data obtained in its records. Safe custody using all means at our disposal and its correct use by third-party companies to which they are transferred in order to perform the delivery of goods purchased through the platform www.kritiveg.es.
2. Personal data:
All the data that is registered offered by the users, will be treated confidentially by Kriti Restaurant observing and complying with the current provisions on data protection LO 15/1999 of December 13 as a basis and in a manner transparent as indicated in the new GDPR General Data Protection Regulation that came into force in May 2016 and of mandatory application as of May 2018.
Personal data: any information concerning identified or identifiable individuals. File: any organised set of personal data, whatever the form or modality of its creation, storage, organisation and access.
Data processing: operations and technical procedures of an automated or non-automated nature that allow the collection, recording, conservation, processing, modification, blocking and cancellation, as well as the transfer of data resulting from communications, consultations, interconnections and transfers.
Responsible for the file or treatment: natural or legal person, or public or private nature, or administrative body, that decides on the purpose, content and use of the treatment.
Affected or interested: the individual natural owner of the data that is subject to the treatment referred to in section c) of this article.
Dissociation procedure: all processing of personal data so that the information obtained cannot be associated with an identified or identifiable person.
Responsible for processing: the natural or legal person, public authority, service or any other body that, alone or jointly with others, processes personal data on behalf of the controller.
Consent of the interested party: any expression of will, free, unequivocal, specific and informed, through which the interested party consents to the processing of personal data concerning him.
Assignment or communication of data: any disclosure of data made to a person other than the interested party.
Sources accessible to the public: those files whose consultation can be carried out, by any person, not prevented by a limiting norm or without more demand than, in its case, the payment of consideration.
They are considered as sources of public access, exclusively, the promotional census, the telephone directories in the terms provided by their specific regulations and the lists of persons belonging to groups of professionals that only contain the data of name, title, profession, activity, academic degree, address and indication of their belonging to the group. Likewise, the newspapers and official bulletins and the media have the character of public access sources. Personal data can only be collected for processing, as well as subject to said, when appropriate, relevant and not excessive in relation to the scope and the specific, explicit and legitimate purposes for which they were obtained. The personal data object of treatment cannot be used for purposes incompatible with those for which the data had been collected. The subsequent treatment of these for historical, statistical or scientific purposes will not be considered incompatible. The personal data will be accurate and updated so that they respond truthfully to the current situation of the affected. If the registered personal data prove to be inaccurate, in whole or in part, or incomplete, they will be cancelled and replaced ex officio by the corresponding rectified or completed data, without prejudice to the powers granted to those affected by article 16. Personal data will be cancelled when they are no longer necessary or relevant for the purpose for which they were collected or registered. They shall not be conserved in a way that allows the identification of the interested party for a period longer than necessary for the purposes on which they were collected or registered. The procedure by which, exceptionally, the historical, statistical or scientists in accordance with the specific legislation, it is decided to maintain full data. The personal data will be stored in a way that allows the exercise of the right of access unless they are legally cancelled. The collection of data by fraudulent, unfair or illicit means is prohibited. All the collected data are duly used in the aspects included in the current GDPR law. At no time will be delivered to third parties for dissemination or improper use and custody of them will be kept.
Transactional data in no case will be recorded or in an internal repository being its use and security responsibility of the user-client in terms of management of security must be managed with your bank or payment platforms contracted for that purpose. Your data will be incorporated into a file under the responsibility of Kriti Restaurant, with the aim of managing the processing and execution of your order. Having previously granted your express consent,
We will use your email address to send commercial communications. You can unsubscribe from them at any time by sending a message to our contact address email@example.com.
3. Right of access, rectification, cancellation and opposition:
Having previously granted your express consent as established in the GDPR, we will use your email address to send commercial communications. You can unsubscribe from them at any time, by sending a message to our contact address described here or by clicking on the link provided for it in the e-mail with this commercial communication. Unless you expressly consent to the continuation of the use of your personal data, these will be blocked once the order has been executed and the purchase price has been paid in full. Your personal data will be deleted after the legally established period for the fulfilment of our mercantile and fiscal obligations, as long as you have not expressly authorised the continuation of its use.
4. Recipients of personal data:
Your personal data will be communicated to the transport agency responsible for sending the goods. Likewise, your data will be transferred, where appropriate, to the credit institution that provides payment services within the framework of payment management.
5. Rights of access, rectification, cancellation and opposition:
The user has the right to access to register their data, especially its rectification or cancellation of the guardianship and opposition. To this end, any modification must be requested in writing and signed by the user or by the person representing it at the address: Kriti Restaurant, Passatge de Sert 6, 08003, Barcelona or well by email to firstname.lastname@example.org.
6. Credit card data:
Kriti Restaurant never receives the data from your credit card, they are sent directly to the corresponding system of the bank, who processes the income and notifies us of the operation.
Kriti Restaurant takes all the necessary measures to protect the confidentiality of your personal information. Only authorised personnel have access to the databases that store user information or the servers that host our service.
Kriti Restaurant reserves the right to modify its confidentiality policy due to a legislative change, jurisprudence or in accordance with your criteria or business practice. For any questions or clarifications regarding our confidentiality policy, you can contact us at email@example.com.