Privacy Policy Take Away and Delivery

In carrying out our activities, we pay the closest attention to the security and confidentiality of the personal data of our users and customers, in compliance with the applicable data protection legislation and according to the principles of necessity, fairness, lawfulness, proportionality, and transparency. 

You will find information below on how we process your personal data. Please note that this Privacy Statement does not apply to data processing carried out by or through third-party web pages linked to this website, as we have no influence or control over their configuration and content. We therefore recommend that you consult the relevant privacy and cookie policies.

The website https://www.temakinho.com/ is owned by the company Temakinho S.p.A. with registered office in via Francesco Petrarca n. 6, 20123 Milan (MI), VAT number 07598530967 (hereinafter "Temakinho" or “the Company”).  Temakinho S.p.a. has in turn appointed as a Processor for the management of the centralized data database and the infrastructure the company CIGIERRE Compagnia Generale Ristorazione S.p.A., an Italian company with registered office in Tavagnacco (UD), Via Nazionale 35, 33010, Tax Code and registration number no. 01896000302, since Cigierre S.p.a. is the parent company of Temakinho S.p.a..

 

DATA CONTROLLER AND CONTACT

The data controller of your personal data carried out for the aim of take away and delivery is Temakinho S.p.a. (or sometimes Cigierre S.p.a. when the latter is franchisee of Temakinho S.p.a.).

You can contact the Data Controller by ordinary mail, by writing to the address of the registered office, or by e-mail, to the address  privacy@temakinho.com

Section “take away and delivery” is a section in which the clients can choose the products prepared by the restaurants branded “Temakinho” and collect them at the Restaurant or collection point indicated (“take away” service) or make them deliver at home (“delivery” service). 

We inform you that for the transport and delivery services of the Products, the Controller may use both its own employees and third-party food delivery and logistics companies, specifically appointed as Data Processors of the personal data of clients who request these services.

 

CATEGORIES OF PERSONAL DATA AND MODALITIES OF TREATMENT  

What personal data we collect and how we collect it depends on the products you purchase or the services you request, and how you interacted with us. In some cases, we can receive them from third parties, if you have given these subjects the consent to share them.

In particular, in the website we process the following categories of personal data:

- contact details: name, surname, address (for delivery service), phone number, email address;

- payment details: financial information about your credit card or prepaid card if you choose these payment methods for our products or services;

- data from cookies, web beacons, and other similar technologies. For more details, please see our cookie policy. 

Your data may be processed with manual or IT tools, able to ensure security, confidentiality, and prevent unauthorised access.

If you provide us with personal data on someone else's behalf, you must first ensure that the Data Subjects have read this Privacy Statement.

We ask you to help us to keep your personal data up to date, informing us of any changes that may occur and we ask you not to include in your messages to us personal data concerning third parties or 'sensitive' data (meaning those that could reveal your racial or ethnic origin, your political opinions, religious or philosophical beliefs, your trade union membership, your genetic, biometric or health data, or data about your sex life or sexual orientation). Should you send such data, we will delete this information.

 

PURPOSES AND LEGAL BASIS FOR PROCESSING DATA  

The processing of personal data must be legitimised by one of the legal requirements (so-called 'legal basis') provided by current data protection legislation, as described below: 

a)      purposes of providing online ordering and delivery or take away services at the restaurants you have identified.

You are given the opportunity to order the Products online and collect them at the Temakinho Restaurant or at the indicated collection point (“take away service”) or receive them at home (“delivery service”). Legal basis of the processing: fulfilment of pre-contractual obligations (in the phase of identification and selection of the products to be purchased) and contractual (following the purchase phase and in relation to the delivery phases and possible after-sales assistance) as well as fulfilment of specific obligations of law (for example, administrative-accounting purposes). The provision of data, although not mandatory, is essential and indispensable for the total or partial management of pre-contractual and contractual relationships. Therefore, if you do not provide us with your data, you will not be able to enjoy the service;

  

b)     to defend our rights before the judicial, administrative or extrajudicial authorities and in the context of disputes arising in relation to the services offered.

Your personal data could be processed by the Controller to defend your rights or take legal action or even make claims against you or third parties.

Prerequisite for processing: legitimate interest of the Company in protecting its rights. The provision of personal data for this purpose is mandatory. In default the Company will find it impossible to defend its rights.

 

c)      Purposes related to the obligations established by laws, regulations or EU legislation, by provisions / requests of authorities and / or by supervisory and control bodies

The Controller will be able to process your personal data to fulfil its legal obligations, also in order to demonstrate to the competent authorities the influx of clients who had access to the restaurants during the period of the Covid-19 epidemic.

Prerequisite for processing: fulfilment of a legal obligation. The provision of personal data for this purpose is mandatory. In default the Company will be unable to fulfil its legal obligations. 

