Privacy Policy

1. Data Controller

2. Purposes and Legal Basis

• Table reservations and catering services — Art. 6(1)(b) GDPR (contract performance).
• Responses to inquiries — Art. 6(1)(f) GDPR (legitimate interest).
• Accounting / invoices — Art. 6(1)(c) GDPR (legal obligation).
• Defense against claims — Art. 6(1)(f) GDPR.

3. Data Recipients

• FormSubmit (USA) — reservation form processor.
• GoDaddy (USA / EU servers) — web hosting.
• Google Ireland Ltd / Google LLC — Google Maps and Fonts (after consent).
• Accounting firm and government authorities where required by law.

4. Transfers Outside EEA

Some services involve data transfer to the United States. Such transfers are based on the EU-US Data Privacy Framework adequacy decision (10 July 2023) and/or Standard Contractual Clauses (Regulation 2021/914).

5. Retention Periods

• Reservation form data — up to 30 days after reservation.
• Email correspondence — duration of correspondence + 12 months.
• Invoices / accounting — 5 years (Polish Tax Ordinance).
• Server logs — up to 12 months.

6. Your Rights (GDPR Articles 15–22)

• Right of access, rectification, erasure ("right to be forgotten").
• Right to restriction, data portability, objection.
• Right to withdraw consent at any time.
• Right to lodge a complaint with the Polish Data Protection Authority (UODO, uodo.gov.pl).

To exercise your rights, contact us at restauracjaemilio@gmail.com. We respond within 30 days.

7. Cookies

Our website uses cookies. See our Cookie Policy (in Polish) or open Cookie settings.

8. Authoritative version

This is a summary in English for international guests. The legally authoritative version is the Polish original at polityka-prywatnosci. In case of discrepancies between language versions, the Polish version prevails.