Privacy Policy

 

I. PRIVACY POLICY AND DATA PROTECTION

In accordance with the current legislation, Petit Pot Brunch (hereinafter, the Website) commits to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected.

Laws included in this privacy policy

This privacy policy is adapted to the Spanish and European regulations regarding the protection of personal data on the internet. Specifically, it complies with the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018, of 5 December, on Personal Data Protection and the guarantee of digital rights (LOPD-GDD).
  • Royal Decree 1720/2007, of 21 December, which approves the Regulation for the development of Organic Law 15/1999, of 13 December, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002, of 11 July, on Services of the Information Society and Electronic Commerce (LSSI-CE).

Identity of the personal data controller

The responsible party for the processing of personal data collected on Petit Pot Brunch is: Petit Pot S.l., with tax ID: B10514925, and registered with the following details, whose representative is Petit Pot Brunch.

Address: Carrer del Bruc, 84, L’Eixample, 08009 Barcelona, Spain

Contact phone: 650519778

Contact email: cafe.petitpot@gmail.com

Registration of Personal Data

In compliance with the provisions of the GDPR and LOPD-GDD, personal data collected by Petit Pot Brunch through forms on its page will be incorporated into a database and processed in order to facilitate, expedite, and fulfill the commitments established with the User.

Principles applied to personal data processing

The processing of the User’s personal data will be subject to the following principles:

  • Lawfulness, fairness, and transparency: The User’s consent will always be required with prior information about the purposes.
  • Purpose limitation: Personal data will be collected for specific, explicit, and legitimate purposes.
  • Data minimization: Only the data strictly necessary for the intended purposes will be collected.
  • Accuracy: The data must be accurate and kept up to date.
  • Storage limitation: Personal data will be kept only as long as necessary.
  • Integrity and confidentiality: The data will be processed ensuring adequate security and confidentiality.
  • Accountability: The data controller will ensure compliance with these principles.

Categories of personal data

The categories of data processed by Petit Pot Brunch are limited to identification data. No special categories of personal data are processed.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is the User’s consent, which can be withdrawn at any time without affecting the lawful use of the Website.

Purposes of personal data processing

The personal data collected is used to fulfill the commitments between the Website and the User or to respond to inquiries. Data may also be used for marketing studies and content personalization.

Retention periods for personal data

Personal data will be retained only for as long as necessary to fulfill the purposes for which they were collected or until the User requests their deletion.

Recipients of personal data

No personal data will be shared with third parties.

Personal data of minors

Only individuals over the age of 14 can provide consent for the processing of their personal data. In the case of minors, parental or guardian consent will be required.

Confidentiality and security of personal data

Petit Pot Brunch implements security measures to protect personal data, such as the use of an SSL certificate. However, absolute security cannot be guaranteed in the event of cyberattacks, and Petit Pot Brunch commits to inform users of any data breach.

Rights derived from the processing of personal data

The User has the right to exercise the following rights as recognized by current legislation:

  • Right of access: Request confirmation of whether their personal data is being processed.
  • Right to rectification: Correct inaccurate or incomplete personal data.
  • Right to erasure (“right to be forgotten”): Request the deletion of personal data when it is no longer necessary.
  • Right to restriction of processing: Request the restriction of processing under certain circumstances.
  • Right to data portability: Request personal data in a structured, commonly used, and machine-readable format.
  • Right to object: Object to the processing of their personal data.

Links to third-party websites

The Website may include links to third-party websites, which have their own privacy policies, independent of Petit Pot Brunch.

Complaints to the supervisory authority

If the User considers that the current regulations are being violated in how their personal data is being processed, they can file a complaint with the Spanish Data Protection Agency (www.agpd.es).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Using the Website implies acceptance of Petit Pot Brunch’s Privacy Policy. The company reserves the right to modify this policy without prior notice, so users are encouraged to review it periodically.

This policy was last updated on 01/07/2021.