CONFIDENTIALITY AND PROTECTION POLICY FOR THE PERSONAL DATA
PROCESSED WITHIN THE ACTIVITY OF MOMA RESTAURANT
We, from Moma Restaurant, have respect for the inviolability of the private life of our customers and guarantee their personal data protection to the maximum level.
This Confidentiality and Data Protection Policy (hereinafter called Confidentiality Policy) aims to clarify the data we collect from you, how and why we process it. It is prepared and based on the current Bulgarian and European legislation in the field of personal data protection, including, but not only, in accordance with Regulation (ЕU) 2016/679 of the European Parliament and the Council regarding the data (the Regulation).
Please, carefully read this Confidentiality Policy before using www.moma-restaurant.com website (the Website) or any of its functionalities, and before using the services we provide. If you do not want us to process your personal data in the way described in this Confidentiality Policy, please, do not give it to us.
If you have any questions or comments in connection to this Confidentiality Policy, please, contact us on the following e-mail: firstname.lastname@example.org
I. Who processes and is responsible for your personal data?
‘Tricolore’ OOD (hereinafter called ‘Tricolore’, ‘we’) is a company registered at the Commercial Register and Register of NPLE of the Registry Agency under UIC: 202917124, which collects, processes, and stores your personal data under the conditions of this Confidentiality Policy and which operates the business of MOMA Restaurant ‘Tricolore’ OOD is a personal data administrator under the Personal Data Protection Act and the Regulation. You can contact us in any of these ways:
Registered office: Blvd “James Bourchier” 76A, 1407 g.k. Lozenets, Sofia
Telephone: 0885 62 20 20
II. Categories of personal data we process:
III. Channels through which information and personal data is collected/Personal data source:
! We do not require entering personal data in the Book of Praise and Complaints. You can give only your first name or a nickname, or you may not specify any individual information at all. In case that you give any personal data, you agree that we process it for the purposes of analysis and administration of the circumstances entered in the Book. This consent can be withdrawn at any time.
While you are using www.dineout.bg platform, we receive the following booking data by Dineout OOD (the platform source): Name, surname, telephone number, e-mail, booking data.
Dineout OOD are an independent personal data administrator, who is responsible for the execution of the obligations under the Regulation. Your relations with Dineout OOD are settled separately, and we are not part of them.
IV. What purposes do we use your personal data for?
The main business activity of Tricolore is operating Moma Restaurant, located in the city of Sofia, 28 Solunska Str., and providing services through it. We process your personal data in order to be able to provide quality services and pleasant experience in Moma Restaurant. Our Website itself helps for the provision of these services and gives are the opportunity to reach more people.
Preliminary booking for Moma Restaurant is not an obligatory condition to enjoy the atmosphere and the meals, but it guarantees that you will have a table, prepared especially for you, on the day and at the time you wish. Feel welcome to visit the Restaurant even without booking, in which cases there would be no need to collect or process any information about you, including personal data.
V. Legal reason for processing your personal data:
VI. How long do we store your data?
We store your personal data for up to 2 months after the booked visit.
Provided that the personal data is processed in connection to administering a signal, a grievance, a claim, or any other inspection, this personal data shall be processed within a period of 3 months after the date of the final completion of the procedure (including with a valid act, if there is such).
The personal data processed in connection to the issuance of accounting/financial documents for the performance of tax and social security control, including for, but not limited to, the issuance of invoices, debit or credit notices, shall be stored within the term foreseen in the applicable legislation for storing such documents.
Data from video recordings from CCTV cameras – within XXX days after the creation of the recordings.
The personal data can be stored for a period longer than the above-mentioned one, in cases of an occurred legal dispute, by the time of its final solution, with a valid court judgement/arbitration award.
The personal data, entered into the Book of Praises and Complaints is stored by the end of January of the year, following the calendar year for which it was entered, or by the time the given consent is withdrawn (if this happens earlier).
VII. Where do we store your data?
The data we collect from you are stored within the European Union and the European Economic Area (EEA), as currently it is stored only on the territory of the Republic of Bulgaria.
