WEBSITE PRIVACY POLICY

https://crepes-du-monde.com/

I. PRIVACY AND DATA PROTECTION POLICY

In accordance with the provisions of current legislation, Crêpes Du Monde (hereinafter also referred to as the ‘Website’) undertakes to implement the necessary technical and organisational measures, in accordance with the level of security appropriate to the risk associated with the data collected.

Laws incorporated in this privacy policy This privacy policy is adapted to current Spanish and European legislation on the protection of personal data on the Internet. Specifically, it respects the following rules:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
Royal Decree 1720/2007, of 21 December, approving the Regulation implementing Organic Law 15/1999, of 13 December, on the Protection of Personal Data (RDLOPD).
Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the controller processing the personal data The data controller for the personal data collected at Crêpes Du Monde is: RILOULI Ltd., equipped Tax Identification Number: B16998544 and is registered in the Girona Commercial Register with the following details: Volume 3353, Book 0, Folio 21, Section, Page GI-69156, whose representative is: Oliver Markus (hereinafter, the Data Controller). Its The contact details are as follows:

Address: Avinguda s’90 Agaró, Shop 10, Platja d’Aro, Spain
Contact number: +34 972 97 30 41
Contact email: info@crepes-du-monde.com

Register of Personal Data In accordance with the provisions of the GDPR and the LOPD-GDD, We would like to inform you that the personal data collected by Crêpes Du Monde, using the forms spread across its pages will remain inwill be included and processed in our database in order to facilitate, agito implement and fulfil the commitments agreed between Crêpes Du Monde and the User or the maintenance of the relationshipthe information provided in the forms you complete, or to respond to a request or enquiry from theism. Furthermore, in accordance with the In accordance with the GDPR and the LOPD-GDD, unless the exception provided for in Article 30(5) of the GDPR applies, a record of processing activities is maintained which specifies, according to their purposes, the processing activities carried out and the other circumstances set out in the GDPR.

Principles applicable to the processing of personal data The processing of the User's personal data shall be subject to the following principles set out in article 5 of the RGPD and in article 4 et seq. of Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights:

Principle of lawfulness, fairness and transparency: The User’s consent must be obtained at all times, following the provision of fully transparent information regarding the purposes for which personal data is collected.
Principle of limitation of the purpose: Personal data will be collected for specific, explicit and legitimate purposes.
Principle of data minimisation: The personal data collected will be usedonly thosestrictly necessary in relation to the purposes for which they are processed.
Beginning ofand accuracy: Personal data must be accurate and kept up to dateupdated.
The principle of time limitation conservation: Personal data will only be retained in a form that allows the User to be identified for as long as is necessarynecessary for the purposes of processing.
PrincipleIntegrity and confidentiality: Personal data will be processed in such a way as to ensure its securitysecurity and confidentiality.
Principle of proactive responsibility: the data controlleror will be responsibleIt is essential to ensure that the above principles are upheld.

Categories of personal data Data categoriesthose covered in Crêpes Du Monde These are merely identifying details. Under no circumstances will they be processedspecific categoriespersonal data controllers within the meaning of Article 9 of the GDPR.

Legal basis for the processing of personal data The legal basis for the processing of personal dataThat is consent. Crêpes Du Monde is eatenundertakes to obtain the User’s express and verifiable consent to the processing of their personal data for one or more specific purposes. The User shall be entitled to withdraw their consent at any time. Withdrawing consent will be as easy asnsentimiI also know how to do it. As a general rule, withdrawing consent will not affect your use of the Website. On the occasions when the Users must or may provide their details via formsto be carried outIf you wish to contact us, request information or for reasons relating to the content of the Website, you will be informed if any of these fields are mandatory as these are essential for the proper conduct of the operation in question.

Purposes of the processing for which the personal data are used Personal data is collected and processed by Crêpes Du Monde in order to facilitate, streamline and fulfil the commitments agreed between the Website and the User, or to maintain the relationship established in the forms that the latter completes, or to respond to a request or enquiry. Similarly, the data may be used for commercial purposes relating to personalisation, operations and statisticsand activities falling within the scope of the company’s corporate purpose Crêpes Du Monde, as well asfor the purposes of data extraction, storage and marketing research, in order to tailor the Content offered to the User, as well as to improve the quality, performance and navigation of the Website. The moment itand obtainlet themWith regard to personal data, the User will be informed of the specific purpose or purposes for which the personal data will be processed; in other words, the use or uses to which the information collected will be put.