 

DISCLOSURE OF DATA

Your personal data collected through this site may be disclosed to the following categories of subjects: 

a)      our employees specifically assigned to process your data, in particular customer service online and in our restaurants, sales staff, accounting, human resources, IT, marketing,   and, in general, our duly appointed employees and employees in our restaurants;

b)     our employees to provide the requested catering service and to provide you with assistance;

c)      providers of legal advice and assistance services; 

d)     providers of IT services including software support, or archiving;

e)      any company used to provide us with a service (e.g. logistics services for the delivery of purchased products, and companies used to provide a home catering service, on our behalf, or at specific restaurants or locations you have chosen) 

f)      the police, government agencies, regulatory bodies, courts or other public authorities authorised by law; 

g)     third parties or bodies to which the communication of data is required by law.

h)     IT staff or sales / delivery / take away / marketing staff, duly appointed as data processors on behalf of the controller.

The subjects mentioned above may act, depending on the case, as data processors or autonomous data controllers. Other than to these subjects, your data will not be disclosed.

DATA TRANSFER 

We may transfer your data to US or Canadian service providers which manage the orders.  

The transfer of your data to these countries takes place in any case in compliance with the applicable regulations and international treaties. 

You have the right to obtain a copy of the data held abroad and to obtain information on the place where such data are kept by expressly requesting it from us at the addresses of our offices or writing to  privacy@temakinho.com . 

 

HOW WE KEEP YOUR PERSONAL DATA SECURE

The Controller uses appropriate security measures in order to improve the protection and maintenance of the security, integrity and accessibility of your personal data.

All your personal data is stored on our secure servers, and is accessible and usable according to our standards and security policies.

If the data are processed by third parties, in the context of the methods and forms of payment, the Controller ensures that security standards equivalent to its own will be applied.

Instead, it is your responsibility to maintain the secrecy of the password to access your reserved area, so we ask you not to share it with anyone.

The Controller is committed to:

• ensure the accuracy and updating of the data processed, and promptly acknowledge any corrections and / or additions requested by the interested party;

• notify the interested party, within the times and in the cases provided for by the mandatory legislation, of any violations of personal data;

• to ensure compliance of the processing operations with the applicable legal provisions.

Furthermore, the Controller processes your personal data in full compliance with the principle of correctness, lawfulness and transparency. In compliance with the Privacy Law, the Controller configures or, in any case, undertakes to configure the information systems and computer programs by minimizing the use of personal data, so as to exclude their processing if the purposes pursued can be achieved by, respectively , anonymous data or appropriate methods that allow the data subject to be identified only in case of need. Finally, it should be noted that the data are not used for the purpose of adopting automated decision-making processes.

 

  DATA RETENTION 

The Company keeps your personal data only for the time necessary to achieve the purposes for which they were collected or for any other legitimate related purpose. Your personal data that are no longer necessary, or for which there is no longer a legal prerequisite for its conservation, will be irreversibly anonymised or securely destroyed. Below are the storage times in relation to the various types of data processed:

a)     Contact details: if processed for the online order and for the take away/delivery service, data may be kept only for the time necessary to process your requests and to carry out the service and in any case no later than the following 10 (ten) years, only for the data necessary for administrative-accounting purposes. With particular reference to the legal protection of our rights or in the event of requests from the authorities, the data processed will be kept for the time necessary to process the request or to pursue the protection of one's right. In any case, for technical reasons, the termination of the processing and the consequent definitive cancellation or irreversible anonymization of the related personal data will be final within thirty days from the terms indicated above;

b)     Payment data: these data may be kept for the time necessary to process your requests and in any case no later than the next 10 (ten) years, in relation to the data necessary for administrative-accounting purposes;

c)     Website usage data - these data will be kept as long as the account is active. The retention times of the various cookies that may be used can be found in the appropriate Cookie Policy.

 

YOUR RIGHTS  CONCERNING THE PROCESSING OF YOUR PERSONAL DATA 

We guarantee that you can exercise your rights under Article 12.2 of EU Regulation No. 679/2016 (so-called 'GDPR') at any time. In particular, you have the right to:

- have access to your data;

- request the rectification of your inaccurate personal data or the integration of incomplete data; 

- obtain the erasure of your personal data in the presence of one of the reasons envisaged by the GDPR;  

- request to limit the processing only to specific personal data, if one of the reasons provided for in the Regulation occurs;  

- object in whole or in part to the processing of your personal data;  

- withdraw your consent to the processing at any time if it is based on consent, without prejudice to the lawfulness of the corresponding processing until the time of withdrawal.

The exercise of these rights is subject to some exceptions aimed at safeguarding the public interest (for example the prevention or identification of crimes) and our interests. In the event that you exercise any of the aforementioned rights, it will be our responsibility to verify that you are entitled to exercise it and we will reply, as a rule, within one month.

You can exercise these rights by sending a communication to the Controller or by writing to  privacy@temakinho.com

Furthermore, you always have the right to lodge a complaint with the national Data Protection Authority, whose contacts are available at  https://www.garanteprivacy.it/home/footer/contatti