Based on the available information as of the date of this notice, we (in our capacity of Personal Data Administrator), do not transfer your personal data out of the European Union.
Each change of the above-mentioned information shall be specified with a revision of this Confidentiality Policy.
VIII. Categories of third parties who can have access and process your personal data
Your personal data provided to third parties shall be used only for the provision of the services specified herein.
Please, note that some of those companies have the independent right or obligation to process your personal data.
IX. Your Rights in connection to processing your personal data
At any moment within the period we store or process your personal data, you have the following rights:
In connection to your personal data processing, you have the right to submit a claim to the control authorities, as the competent authorities connected to this are the Commission for Personal Data Protection, address: 1592, the city of Sofia, 2 Prof. Tsvetan Lazarov Blvd. (www.cpdp.bg).
We do not use your personal data for automated decision-making, including for profiling, which will arise any legal consequences for you or will concern you to a significant extent.
4.1. If you have any questions or you would like to exercise your rights connected to your personal data processing for any of the purposes or for any of the cases specified herein, you can contact us on the following contacts:
Address: Solunska str 28, Sofia, Bulgaria
4.2. The requests addressed to Tricolore OOD, in accordance with this Policy, must contain at least as follows:
– name, address or other data for identification of the respective private entity;
– description of the request;
– the preferred form for providing the information;
– signature, date of submitting the application, and mailing address.
4.3. We answer all the questions, signals and claims of data subjects, in accordance with the rules of the current legislation. Please, note that before we answer your claim, we are obliged to identify the person who has submitted the claim, so that we make sure in his/her right to submit it.
4.4. We shall inform you about our answer and the measures we have undertaken, without any unreasonable delay, but in all the cases, no later than 30 days after receiving the claim.
4.5. Tricolore EOOD shall notify the private entity who has submitted the request about its settlement or about the motivated refusal to settle the request. The notification shall be sent by Tricolore EOOD to the private entity, in the way specified as preferred for providing the information, and, in case that there is no such, by mail, with a registered letter, or personally, against signature.
Personal data processing is based on your voluntary provision of data. You can use the services of the Restaurant without providing personal data by visiting it on site. However, in case that you would like to make use of any of the concomitant services (like preliminary booking of a table) or you would like to execute your right of grievance, signal or complaint, or to have an invoice issued, then, we need your personal data to identify the party which makes the respective request/application, so as to be able to meet your requirements.
X. Log files
Like in most websites, the Website collects data in log files. This information contains your IP, which browser you use (like Mozzilla, IE, Chrome, etc.), the operating system (Linux, Windows, iOS), when you have visited our website, and the visited websites. We reserve the right to use the IP addresses of the users in order to find their identity in the cases when it is necessary to execute the law.
XI. Connection to other websites
Occasionally, the Website may contain links/references (hyperlinks) to other websites. We do not operate the connected websites and do not approve the contents, services or the products of these websites. We are not responsible for the confidentiality policies or the contents of these websites and we advise you that you have a look at their confidentiality policies.
XII. Confidentiality Policy of ‘the Cookies’
In order to make the Website work in accordance with the functionality set by the staff, as well as to personalize your visits, we sometimes keep some small data files on your device, called ‘cookies’. This is a standard practice which is extensively used almost in all the websites around the world. You can find detailed information on what cookies are and how and which cookies we use, as well as how you can control or erase the cookies, in our Cookies Policy, published on our Website.
Please, note that blocking some of the cookies may reflect the way in which the website functions, which may also lead to disturbed functionality of the website.
XIII. Revisions of the Confidentiality Policy
It is possible that we occasionally update our Confidentiality Policy. In any such revision of the current policy, our website will have a published announcement and an updated Confidentiality Policy. Any revisions and supplements in our Confidentiality Policy shall be applied only after its updated contents is published and accessible through our Website. Provided that the changes of the Confidentiality Policy are essential, we may prefer to send a personal message via e-mail to each one of you, with a link to the new/updated policy, so that we make sure you will be familiarized with the changes.