PRIVACY POLICY
To ensure information transparency and easy understanding, DITALY FRANCHISES, S.L. presents its privacy policy in two phases (a multi-level or double-layered representation). With this system, we provide visitors and users with concise and summarized information regarding data processing in the first layer. If further details are required, a more extensive second layer is available via the link: “+ More Information”, where different aspects of data processing by DITALY FRANCHISES, S.L. are explained. | ||
Summary
| First Layer | Second Layer (Link) |
| Data Controller | Only the necessary, adequate, and relevant data for each purpose is processed. | + information |
| Purpose | The purpose of the data processing will be aligned with the activities of DITALY FRANCHISES, S.L., primarily for: Providing restaurant and food delivery services | + information |
| Legal Basis | Data processing is carried out in accordance with Article 6 of the GDPR. The user has given consent for the processing of their personal data for one or more specific purposes. | + information |
| Data Retention | Personal data will be retained for as long as necessary to fulfill its purpose and determine potential liabilities, in compliance with legal retention obligations (e.g., tax obligations). | + information |
| Data Sharing | In general, personal data will not be shared with third parties, except when legally required: Competent public administrations
| + information |
| User Rights | We recognize the rights of our visitors and users to: Access, rectify, delete, and transfer their data | + information |
| Additional Information | “This website uses first-party and third-party cookies to analyze web traffic, personalize content, and promote its services. For more details or to adjust settings, visit “Cookie Policy”. Our website may contain links to third-party websites, whose privacy policies differ from ours. Users can decide whether to accept their privacy and cookie policies when visiting those websites.”
| + COOKIE POLICY |
Data Controller
- Responsible Entity: Ditaly Franchises, S.L.
- CIF: B99471583
- Address: Plaza de España, 3, planta 5, Zaragoza, 50004, Zaragoza
- Phone: 976 794 675
- E-Mail: hola@ditaly.es
Purpose of Data Processing
- Providing services to current and potential customers
Outsourcing services to third parties (companies, freelancers, foundations, associations, etc.)
- Human Resources management
Externalización de servicios a terceros (Sociedades, autónomos, fundaciones, asociaciones…)
- DATA PROCESSING DETAILS
Human Resources Management
Employee record management
Working hours monitoring
Training programs
Pension plans
Occupational risk prevention
Payroll issuance and related financial activities
Union-related activities (if applicable)
- Video Surveillance
Ensuring the security of individuals, property, and facilities
Legal Basis for Processing
- GDPR Article 6.1(a): The user has given consent for data processing.
- GDPR Article 6.1(b): Processing is necessary for a contract’s execution or pre-contractual measures.
- GDPR Article 6.1(c): Processing is required to comply with a legal obligation.
Data Protection Laws: - General Data Protection Regulation (GDPR)
- Spain’s Organic Law 3/2018 on Personal Data Protection
- Law 34/2002 on Information Society and E-Commerce (LSSI) – Applicable to messaging, social media, and online sales
Who Are the Data Subjects?
- Current and potential customers and users
- Professionals and business partners
- Employees and job applicants
- Individuals visiting company premises
Types of Personal Data Processed
Identification details: Name, surname, tax ID (NIF), postal address, phone, email, website
Additional personal data: Marital status, date & place of birth, age, gender, nationality, voice, image, signature, fingerprint, iris scan, etc.
Banking information
Commercial information
Purchase records (goods & services)
Who Receives the Data?
Personal data may be shared with:
- Public Administrations (e.g., Tax Agency, Social Security)
- Judicial Authorities (Courts, if applicable)
- Financial institutions (Banks)
- Business partners
International Data Transfers
No international data transfers are planned.
Data Retention Period
Data will be stored only as long as necessary to fulfill its intended purpose, including legal compliance and liability determination.
SECURITY MEASURES
In compliance with Article 32 of the GDPR, DITALY FRANCHISES, S.L. will ensure:
Confidentiality, integrity, availability, and resilience of its data processing systems.
Security levels proportional to data processing risks.
EXERCISING YOUR DATA RIGHTS
“We recognize your rights to:
Access, rectify, delete, and transfer your data
Restrict or object to processing
You may exercise your rights by contacting:
📩 Email: administracion@lamafia.com
For more details, visit the Spanish Data Protection Agency (AEPD)
website:🔗 Exercising Data Rights
FILING A COMPLAINT WITH THE AEPD
If you believe your data rights are not being respected, you may file a complaint with the Spanish Data Protection Agency AEPD.
© “DITALY FRANCHISES, S.L.
📍 Plaza de España, 3, Floor 5, 50004, Zaragoza, Spain”
[1] La Commission nationale de l’informatique et des libertés: https://www.cnil.fr/fr/donnees-personnelles
[2] La Agencia Española de Protección de datos: https://www.aepd.es/es/politica-de-privacidad-y-aviso-legal
[3] Gobierno de Aragón: https://www.aragon.es/-/politica-de-privacidad
