Privacy statement

Privacy Statement for Customers

This privacy statement applies to the processing of personal data of customers who place an order on one of Bella & Bona's platforms. The data controller for processing these personal data is Bella & Bona GmbH (hereinafter referred to as “Belladonna.com”). Bellabona.com is responsible for the processing of your personal data and takes your privacy seriously. Bellabona.com therefore adheres to the requirements of the General Data Protection Regulation (GDPR) when processing personal data.

What personal data we process and why

Bellabona.com processes your personal data because you use our services. We use the following personal data for the following purposes.

1. Ordering process

We process the personal data you provide to us when you place your order. These personal data are needed to execute your order, confirm your order, and to assess your order, payment, and a possible refund. The legal basis for this processing of personal data is that it is needed for the performance of a contract as defined in the GDPR. We process the following personal data in the ordering process:

  • Name
  • Address details
  • Contact details
  • Order
  • Payment details
  • Comments (if applicable)

    2. Customer Services

    When you contact our customer services department, we will use the personal data you provide to answer your question or handle your complaint. The legal basis for this processing of personal data is that it is needed for the performance of a contract as defined in the GDPR. We process the following personal data for customer service purposes:

    • Name
    • Address details (if applicable)
    • Contact details
    • Payment details (if applicable)
    • Comments (if applicable)

    3. Customer satisfaction surveys

    To make sure that our services are aligned with your preferences, any personal data you provide to our customer services department may be used for things such as customer satisfaction surveys. The legal basis for this processing operation is that it is needed in pursuing a legitimate interest of Bellabona.com (customer satisfaction) as defined in the GDPR. This concerns the same personal data as listed under no. 2.

    4. Marketing messages

    We also process your personal data to be able to send you (personalised) marketing messages and notifications. Such messages include the latest news, discounts, and updates about new dishes (by email or push notification), and loyalty schemes, regardless of the format we use to share these kinds of messages (including email or push messages). The legal basis for this processing of personal data, as defined in the GDPR, is that you have consented to it when you placed an order. Whenever you want to change your preferences with respect to receiving such messages and notifications, you can unsubscribe using the link in the message in question.

    We process the following personal data for marketing purposes:

    • Name
    • Contact details
    • Postcode

    5. Cookies

    And finally, we also process personal data that you submit to us indirectly. Bellabona.com uses cookies for functional, analytical, and marketing purposes. The functional cookies are necessary for the use of the website. Cookies collect the following personal data:

    • Location details
    • IP address or app IDs
    • Internet browser and device type
    • Website language

    Please refer to our Cookie Statement for further details about cookies.

    6. Fraud prevention

    We process some of the above personal data also to prevent fraud and other forms of misuse. The legal basis for this processing operation is that it is needed in pursuing a legitimate interest of Bellabona.com (fraud prevention) as defined in the GDPR.

    7. Analysis

    We also use your personal data to be able to meet our reporting obligations towards advertisers and to be able to improve our website and our range of products and services. The legal basis for this processing operation is that it is needed in pursuing a legitimate interest of Bellabona.com (analysis & reporting) as defined in the GDPR. We will always make sure the reports do not contain any data that can be traced back to you.

    Age

    Our website is neither intended for persons aged under 16, and nor do we intend to collect personal data of website visitors who are aged under 16. However, we are unable to verify visitors’ age. We therefore advise parents to monitor their children's online activities, so as to prevent their personal data being collected without parental consent. If you feel that we have collected personal data of a minor without consent, please contact us on tech@bellabona.com. We will then proceed to erase these data.

    Automated decision-making and profiling

    In the performance of the contract with you and to improve our platform, Bellabona.com uses automated decision-making and profiling. We use your postcode and/or location details, for example, to assign delivery experts. And Bellabona.com uses automated decision-making in complying with our legal obligations to prevent money laundering, terrorism financing, and other criminal offences.

    When such automated decision-making and/or profiling leads to a negative decision about you, and you do not agree with it, you can contact us on tech@bellabona.com. We will then proceed to reassess the situation. We would aside from that also like to hear from you if you have suggestions on how to improve these processes.

    How long we store personal data for

    Bellabona.com will not store your personal data for longer than is strictly necessary for the purposes for which your personal data were collected. We will only store your personal data for longer if we are required by law to do so. Bellabona.com erases most of your personal data 2 years after you placed your order. We use this 2-year term for administrative purposes and to be able to deal with possible questions and complaints about your order from you. We store personal data that we use for reporting, analytical, and misuse prevention purposes for up to 20 years after you placed your order. We are unable to remove your personal data from backups. But when performing a restore from a backup, we will erase the personal data right away.

     

    Sharing with others

    Bellabona.com will not sell your personal data to third parties, and we will only disclose them to third parties if necessary for the performance of our contract with you, for analytical and marketing purposes, or to comply with legal obligations.

    Your personal data may be shared with the following parties:

    Software providers Implementation partners Customer satisfaction survey firms Advertising platforms (e.g. Google and Facebook)

    If you have opted for your Personalized Cookie Package, we may share your personal data in pseudonymized form with third-party platforms such as Google or Facebook in order to create “Custom Audiences”. Based on these Custom Audiences, such platforms will show you personalized ads. You can always opt-out from these advertisements by switching to our Essential Cookie Package.

    Whenever we instruct third-party companies to process your personal data on our behalf, we will enter into a data processing agreement to guarantee the same level of protection and confidentiality of your personal data. Bellabona.com will then continue to have ultimate responsibility for such processing operations.

    Sharing with your employer

    If you use your allowance with your order, Bellabona.com shares personal data (email address and details about your order and allowance) with your employer for performing our contract with your employer. Bellabona.com and your employer have a separate responsibility with respect to the processing of your personal data. If you have questions about how your personal data is handled, you should contact both Bellabona.com and your employer.

    Third-party websites

    Our website may include links to third-party websites. When accessing such third-party websites, bear in mind that each of these websites has its own privacy statement. Although Bellabona.com takes great care in selecting websites to link to, we cannot assume responsibility for the way in which they handle your personal data.

    Personal data access, rectification, and erasure

    You have the right to access all personal data we collect about you, as well as to request that we rectify or erase your personal data. If you feel that we are processing your personal data without a valid legal basis or that we are processing personal data that are not relevant for our selection process, please contact us. You can contact tech@bellabona.com. Bellabona.com will respond to your request as soon as possible, and in any case no later than four weeks after receiving your request.

    Tips, questions, and complaints

    If you have any other questions or complaints about the processing of your personal data, we will be happy to talk to you. And we would also like to hear from you if you have tips or suggestions on how to improve our privacy policy.

    Security

    Bellabona.com takes personal data protection very seriously and we therefore take appropriate measures to protect your personal data against misuse, loss, unauthorised access, unwanted disclosure, and unauthorised alteration. If you feel that your personal data are not adequately protected or there are indications of misuse, please contact us on: tech@bellabona.com.

    Data Protection Authority

    Besides the option of lodging a complaint with us, you have the right to lodge a complaint with the relevant supervisory authority for the protection of personal data. To do so, contact the supervisory authority directly.

    Contact details

    Head office address:

    Gotthardstraße 89
    Munchen 80689
    Email: tech@bellabona.com
    Tel: +49 151-54079664