When you use the Website or place an order through the Website, VINATEA collects your personal data.
The privacy and protection of your personal data is important to VINATEA. Therefore, it is committed to complying with the legislation in force at all times and, to this end, it has drawn up this privacy policy (“Privacy Policy”).

Every time you use this Website you will be under the application of the Privacy Policy and the cookies policy in force at any given time, and you should review this text to check that you are in accordance with it. In this regard, VINATEA reserves the right to modify this Privacy Policy in accordance with new legislative or regulatory requirements, for security reasons or in order to adapt this policy to the instructions of the data protection control authorities.

Whenever there is a change in the Privacy Policy, users will be informed of this change through the Website or by sending communications and will be asked to give their consent to the modified policy once again. VINATEA will not be able to provide you with the services until you have accepted the new changes in the Privacy Policy.

Confidentiality, professional secrecy and security are core values of VINATEA, which is committed to guaranteeing the privacy of the user/visitor at all times and in all interactions with them. VINATEA also undertakes not to collect unnecessary information about the User. Likewise, we undertake to treat any personal information that the User may provide through our website with extreme diligence.

When a customer places an order through our secure server, their personal and address details, as well as those relating to their purchases and payment methods, are incorporated into our database in order to process the order.

VINATEA does not have any access to information related to the credit card number of our customers. We only receive confirmation of payment from the banking institutions that process the order.

Customers and Users undertake to browse the website and use the content in good faith.

In accordance with Organic Law 15/1999 on the Protection of Personal Data (LOPD), and Royal Decree 1720/2007 implementing the LOPD, we inform you that the use of certain services on our website requires you to provide us with certain personal data through registration forms or by sending e-mail messages, and implies acceptance of this privacy policy and that these will be processed and incorporated into the files of VINATEA, owner and responsible for the same. The sending of the aforementioned personal data constitutes express consent to the processing of the same, although this consent is revocable and has no retroactive effect.

Who is VINATEA?

VINATEA is Patrimonial Vinatea SL with NIF B-12748190 with social and fiscal address in Calle Blasco de Alagon, nº 17, in Morella CP:12300 (Morella).

The address of our website is: www.restaurantevinatea.com

The person responsible for the treatment of personal data is Patrimonial Vinatea SL with NIF B-12748190 with social and fiscal address in Calle Blasco de Alagon, nº 17, in Morella CP:12300 (Morella).

What personal data do we collect and why do we collect them?

By ticking the box on the registration forms provided on the Website, users expressly, freely and unequivocally accept that their personal data will be processed by VINATEA for the following purposes.

The purposes will be, based on the functionalities of which you make use, the following:

1. The development, fulfilment and execution of the contract of sale of the products you have purchased or any other contract between the two;
2. To attend to the requests that you make to us
3. To provide you with information about VINATEA products if you so request, including the sending of commercial communications by e-mail or by any other equivalent means of electronic communication (such as SMS), as well as by telephone calls. If you are a registered user, you can change your preferences regarding the sending of such commercial communications by accessing the My Account section;
4. In the event that you provide us with personal data of third parties, you are responsible for having informed and obtained their consent for VINATEA to use them for the following purposes:
   (a) the management of the shipment or verification of receipt of the product.
   (b) to deal with the requests that you or said third party submits to us;
5. In the event that you wish to process the return of the product through the Website, we will use your personal data provided through the return form only for (a) the management of the request and processing of the collection of goods at home, (b) to deal with the requests related to the return that you may make to us, and (c) confirmation of the acceptance of the return and sending by e-mail or other electronic means with the amount of the refund;
6. To process your application as a registered user and/or your order for products offered by VINATEA. Once your application has been confirmed and accepted, the user will receive a confirmation e-mail at the address indicated at the time of completing the registration form.
7. Sending of commercial advertising communications by e-mail. These commercial communications will be related to products or services offered by VINATEA.
8. To carry out statistical studies.
9. Process orders, requests or respond to requests made by the user through any of the forms of contact made available to the user on the VINATEA Website.
10. To send the VINATEA newsletter.

VINATEA reserves the right to decide whether or not to include your personal data in its files.

We also inform you that all your personal data will be subject to the technical and organisational security measures required by Royal Decree 1720/2007, which regulates the regulation of security measures for files containing personal data.

All data requested through the website are obligatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, VINATEA does not guarantee that the information and services provided will be completely adapted to your needs.

The data we ask you to provide are adequate, relevant and strictly necessary for the purpose for which they are collected, and you are under no obligation to provide them. Likewise, you certify that all the information you provide us with is true, accurate and relevant to the purpose for which it is requested.

By simply visiting the Website, Users do not provide any personal information nor are they obliged to provide it.