Retention periods for personal data The dataPersonal data will only be retained for the minimum time necessary for the purposes of its processing and, in any event, only for as long asthe following period: 12 months, or until the User requests its deletion. At the time the personal data is collected, the User will be informed of the period for which the personal data will be retained or, where this is not possible, the criteria used to to determine this timeframe.

Recipients of personal data The User’s personal data will not be shared with tthird parties. In any case, in At the time the personal data is collected, the User will be informed of the recipients or categories of recipients of the personal data.

Personal data of minors In accordance with Article 8 of the GDPR and Article 7 of Organic Law 3/2018 of 5 December on Data ProtectionPersonal data and the protection of digital rightsIn such cases, only those aged 14 or over may give their consentconsent to the lawful processing of your personal data by Crêpes Du Monde. If the person is under 14 years of age, consent will be requiredthe consent of the parents or guardians for the treatment, and this is only consideredwill be lawful to the extent that they have authorised it.

Secrecy and security of personal data Crêpes Du Monde undertakes to implement the necessary technical and organisational measures, in accordance with the level of security appropriate to the risk associated with the data collectedgone, so as to ensure the safety of personal data and to prevent the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorised disclosure of or access to suchthe data. The cuen websiteIt uses an SSL (Secure Sockets Layer) certificate, which ensures that personal data is transmitted securelysecure and confidential, as data transmission between the server and the user, and vice versa, is fully encrypted. However, because Crêpes Du Monde cannot guarantee impregnability the internet or the absence In the event of any unauthorised access to personal data by hackers or others, the Data Controller undertakes to notify the User without undue delay should a breach occurthe security of personal data that is likely to result in a a high risk to the rights and freedoms of natural persons. In accordance with Article 4 of the GDPR, a personal data breach is defined as any breach of security leading to the accidental destruction, loss or alteration ofunauthorised or unlawful processing of personal datatransmitted, stored or processed in any other way, or unauthorised disclosure of or access to such data. Personal data will be processed in accordance withwhich are treated as confidential by the data controller,The Company undertakes to ensure, through a legal or contractual obligation, that such confidentiality is respected by its employees, partners and any person to whom it disclosesmake the information accessible.

Rights relating to data processing personal data The User has the right to Crêpes Du Monde and may therefore exercise the following rights, as recognised in the GDPR and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights, vis-à-vis the data controller:

Fromright of access: The User has the right to obtain confirmation as to whether Crêpes Du Monde whether or not it is processing your personal data and, if so, to obtain informationrinformation regarding your specific personal data and the processing of that data Crêpes Du Monde has done or does, as well as, amongst other things, the information available regarding the origin of such data and the recipients of the communications made or planned by them.
Rightor correction: It is the User’s right to have this amendedany of their personal data that turns out to be inaccurate or, having regard to the purposes of the processing, incomplete.
Right of erasure («the right to be forgotten»): It is the user's rightthe User has the right, unless otherwise provided for by applicable law, to have their personal data erased where such data is no longer necessary for the purposes for which it was collected or processed; the User has withdrawn their consent to the processing and there is no other legal basis for it; the User objects to the processing and there is no other legitimate reason to continue with it; the personal data has been processed unlawfully; the personal data must be erased in compliance with a legal obligation; or the personal data has been obtained as a result of a direct offer of information society services to a child under the age of 14. In addition to erasureWhen transferring the data, the data controller must, taking into account the available technology and the cost of implementation, take reasonable steps to inform the processors who are processing the datapersonal details provided in the data subject’s requestthe removal of any link to that personal data.
Right to restriction of processing: It is the User’s right to restrict the processing of their personal data. The User has the right to obtainto have the processing restricted where you contest the accuracy of your personal data; the processing is unlawful; the controllerthe data controller no longer requires the personal data, but the User needs it to make a claim; and when the The user has objected to the processing.
Right to data portability: In the event that the ttreatment if this is carried out by automated means, the User shall be entitled to receive from the Data Controller their personal data in a structured, commonly used and machine-readable format, and to transmit it to another controllerdata controller. Where technically feasible, the data controller shall transmit the data directly to that other data controller.
Right to object: It is the User’s right not to have their data processedor the processing of your personal data or that it be stoppedtheir processing by Crêpes Le Monde.
The right not to be subject to a decision based solely on automated processing, including profiling from theProfiles: It's the dThe user’s right not to be subject to a decision based solely on the automated processing of their personal data, including profilingprofiles, existing except unless otherwise provided for by current legislation.

