PRIVACY AND DATA PROTECTION POLICY

On April 14th 2016 the European Parliament approved the general Data Protection Regulation (RGPD), which replaced the previous Directive 95/46/EC transposed into the Portuguese legal order in Law No. 67/98 of 26 October, that still in force.

This regulation, which effective application was on May 25th 2018, aims to harmonize the laws that rules this matter in the EU countries, but above all create a new awareness and approach to the way in which data are seen and treated.

At Forno Nero – Ristorante Pizzeria, our main goal is to provide to all customers who contact and visit us, from the moment of the first contact by phone or email to the effective experience in the restaurant, a service of quality and a memorable meal.

We want to establish strong and lasting relationships with our customers, based on transparency and trust so we are committed to preserving the privacy, integrity and security of personal data that all users who visit our site or our facilities share with us.

This privacy policy has been developed with the aim of making you aware of the principles and obligations we undertake in terms of data protection.

1. WHO IS RESPONSIBLE FOR HANDLING YOUR PERSONAL DATA?

The entity responsible for the treatment of your data is EPICWORLD HOTELARIA E TURISMO, UNIPESSOAL, LDA with address in Faro, registered in the Conservatória do Registo Comercial of Faro with the Fiscal Identification Number 514 136 375.

While responsible we promote the confidentiality and privacy of your personal data, ensuring your protection and proper use in accordance with the reason why they were made available to us and based on the terms defined in this policy.

2. HOW WE COLLECT AND TREAT YOUR PERSONAL DATA AND WHY WE DO IT?

We will collect your personal information when you make it available to us by telephone, email, through our website, reservation platforms, through application form or in person.

The personal data we collect is:

  1. the necessary for the purpose of the treatment concerned;
  2. processed in a transparent manner and in strict respect for the private life reserve, as well as for the fundamental rights, freedoms and guarantees of data holders;
  3. lawfully, loyally and transparently treated for certain and explicit purposes;
  4. treated appropriately and limited to what is strictly necessary to continue the treatment purposes concerned.

Legal basis for data processing: We will use your personal data only in accordance with the strictly necessary for the services we provide and in accordance with the legal requirements.

The given consent can always be withdrawn at any time through contact for the data available in the point ‘HOW DO I GET MORE INFORMATION ABOUT DATA PROTECTION AND CONTACT THE DATA PROTECTION OFFICER?’.

3. HOW LONG DO WE KEPT YOUR DATA?

We retain your personal data only for the period that is strictly necessary for the continuation of the purposes that motivated your collection.

There are legal requirements that require us to keep the data for a minimum period of time. Thus, and where there is no specific legal requirement, the data shall be stored and retained only for the minimum period necessary for the purposes which motivated its collection or subsequent treatment or, for the period of time authorized by the Responsible entity, after which they will be eliminated.

4. WHICH ARE YOUR RIGHTS?

You have the right to request access to your personal data, as well as its rectification or deletion, the limitation of treatment or to oppose treatment, as well as the right to data portability.

  1. ACCESS – You have the right to access the personal data processed, and to know the conditions under which the treatment is carried out, and may request access to them or to obtain a copy of the personal data;
  2. RECTIFICATION – You have the right to require the rectification of your personal data and that are not correct. In view of the purposes of the treatment, if those data are incomplete, you may also require them to be completed;
  3. DELETION/OBLIVION – In certain circumstances, such as those listed below, you have the right to require the controller to erase your personal data:
    1. The data are no longer necessary for the purpose of its collection;
    2. You have withdrawn the consent on which the treatment is based and there is no other legal basis;
    3. You have opposed to treatment and there are no legitimate interests prevailing;
    4. Personal data have been treated in an illicit manner;
    5. This deletion results from the fulfilment of a legal obligation to which the person responsible is subject;
  4. LIMITATION OF TREATMENT – You have the right to restrict the processing of your personal data when:
    1. Contests the accuracy of personal data (during the period allowing the Controller to verify its accuracy);
    2. The treatment is illicit and the holder opposes the deletion of the data;
    3. Data is no longer necessary for the purposes of treatment, but is required by the holder for the purpose of declaring, exercising or defending a law in a judicial process;
    4. If you opposed to the treatment in the exercise of the direct opposition (until it is verified whether the legitimate interests of the controller prevail or not on this right);
    5. The data are no longer necessary for the purpose of its collection;
    6. You have withdrawn the consent on which the treatment is based and there is no other legal basis;
    7. The data are no longer necessary for the purpose of its collection;
    8. Personal data have been treated in an illicit manner;
    9. This deletion results from the fulfilment of a legal obligation to which the person responsible is subject.
    10. Where such a situation occurs, personal data may only be subject to treatment (except conservation) with the consent of the holder or for the purpose of declaring, exercising or defending a right in a judicial process, defending the rights of another person (individual or company), or for great reasons of public interest. You will be informed before the limitation of treatment is cancelled.
  5. PORTABILITY – You have the right to receive the data concerning you and that you have provided us, in a structured format, of current use and automatic reading and the right to transmit those data to another entity, when:
    1. The treatment is based on the consent of the holder;
    2. The treatment is carried out by automated means;
    3. When technically possible, you may also request that personal data be transmitted directly between those responsible for the treatment.
  6. You have the right, at any time, due to reasons related to your specific situation, to oppose the processing of your personal data, when the treatment is based on legitimate interests pursued by the person responsible for the treatment.
    When exercising the right of opposition, we shall cease the processing of data, unless there are compelling and legitimate reasons for such treatment, which prevail over the rights of the holder.