VINATEA undertakes to keep the information provided to it in the strictest confidence and confidentiality and it is used exclusively internally and for the purposes indicated. Therefore, we do not transfer or communicate your data to any third party, except in the cases provided for by law, or if the USER expressly authorises us to do so.

VINATEA presumes that the data have been entered by the owner or by a person authorised by the owner, and that they are correct and accurate.

In order for us to keep your personal data up to date, it is important that you inform us whenever there has been any change in them, otherwise, we are not responsible for the veracity of the same.

Customers are responsible for updating their own data. At any time, the Client has the right of access, rectification, cancellation and opposition to all their personal data included in the different registration forms. To modify or update their personal data, the Client must send an email to administracion@restaurantevinatea.com with the subject “Update personal data” indicating the items to be modified or cancelled.

To cancel your account, please send us a copy of your ID card. You can exercise your rights by sending an express request to the postal address of the company Calle Blasco de Alagon, nº 17, in Morella CP:12300 (Morella) (Att: Patrimonial Vinatea SL) or send an e-mail from your account e-mail to administracion@restaurantevinatea.com with the subject “Cancel account”.

We consider that if you do not expressly cancel your personal data from our files, you are still interested in continuing to be included in them until VINATEA considers it appropriate and as long as it is appropriate for the purpose for which they were obtained.

Therefore, the Customer is responsible for the veracity of the data and VINATEA shall not be liable for the inaccuracy of the personal data of Customers. In accordance with current legislation on data protection, VINATEA has adopted the appropriate levels of security for the data provided by Customers and has also installed all the means and measures within its power to prevent the loss, misuse, alteration, unauthorised access and extraction of the same.

VINATEA is not responsible for the privacy policy regarding the personal data that may be provided to third parties through the links available on our website.

We process the information you provide in order to provide you with the requested service and to invoice you for the same. The data provided will be kept for as long as the business relationship is maintained or for the years necessary to comply with legal obligations. The data will not be passed on to third parties except in cases where there is a legal obligation. You have the right to obtain confirmation as to whether we at VINATEA are processing your personal data and therefore you have the right to access your personal data, rectify inaccurate data or request its deletion when the data is no longer necessary.

Comments

When visitors leave comments on the site, we collect the data displayed in the comment form, as well as the visitor’s IP address and browser user agent string to aid spam detection.

An anonymous string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The privacy policy for the Gravatar service is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the site you should avoid uploading images with location data (GPS EXIF) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you can choose to save your name, email address and website in cookies. This is for your convenience, so you don’t have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and log in to this site, we will set a temporary cookie to determine whether your browser accepts cookies. This cookie does not contain any personal data and is deleted when you close your browser.

When you log in, we will also set a number of cookies to store your login information and screen display options. Login cookies last for two days, and display options cookies last for one year. If you select “Remember me”, your login will last for two weeks. If you log out of your account, your login cookies will be deleted.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not contain any personal data and simply indicates the ID of the article you have just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in exactly the same way as if the visitor had visited the other website.

These websites may collect data about you, use cookies, embed additional tracking from third parties, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

With whom do we share your information?

VINATEA may use other companies to provide certain services on VINATEA’s behalf and under VINATEA’s instructions, such as order delivery, payment processing, tax and accounting advice, marketing or maintenance of the Website. In order to provide services on behalf of VINATEA, these third party companies may need access to certain information and user data. VINATEA guarantees that, in such cases, these third parties have limited access to user information, restricted only to the data necessary for the performance of the tasks entrusted and have signed a processing contract with VINATEA, whereby they are obliged not to disclose the data or use it for purposes other than those entrusted.

Similarly, VINATEA may disclose your personal data when required to do so by law, in legal proceedings, or to investigate suspicious activity.

In accordance with the applicable legislation, VINATEA undertakes to respect the confidentiality of your personal information and to guarantee the exercise of your rights of access to personal data, rectification or deletion, limitation of processing, opposition to processing, as well as the right to data portability. This exercise shall be carried out by sending a letter to the address indicated above to the attention of “Derechos LOPD” or by sending an e-mail to administracion@restaurantevinatea.com. If necessary, we may request a copy of your ID card, passport or other valid document that identifies you.

VINATEA keeps your personal data for as long as it is necessary to provide the services, the relationship between VINATEA and the user is in force and the user does not express his/her opposition to the processing of his/her personal data and, even after the relationship has ended, for as long as it is necessary to provide the services, maintain security and prevent cases of fraud and abuse or is otherwise legally required.

Should any of the users consider that VINATEA does not comply with the regulations on the protection of personal data, they may lodge a complaint with the competent supervisory authority.