Users may therefore exercise their rights by sending a written request toto the Data Controller, quoting the reference «GDPR-https://crepes-du-monde.com/», specifying:

User's first name, surname(s) and a copy of their ID card. In lcases in which it is permittedIn addition to the representation, identification will also be required by the same person acting on behalf of the User, together with the document proving such representation. A photocopy of your National Identity Card may be replaced by any other legally valid form of identification.
Request for the specific reasonsdetails of the request or the information to which you wish to have access.
Address for the purpose of notifications.
Date and signature of the applicant.
Any document supporting the request you are making.

This application and any other attached documents may be sent to thethe following address and/or email address:

Postal address: 90 Avinguda s’Agaró, Unit 10, Platja d’Aro, Spain
Email: info@crepes-du-monde.com

Links to third party websites The Website may contain hyperlinks or links that provide access to pageswebsites operated by third parties other than Crêpes Du Monde, and are therefore not operated by Crêpes Du Monde. The owners of these websites will have their own data protection policies and will, in each case, be responsible for their own data files and privacy practices.

Complaints to the supervisory authority If the User believes that there is a problem or a breach of the ncurrent legislation regarding the way in which your personal data is being processed, you shall have the right to an effective judicial remedy and to lodge a complaint with a supervisory authority, in particular in the country where you have your habitual residence, place of work or where the alleged infringement occurred. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Users must have read and agreed to the terms and conditions regarding the protection of personal data set out in this Privacy Policy, and must also accept the termsconsent to the processing of your personal data so that the data controller may proceed in the manner, within the timeframes and for the purposes specified. Use of the Website shall imply acceptancein accordance with its Privacy Policy.

Crêpes Du Monde reserves the right to amend its Policy Privacy, at its own discretion, or howtriggered by a change in legislation, case law or the Spanish Data Protection Agency’s guidelines. Changes or updates to this Privacy Policy will not be notifiedexplicitly communicated to the User. The User is advised to check this page regularly to keep up to date with the latest changes or updatesorganisations.

This Policy The Privacy Policy has been updated to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights.

Name	Description	Expiry
tcc_consent	Cookie Consent Manager - Stores user consent	365 days
tcc_categories	Cookie Consent Manager - Stores accepted cookie categories	365 days

Name	Description	Expiry
cookiePreferences	Google - Records a user's cookie preferences	730 days
GA_OPT_OUT	Google - Cookies used for functionality allow users to interact with a service or site to access features that are fundamental to that service. Things considered fundamental to the service include preferences like the user's choice of language, product optimizations that help maintain and improve a service, and maintaining information relating to a user's session, such as the content of a shopping cart.	365 days
wd	Facebook - This cookie stores the browser window dimensions and is used by Facebook to optimise the rendering of the page.	0 days
presence	Facebook - The presence cookie is used to contain the user's chat state.	0 days

