Privacy Policy

Last updated: December 2024

Introduction

compreasre B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website, make reservations, or use our services. We are the Data Controller for the personal data we process.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws in the Netherlands and European Union.

Data Collection

The data we collect includes personal information such as your name, email address, phone number, reservation preferences, dietary requirements, and special occasion details when you make bookings or contact us. We also collect technical information about your device and browsing behaviour when you visit our website.

We collect information directly from you when you:

  • Make a reservation through our website or by phone
  • Contact us via email or contact forms
  • Subscribe to our newsletter or marketing communications
  • Visit our restaurant and provide information for your dining experience
  • Participate in surveys or feedback requests

We may also collect information automatically through cookies and similar technologies when you use our website, including your IP address, browser type, pages visited, and time spent on our site.

How We Use Your Information

We explain how we use your information to provide and improve our services, communicate with you, and ensure the best possible dining experience at compreasre. Our use of your data is based on legitimate legal grounds under GDPR.

We use your personal information for the following purposes:

  • Service Provision: To process and manage your reservations, accommodate special requests, and provide dining services
  • Communication: To confirm bookings, send updates about your reservation, and respond to your enquiries
  • Customer Service: To address any concerns, handle complaints, and improve our service quality
  • Marketing: To send promotional materials and updates about compreasre (with your consent)
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Business Operations: To analyse trends, improve our website, and enhance our services

The Legal Basis for processing your data includes contract performance, legitimate interests, legal obligations, and your consent where required.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website, processing payments, or delivering services
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Protection: To protect our rights, property, or safety, or that of our customers or others
  • Business Transfers: In connection with a merger, acquisition, or sale of business assets

All third parties we work with are required to maintain appropriate security measures and use your data only for the specified purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific retention periods include:

  • Reservation Data: Retained for 2 years after your last visit for customer service and marketing purposes
  • Financial Records: Retained for 7 years as required by Dutch tax law
  • Marketing Consent: Until you withdraw consent or 3 years of inactivity
  • Website Analytics: Anonymised after 26 months

After the retention period expires, we will securely delete or anonymise your personal data.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us using the information provided in the Contact section below. We will respond to your request within 30 days.

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection and security
  • Secure backup and recovery procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to using industry-standard security practices.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

You can manage your cookie preferences through your browser settings or our cookie consent tool available on our website.

International Data Transfers

Your personal data is primarily processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules or certification schemes

We will inform you if your data is transferred outside the EU and the safeguards we have implemented.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us using the following contact information:

compreasre B.V.

Data Protection Officer

Hoofdstraat 250

3564 LR Utrecht

Netherlands

Email: privacy@compreasre.top

Phone: +31 709619508

Business Registration: N63202536

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law.