Privacy Policy
1. Introduction
Osteria L’Antica (“we,” “our,” or “us”) is committed to protecting the privacy and personal data of all visitors and users of our website, available at osteriallantica.com. We recognize our responsibility to handle your information with care, transparency, and in accordance with applicable data protection legislation, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines the types of personal information we collect, how we use it, and your rights with respect to that data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through your interaction with osteriallantica.com, whether you are browsing our website, communicating with us, making a reservation, or utilizing any of our services. For the purposes of applicable data protection laws, Osteria L’Antica is the “data controller,” meaning we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Information collected about your interactions with the website, such as browser type, pages visited, IP address, device identifiers, access times, and referring URLs. This helps us monitor performance and enhance user experience.
b. Account Data
Information you voluntarily provide when creating an account or placing an order, including your name, email address, physical address, telephone number, and login credentials.
c. Profile Data
Data relating to your preferences, order history, restaurant visits, special occasions celebrated with us, feedback provided, and behavioral patterns on osteriallantica.com.
d. Communication Data
Includes all data exchanged when you reach out via contact forms, customer service inquiries, promotional messages, or feedback. This also comprises support tickets and details of our interactions with you.
e. Technical Data
Device type, operating system, browser settings, screen resolution, language preferences, and other configuration-related information collected through cookies or similar technologies.
f. Transaction Data
Details related to transactions on our platform, including your selected services, billing or delivery addresses, payment methods, card issuer details (excluding full card information stored), and order confirmations.
g. Preference Data
Your marketing and communication consents, dietary or service preferences, and interests related to our products, menus, or promotions.
4. Legal Bases for Processing
We process your personal data based on one or more of the following lawful bases:
– Legitimate Interests: To improve our website, monitor usage, ensure security, and maintain business operations without overriding your fundamental rights.
– Contractual Necessity: When data processing is required to fulfill a service contract, such as accepting a reservation or completing an order.
– Legal Obligation: Where processing is necessary to comply with applicable legal requirements.
– Consent: For activities such as sending promotional communications or using non-essential cookies. Where consent is the basis, you may withdraw it at any time.
5. Your Rights
Subject to applicable local laws, you have the following privacy rights over your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data in specific circumstances.
– Right to Restrict Processing: You may request us to limit processing of your data.
– Right to Data Portability: You can request your data be provided in a structured, machine-readable format or transferred to another provider.
– Right to Object: You may object to data processing conducted on the basis of legitimate interests.
– Right to Withdraw Consent: Where consent is the legal basis, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to protect your personal data. These security measures include SSL encryption during data transmission, secure firewalls, role-based access control, system monitoring, daily backups, and mandatory staff privacy training. While no system is entirely invulnerable, we strive to maintain a security posture consistent with industry standards and regulatory requirements.
7. International Transfers
Your personal data may be transferred to and processed in countries outside your jurisdiction. Where such transfers occur, we ensure that appropriate safeguards (such as EU-approved Standard Contractual Clauses or equivalent mechanisms) are in place to maintain an adequate level of data protection in accordance with GDPR standards. For CCPA-covered individuals, we do not sell your data or disclose it to unauthorized third parties.
8. Data Retention
We retain personal data only for as long as it is necessary to fulfill the purposes for which it was collected or as required by applicable laws. Examples include:
– Usage & Technical Data: Retained for up to 12 months for analytics and service optimization.
– Account & Profile Data: Retained for the duration of your account and a period of 2 years thereafter.
– Communication Data: Retained for 2 years post-resolution of inquiry or ticket.
– Transaction Data: Retained for 7 years for tax and audit compliance.
– Preference Data: Retained until you update your preferences or withdraw consent.
Upon expiration of the retention period, your data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on osteriallantica.com. These include:
– Essential Cookies: Required for basic functionality such as login, reservations, and secure browsing.
– Functional Cookies: Remember your settings and preferences for a customized experience.
– Analytics Cookies: Collect insights about website traffic, performance, and audience interaction using tools such as Google Analytics.
– Performance Cookies: Facilitate improved load speeds and efficient navigation.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to osteriallantica.com, a cookie banner allows you to selectively accept or decline non-essential cookies. Cookies may be managed at any time through browser settings or our dedicated cookie settings panel. Under GDPR and CCPA, you have the right to withdraw cookie consent at any time and to request the deletion or restriction of related personal data. We honor “Do Not Track” and “Global Privacy Control” preferences where technically feasible.
11. Special Protections for Children
osteriallantica.com is not directed to children under the age of 13, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently received data from a child without verified parental consent, we will delete such data as quickly as possible. Parents and guardians are encouraged to monitor their children’s online activity and notify us with any concerns at [email protected].
12. Policy Updates & User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal obligations, technology, or company practices. Updated policies will be posted on osteriallantica.com, and substantial changes may be communicated directly through email or website notifications, where appropriate. Continued use of our services constitutes acceptance of our amended terms.
13. Contact Us
For any questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, you may contact us at:
Email: [email protected]
We are committed to complying with all applicable privacy regulations, including GDPR and CCPA. If you believe that your privacy rights have been violated, or you have any unresolved concerns, please reach out to us—we are here to help.