Name	Description	Expiry
td	Google - Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator.	0 days
_ga	Google - ID used to identify users	730 days
_gali	Google - Used by Google Analytics to determine which links on a page are being clicked	365 days
_ga_	Google - ID used to identify users	730 days
_gid	Google - ID used to identify users for 24 hours after last activity	365 days
_gat	Google - Used to monitor number of Google Analytics server requests when using Google Tag Manager	365 days
_dc_gtm_	Google - Used to monitor number of Google Analytics server requests	365 days
AMP_TOKEN	Google - Contains a token code that is used to read out a Client ID from the AMP Client ID Service. By matching this ID with that of Google Analytics, users can be matched when switching between AMP content and non-AMP content. Reference: https://support.google.com/analytics/answer/7486764?hl=en	10950 days
_gat_gtag_	Google - Used to set and get tracking data	365 days
__utma	Google - ID used to identify users and sessions	730 days
__utmt	Google - Used to monitor number of Google Analytics server requests	365 days
__utmb	Google - Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server.	365 days
__utmc	Google - Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session.	0 days
__utmz	Google - Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Analytics server.	180 days
__utmv	Google - Contains custom information set by the web developer via the _setCustomVar method in Google Analytics. This cookie is updated every time new data is sent to the Google Analytics server.	730 days
__utmx	Google - Used to determine whether a user is included in an A / B or Multivariate test.	540 days
__utmxx	Google - Used to determine when the A / B or Multivariate test in which the user participates ends.	540 days
FPID	Google - Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator.	0 days
FPLC	Google - This FPLC cookie is the cross-domain linker cookie hashed from the FPID cookie. It's not HttpOnly, which means it can be read with JavaScript. It has a relatively short lifetime, just 20 hours.	0 days

Name	Description	Expiry
_gac_	Google - Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.	90 days
FPAU	Google - Assigns a specific ID to the visitor. This allows the website to determine the number of specific user-visits for analysis and statistics.	0 days
lu	Facebook - Used to record whether the person chose to remain logged in Contents: User ID and miscellaneous log in information (e.g., number of logins per account, state of the "remember me" check box, etc.)	730 days
xs	Facebook - Used in conjunction with the c_user cookie to authenticate your identity to Facebook. Contents: Session ID, creation time, authentication value, secure session state, caching group ID	90 days
c_user	Facebook - Used in conjunction with the xs cookie to authenticate your identity to Facebook. Contents: User ID	90 days
m_user	Facebook - Used to authenticate your identity on Facebook's mobile website. Contents: Email, User ID, authentication value, version, user agent capability, creation time, Facebook version indicator	90 days
pl	Facebook - Used to record that a device or browser logged in via Facebook platform. Contents: Y/N	90 days
dbln	Facebook - Used to enable device-based logins Contents: Login authentication values	730 days
aks	Facebook - Determines the login state of a person visiting accountkit.com Contents: Account kit access token	30 days
aksb	Facebook - Authenticates logins using Account Kit Contents: Request time value	365 days
sfau	Facebook - Optimizes recovery flow after failed login attempts Contents: Encrypted user ID, contact point, time stamp, and other login information	1 days
ick	Facebook - Stores an encryption key used to encrypt cookies	730 days
csm	Facebook - Insecure indicator	90 days
s	Facebook - Facebook browser identification, authentication, marketing, and other Facebook-specific function cookies.	90 days
datr	Facebook - Used to prevent creation of fake / spammy accounts. Datr cookie is associated with a browser, not individual people.	730 days
sb	Facebook - Facebook browser identification, authentication, marketing, and other Facebook-specific function cookies.	730 days
fr	Facebook - Contains a unique browser and user ID, used for targeted advertising.	90 days
oo	Facebook - Ad optout cookie	1825 days
ddid	Facebook - Used to open a specific location in an advertiser's app upon installation	28 days
locale	Facebook - This cookie contains the display locale of the last logged in user on this browser. This cookie appears to only be set after the user logs out. The locale cookie has a lifetime of one week.	7 days
_fbp	Facebook - Used by Facebook to deliver a range of advertising products, such as real-time bidding from third-party advertisers	120 days
_fbc	Facebook - Used by Facebook to deliver a range of advertising products, such as real-time bidding from third-party advertisers	730 days
js_see	Facebook - Records the age of Facebook javascript files.	7 days
rc	Facebook - Used to optimise site performance for advertisers	7 days
campaign_click_url	Facebook - Records the Facebook URL that an individual landed on after clicking on an ad promoting Facebook	30 days
usida	Facebook - Collects a combination of the user's browser and unique identifier, used to tailor advertising to users.	0 days

WEBSITE PRIVACY POLICY

https://crepes-du-monde.com/

I. PRIVACY AND DATA PROTECTION POLICY

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

We value your privacy

Check your email