This privacy notice sets out the ways in which Manna Gastro BetriebsgmbH, company number ATU74384427, FN512019w, (Da Rose Restaurant) collects, processes, and shares your personal data.
What information does DaRose collect?
DaRose may collect, process, and use the following information you provide during the online table booking process when you purchase a gift voucher, when your sign up to our newsletter online, when you telephone to make a booking, and when you attend an event at one of our restaurants:
– email address.
– telephone number.
– your date of birth.
– your gender.
– your payment card information.
– other information you provide during the booking process.
We may receive certain categories of information listed above from sources other than you, such as from third-party websites, applications, and individuals who have added you as a guest to their booking or who have purchased a gift voucher for you. We may combine this information with the information we collect. Our booking engine Quandoo also collects some of your information, please refer to Quandoo’s Terms and Conditions for end-users.
What is your data used for?
DaRose may process your personal data in the following ways, and on the following legal basis:
– Your name, telephone, and email address for the purposes of sending you direct electronic marketing. DaRose will only do this if you have given your consent to being provided with direct electronic marketing. You may opt-out of receiving this at any time by contacting firstname.lastname@example.org or by changing your preferences.
– To carry out DaRose’s obligations arising from any contracts entered between DaRose and you, for example, to take payment, or to book a table or gift voucher.
– To send you a confirmation email or text message to verify and confirm your table bookings and gift voucher orders, this is necessary for the performance of DaRose’s contract with you so that it can confirm your bookings and provide you with details about your voucher. It is also in DaRose’s legitimate interests to ensure that customers are reminded about their bookings.
– To enhance your experience of the DaRose restaurants and website, we do this as it is in our legitimate interest to ensure that you receive the best experience possible when you book and dine with us.
– To optimize your experience of the types of direct electronic marketing that DaRose sends you (where you have consented to direct electronic marketing). DaRose does this on the basis that it is necessary in DaRose’s legitimate interest to ensure that such direct marketing is of interest and use to you.
– To inform you of our allergen procedure and to ascertain whether special dietary requirements apply to your booking.
– Any other purposes where we have obtained your consent to do so.
We may use your information in an anonymized and/or aggregated manner to analyze the data so that we can enhance our IT systems or website and carry out research. We may share this anonymized and/or aggregated data with third parties, but you will not be identifiable from any such data.
DaRose may review your personal data if it has reason to believe that the information has been provided inappropriately, unlawfully, or illegally. DaRose does this on the basis that it is necessary in its legitimate interest to ensure that the restaurants and website are being used appropriately, lawfully, and legally.
Disclosing information to third parties
DaRose does not sell, trade, or otherwise transfer your personal identifiable information to outside parties other than as set out in this privacy notice.
DaRose provides your personal data:
– to selected third party providers to process and deliver your bookings and orders, for example payment providers, gift voucher merchants and third-party online booking providers such as Quandoo (mentioned above).
– to selected marketing agencies, web-mailing companies, and hosting companies.
– credit reference agencies or fraud prevention agencies.
DaRose will only transfer your personal data outside of the EEA to organizations that have adequate safeguards in place to ensure the security of your personal data.
DaRose will disclose your personal data to third parties:
– if DaRose sells or buys any business or assets, in which case DaRose will disclose your personal data to the prospective seller or buyer of such business or asset.
– if DaRose or substantially all its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; or
– if DaRose is under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect the rights, property, or safety of DaRose, you or any third party, and to investigate illegal activities and breaches of any agreement DaRose has with you. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
DaRose may pass your personal data to third parties in a statistical and/or aggregated manner to analyze the data. DaRose will always ensure that you are not identifiable from any such data.
We may otherwise share your information as directed by you or subject to your consent.
Protecting your personal data
DaRose has put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, it limits access to your personal data to those employees, agents, contractors and other third parties who have a business need to know and in accordance with this privacy notice. They will only process your personal data in accordance with DaRose’s instructions.
DaRose has put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where it is legally required to do so.
You play an important role in keeping your information secure. If you have any reason to believe that your interactions with us are no longer secure, then please contact us at email@example.com
Holding your personal data
DaRose will retain your data for as long as we need to hold it to provide you with services and to improve, analyze and optimize your customer experience.
We may also retain your data for further periods where we need to do so in order to comply with any legal or regulatory requirements (including keeping certain records for seven years for VAT purposes), to carry out audits, to detect and prevent fraud, to enforce contracts or to resolve any disputes.
To determine the appropriate retention period for personal data, DaRose considers the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which DaRose processes your personal data, and whether those purposes can be achieved through other means, and the applicable legal requirements.
Where DaRose relies on consent as the condition for processing your personal data, for example for sending you electronic direct marketing, you have the right to withdraw that consent at any time.
You have various statutory rights in relation to your personal data.
You have the right to:
– object to direct marketing communications at any time.
– request and obtain access to your personal data.
– rectification or erasure of your personal data, in certain circumstances.
– object to or restrict the processing of your personal data in certain circumstances.
– have your personal data stored in a way it is portable from the environment in which it is stored by DaRose to another environment; and
– file a complaint with the Information Commissioner’s Office.
Changes to Privacy Notice
If DaRose decides to change this privacy notice, any changes will be posted on this page.
This privacy notice was last modified on 20th May 2021 and is currently in editing mode. This is not the final version yet, as of 20th May 2021.
If you wish to contact DaRose in relation to this privacy notice, including in relation to any of the rights set out in this section above, please contact us at firstname.lastname@example.org