Privacy policy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and with Spanish Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD), the User is informed of the following matters relating to the processing of their personal data.

1. Data controller

Identity: [DATO CLIENTE: Giancarlo Milano (sole trader)]

Tax ID (NIF / CIF): [DATO CLIENTE: X2158687E]

Postal address: Carrer l'Hort, 13, 03580 Alfaz del Pí, Alicante

Email: info@giarestaurante.com

Telephone: +34 604 40 33 84

2. Data processed and source

The website does NOT contain any forms for collecting personal data. Table bookings are made solely via WhatsApp, telephone call or in person at the restaurant.

The personal data we process come from:

• WhatsApp / phone conversations: name, phone number, date and time of the booking, number of guests, allergies or preferences voluntarily disclosed.
• Technical and analytics cookies of the website (see Cookie Policy).
• Public reviews on third-party platforms (Google, Tripadvisor, Facebook, Instagram) where the User has voluntarily consented to take part under the terms of each platform.

3. Purpose of processing

• Manage the requested table booking.
• Communicate booking confirmations, cancellations or changes to the customer.
• Address voluntarily disclosed allergies, intolerances and dietary preferences.
• Respond to enquiries, suggestions and complaints received through the available channels.
• Comply with the legal obligations applicable to the catering sector (EU Regulation 1169/2011 on allergens, health and tax legislation).

4. Legal basis for processing

Processing is based on (i) the performance of the booking requested by the User (Art. 6.1.b GDPR), (ii) compliance with legal obligations (Art. 6.1.c GDPR) and (iii) the legitimate interest of the controller in maintaining commercial contact with its customers (Art. 6.1.f GDPR).

5. Retention period

Data linked to the booking will be retained only for the time strictly necessary to manage it and, thereafter, for the periods legally required to address civil, commercial or tax liabilities (generally up to 4 years under the Spanish General Tax Act).

6. Recipients of the data

Data will not be shared with third parties save where required by law. The site’s technology providers (Vercel, Google Analytics if enabled) act as data processors with the safeguards set out in the GDPR.

WhatsApp Business (Meta Platforms Ireland) processes the messages the User voluntarily sends to make a booking or enquiry — the User should consult WhatsApp’s privacy policy to learn how Meta processes such data.

7. User rights

The User is granted the following rights:

• Access to their personal data.
• Rectification of inaccurate data.
• Erasure ("right to be forgotten").
• Restriction of processing.
• Portability of the data.
• Objection to processing.
• Not to be subject to automated decisions (not applicable on this site — we do not carry out automated profiling).

The User may exercise these rights by sending a written request to info@giarestaurante.com together with a copy of their national ID or equivalent document.

The User also has the right to lodge a complaint with the Spanish Data Protection Agency (AEPD, www.aepd.es) where they consider that the processing of their data does not comply with the regulation.

8. Data security

The controller implements appropriate technical and organisational measures to ensure the security of personal data and prevent its alteration, loss, unauthorised processing or access.

9. Changes to this privacy policy

The controller reserves the right to amend this policy in order to adapt it to legislative or case-law developments. The date shown in the header reflects the latest version published.