MENU² Privacy Policy

Last Updated: 18th of November, 2019

In accordance with provisions set forth in EU Regulation 2016/679 from the European Parliament and Council, dated April 27th, 2016, regarding the protection of natural persons in the treatment of personal data and the free circulation of this data and Organic Law 3/2018, dated December 5th, for the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) and other applicable regulations in effect. We inform you that the provided data has been included in a treatment property of MENU X MENU S.L.U., with registered offices at Carrer FloridaBlanca, 92, Barcelona, 08015 BARCELONA, NIF (Tax Identification Code) B67494914, E-mail privacy@menuxmenu.com and the activity consisting of third-party electronic Exploitment services.

MENU X MENU S.L.U. is specially sensitized in the protection of the data of user of the service who access through the website. By means of this Privacy Policy [hereinafter referred to as the Policy], MENU X MENU S.L.U. informs Users of the treatment and uses to which data collected from the Website is subjected, so that they may decide, freely and voluntarily, if they wish to supply the requested information.

MENU X MENU S.L.U. commits itself to guaranteeing the legal requirements set forth in the applicable Personal Data Protection legislation and regulations.

1.- Who is responsible for treatment?

MENU X MENU S.L.U. is the proprietor of different treatments with registered offices in Carrer Florida Blanca, 92, Barcelona, 08015 BARCELONA, NIF B67494914.

2.- What type of data do we treat?

Specifically, the data collected through this Website is incorporated to the data treatment to which this Privacy policy will be applied.

"Personal Data" in this Privacy Policy refers to any information which allows us to identify you. In our website, we do not perform the treatment of any personal data such as name, surname and email. Data is collected anonymously in our website, since we do not require the user to enter data like email, names and surnames. The user provides us with data by using our website and the different filters.

Our company specifically treats statistical data each time you use our platform, how long you use it, time zone, resolution of your DPI screen, your user agent specified by your browser, your operating system, the webpages you have visited and geolocalization data to know from which region you are entering our website. Also, data related to your language and food preferences, diet and allergies.

2.1- What are the purposes of the treatment of your data?

The purposes for collecting and incorporating data to the cited treatments, consist of:

a) Offering information related to our services.

b) Performance statistics of our platform.

c) Receiving notifications in case of any incidents occuring in our platform.

d) Performing statistical studies of preferences to offer in our website.

e) Service quality analysis.

2.2- Do we have a Data Processing Manager?

Solely for compliance with our legal obligations such as accounting, administration and data protection , it´s necessary for us to give access to administrative Management companies and consultancies to the data supplied by you.

In case of third parties having access to this file and with whom there is an obligation to undersign the agreement provided by (article 28 of the EUGDPR). This agreement will be signed in the terms established by said article, which will contractually regulate the use and confidentiality of personal data, pursuant to provisions set forth in legislation in effect.

2.3- How do we share your personal data?

There shall be no assignment of personal data or international transfers, according to UE Regulation 2016/679 and the Organic Law for Data Protection and Guarantee of Digital Rights (LOPDGDD) and applicable legislation in effect. In addition, the use of data for any purposes other than those mentioned is not authorized. Nevertheless, as we do not own any servers, we must trust in third parties to host our websites, bring you the menus and for analytics collection. All our third-party services are data processors, which means that it is MENU² and, by extension, you that decide how your data is used. We specifically trust in:

Netlify, hosts the website. Netlify Data Processing Agreement (.pdf) is available here.
AWS (Amazon Web Services), provides you with data and images. AWS Data Processing Addendum (.pdf) is available here.
GeoJS, identifies your country using your IP address. GeoJS Privacy Policy is available here.
Google Analytics, collects analytics. Google Analytics Data Processing Amendement is available here.

2.4- What is the legitimacy of treatment?

The User certifies to be older than 14 years and therefore possesses the necessary legal capacity to provide express consent regarding the treatment of their personal data, all this pursuant to provisions set forth in this Privacy Policy.

MENU X MENU S.L.U. treats the data stored in its webpage in accordance with the following legitimizing foundations:

We consider to have a legitimate interest in performing a treatment of the data we have about you like language and those mentioned in article 2, since we understand that the treatment of this data is also beneficial for you, as it allows you to improve your user experience and access information according to your interests.

In case you provide us with personal data such as name(s) and surname(s), ID/Passport, email, bank information, the legality of the treatment of this data is the accounting and production of legally-required invoices in case you need our services.

The treatment of your cookie-stored data is based in the management and processing of the legal relationship established between the user and MENU X MENU S.L.U., meaning the provision of service to clients through our website as well as, if needed, the consent that will be required from the user.

3.- Do We Apply Security Measures?

Proper security measures have been taken in the collection and treatment of your personal data to avoid loss, non-authorized access or manipulation of said data, pursuant to provisions set forth in the E.U. General Data Protection Regulation 2016/679 and the Organic Law for Data Protection and Guarantee of Digital Rights (LOPDGDD), and the effective regulations regarding Data Protection.

4.- How long do we keep your data?

a) We will treat your data for as long as it is necessary for us to perform our services.

Regardless of the fact that we treat your data strictly for the period necessary for us to accomplish the pertinent purpose, we will subsequently keep it duly stored and protected for as long as there is a possibility of liabilities derived from treatment, in compliance with the legislation in effect at any time. Once any possible actions for each case have prescribed, we will proceed to delete the data.

5.- What are your rights?

Any data protection issues related to our webpage shall be addressed to the entity, as the one responsible for treatment, sending an email to: privacy@menuxmenu.com.

Additionally, in case you request information by email and provide personal data like name(s) and surname(s), we will use your personal data solely for resolving your request. And it will be deleted once the purpose for which it was collected has ended, except for compelling legitimate grounds or the execution of possible claims.

If you consider that the treatment is inconsistent with the legislation in effect, you may file a complaint before the control authority at aepd.es.