You hereby guarantee that the personal data provided are true and accurate and undertake to notify any changes or modifications thereto. Any loss or damage caused to the site or the person responsible for the Website or any third party by the communication of erroneous, inaccurate or incomplete information on the registration forms shall be your sole responsibility.

How long do we keep your data?

If you leave a comment, the comment and its metadata are retained indefinitely. This is so that we can recognise and approve successive comments automatically rather than keeping them in a moderation queue.

For users who register on our site (if any), we also store the personal information they provide in their user profile. All users can view, edit or delete their personal information at any time (except that they cannot change their username). Site administrators can also view and edit that information.

What rights do you have over your data?

If you have an account or have left comments on this website, you can request to receive an export file of the personal data we hold about you, including any data you have provided to us. You can also request that we delete any personal data we hold about you. This does not include any data that we are obliged to keep for administrative, legal or security purposes.

Where do we send your data?

Visitor comments may be reviewed by an automated spam detection service.

Register of processing activities Processing

Processing Customers

Purpose of processing

Customer relationship management

Description of the categories of customers and categories of personal data:

Customers:

Persons with whom a business relationship is maintained as customers.

Categories of personal data:

Those necessary for the maintenance of the commercial relationship. Invoicing, after-sales service and customer loyalty.

Identification data: name and surname, NIF, postal address, telephone numbers, e-mail address

Categories of recipients to whom the personal data were or will be communicated:

Tax authorities

Banks and financial institutions

Agency

Where possible, the deadlines foreseen for the deletion of the different categories of data:

Those provided for by tax legislation regarding the statute of limitations for liabilities.

Security measures

Article 5.1.f of the General Data Protection Regulation (GDPR) determines the need to establish adequate security safeguards against unauthorised or unlawful processing, against loss of personal data, accidental destruction or damage. This implies the establishment of technical and organisational measures aimed at ensuring the integrity and confidentiality of personal data and the possibility (Article 5.2) to demonstrate that these measures have been put into practice (proactive accountability).

How do we protect your data?

Duty of confidentiality and secrecy

• Unauthorised access to personal data must be prevented, including: leaving personal data exposed to third parties (unattended electronic screens, paper documents in public access areas, media with personal data, etc.), including screens used for the display of video surveillance system images. When absent from the workstation, the screen shall be locked or the session shall be closed.
• Paper documents and electronic media shall be stored in a secure place (lockers or restricted access rooms) 24 hours a day.
• Documents or electronic media (CDs, pen drives, hard disks, etc.) containing personal data shall not be disposed of without guaranteeing their destruction.
• Personal data or any personal information shall not be disclosed to third parties, and special care shall be taken not to disclose protected personal data during telephone enquiries, e-mails, etc.
• The duty of secrecy and confidentiality continues even after the termination of the employee’s employment relationship with the company.

Rights of data subjects

All employees will be informed of the procedure for attending to the rights of data subjects, clearly defining the mechanisms by which rights may be exercised (electronic means, reference to the Data Protection Delegate if there is one, postal address, etc.) taking into account the following:

• Upon presentation of their national identity card or passport, the holders of personal data (data subjects) may exercise their rights of access, rectification, erasure, objection and portability. The controller must respond to data subjects without undue delay.
• For the right of access, data subjects shall be provided with a list of the personal data held, together with the purpose for which they have been collected, the identity of the recipients of the data, the storage periods, and the identity of the controller with whom they may request rectification, erasure and objection to the processing of the data.
• For the right of rectification, data subjects’ data that are inaccurate or incomplete will be amended in accordance with the purposes of the processing.
• For the right of erasure, data subjects’ data will be erased when the data subjects express their refusal or opposition to consent to the processing of their data and there is no legal obligation to prevent it.
• For the right of portability, data subjects must communicate their decision and inform the controller, where appropriate, of the identity of the new controller to whom their personal data are to be provided.

The data controller shall inform all persons with access to personal data of the terms of compliance with which the rights of data subjects are to be met, and the manner and procedure in which those rights are to be met.

What procedures do we use against data breaches?

When security breaches of PERSONAL DATA occur, such as theft or improper access to personal data, the Spanish Data Protection Agency will be notified within 72 hours of such security breaches, including all the information necessary to clarify the facts that have given rise to the improper access to personal data. Notification will be made by electronic means through the electronic headquarters of the Spanish Data Protection Agency at the following address: https://sedeagpd.gob.es

MODIFICATION OF PRIVACY POLICIES

VINATEA may modify these privacy policies in order to adapt them to any modifications that may occur on our website, as well as any legislative or jurisprudential modifications on personal data that may appear, which is why you are required to read them every time you provide us with your data through this website.