To exercise any of these rights, can you send us your request, using the contacts indicated on the point ‘HOW DO I GET MORE INFORMATION ABOUT DATA PROTECTION AND CONTACT THE DATA PROTECTION OFFICER?’.

5. TO WHOM DO WE COMMUNICATE YOUR DATA AND WHY?

We only share data with third parties, in legal terms, under the duty of cooperation, namely the Food and Economic Safety Authority, the Working Conditions Authority, the Tax and Customs Authority and Social Security. We may also transfer data to service providers that operate exclusively under our guidance or in our support, and that comply with technical and organizational measures equivalent to those to which we are obliged.

 Except in the context of compliance with legal obligations, in no event shall personal data be communicated to third parties in addition to the situations already mentioned.

6. HOW DO WE PROTECT YOUR DATA?

The security of your data is very important to us, so we use the appropriate technical and organizational means taking in consideration the nature of the data treated in order to protect your personal data and prevent unauthorized access, disclosure, loss or destruction.

Some examples of these measures includes:

  1. The anonymization and the encryption of personal data, where possible;
  2. The ability to ensure the confidentiality, integrity, availability and permanent resilience of treatment systems and services;
  3. The ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident;
  4. A process for testing, assessing and evaluating regularly the effectiveness of technical and organizational measures to ensure the safety of treatment.
  5. Our employees who, in the performance of their duties, treat personal data, are obliged to have professional secrecy, including after the end of their duties, and to be bound to observe the provisions of this policy, as well as in the Applicable legislation on the protection of personal data.

The procedures required to deal with suspected personal data violations are also included in order to be able to notify the holders of the affected personal data as well as the applicable regulatory authority during the necessary periods.

7. USE OF COOKIES

We use cookies on our website to improve the performance and experience of the users.

What are cookies? Cookies are small text files stored in your computer via the Internet browser, storing only information related to user preferences (generic information), not including the user's personal data.

The cookies we use on our website observe the principles of anonymity and confidentiality and have the sole purpose of recognize the user, not being used in any case to collect information that identifies the user, nor for direct marketing purposes.

Cookies helps our website to recognize the user's device in the next visit.

What are cookies for? Cookies serves to help determine the usefulness, interest and number of uses of our website, allowing for faster and more efficient browsing, eliminating the need to repeatedly introduce the same information.

What kind of cookies are used on our website? The cookies used have different functions and are distinguished in the following terms:

  1. Analytical Cookies – are used anonymously for the purpose of creating and analyzing statistics, in order to improve the functioning of the website.
  2. Functionality Cookies – stores user preferences for the use of the site, so that you do not need to re-configure the site each time you visit.
  3. Third-party Cookies – measures the success of applications and the effectiveness of third party advertising. They can also be used in order to customize a widget with user data.

Cookies may be:

  1. Permanent: They are stored, by variable time, at the level of the Internet browser on your access devices and are used whenever the user makes a new visit to the website. Typically, they are used to direct navigation according to the user's interests, allowing us to provide a more personalized service.
  2. Session cookies: They are temporary, remain in the cookies of your Internet browser until you leave the website. The information obtained allows to identify problems and provide a better browsing experience.

How to manage Cookies? All Internet browsers allow the user to accept, refuse, or delete cookies, namely by selecting the appropriate settings in the respective Internet browser.

After authorize the use of cookies, the user may always turn off part or all of the cookies.

8. CHANGES TO PRIVACY POLICY

We can make changes to this policy at any time and without notice. The changes will be effective after publication on our website.

HOW TO GET MORE INFORMATION ABOUT DATA PROTECTION AND CONTACT THE DATA PROTECTION OFFICER?

For the exercise of any type of rights of data protection and privacy or for any clarification concerning the topics of data protection, privacy and information security, our guests/customers, users, employees and candidates may contact the Data Protection 0fficer through the following email:  [email protected]

LOCATION, CONTACTS AND OPENING HOURS

QUESTIONS?

FORNO NERO © Copyright 2021. All rights reserved.