Greek Irini (“we”, “us”, or “our”), located at Weimarstraat 174, 2562 HD, The Hague, Netherlands, is committed to protecting the privacy and personal data of our customers and website visitors. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR, EU Regulation 2016/679) and the Dutch Implementation Act (Uitvoeringswet AVG, UAVG).
Data Controller: Greek Irini
Address: Weimarstraat 174, 2562 HD, The Hague, Netherlands
Email: info@greekirini.nl
Phone: +31 (0)70 123 4567
KvK: [KvK Number]
We may collect and process the following personal data:
• Identity data: full name
• Contact data: email address, telephone number, delivery address
• Order data: order history, product preferences, order amounts
• Reservation data: name, email, phone number, date, time, party size, special requests
• Communication data: messages, complaints, and feedback you send to us
• Technical data: IP address, browser type and version, device information, cookies, and browsing behavior on our website
We process your personal data for the following purposes and on the following legal bases:
Order Processing — To process and deliver your orders, communicate about order status, and handle payments. Legal basis: Performance of a contract (Article 6(1)(b) GDPR).
Reservations — To manage table reservations and communicate relevant details. Legal basis: Performance of a contract (Article 6(1)(b) GDPR).
Customer Service — To respond to your inquiries, complaints, and requests. Legal basis: Legitimate interest (Article 6(1)(f) GDPR).
Legal Obligations — To comply with legal and tax obligations, including the retention of financial records. Legal basis: Legal obligation (Article 6(1)(c) GDPR).
Website Analytics — To analyze website usage and improve our services. Legal basis: Legitimate interest or consent (Article 6(1)(a) or (f) GDPR), depending on the type of cookies used.
Marketing (if applicable) — To send you promotional offers and newsletters, only with your explicit consent. Legal basis: Consent (Article 6(1)(a) GDPR). You may withdraw your consent at any time.
Our website uses cookies to ensure proper functionality and to improve your browsing experience. We distinguish between the following types of cookies:
• Strictly necessary cookies: Required for the website to function (e.g., shopping cart, session management). These do not require consent.
• Analytical cookies: Used to understand how visitors use our website (e.g., Google Analytics). These are placed only with your consent.
• Marketing cookies: Used to deliver relevant advertisements. These are placed only with your consent.
You can manage your cookie preferences through the cookie banner displayed on your first visit to our website, or by adjusting your browser settings.
We do not sell your personal data to third parties. We may share your data with the following categories of recipients, only to the extent necessary:
• Delivery partners: To fulfill delivery orders (name, address, phone number).
• IT and hosting providers: For website hosting and maintenance (e.g., server providers, WordPress hosting).
• Analytics providers: For website analytics (e.g., Google Analytics), in anonymized or pseudonymized form where possible.
• Tax and legal authorities: When required by law.
All third-party processors are bound by data processing agreements in accordance with Article 28 GDPR.
Your personal data is primarily stored within the European Economic Area (EEA). If data is transferred outside the EEA (e.g., to US-based service providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or an adequacy decision.
We retain your personal data only for as long as necessary for the purposes for which it was collected:
• Order data: 7 years (Dutch tax retention obligation).
• Reservation data: 6 months after the reservation date.
• Customer service communications: 2 years.
• Marketing consent records: Until consent is withdrawn.
• Website analytics data: 26 months (Google Analytics default).
After the retention period expires, data is securely deleted or anonymized.
Under the GDPR, you have the following rights regarding your personal data:
• Right of access: You may request a copy of the personal data we hold about you.
• Right to rectification: You may request correction of inaccurate or incomplete data.
• Right to erasure: You may request deletion of your data, subject to legal retention obligations.
• Right to restriction: You may request that we limit the processing of your data.
• Right to data portability: You may request your data in a structured, machine-readable format.
• Right to object: You may object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at info@greekirini.nl. We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at www.autoriteitpersoonsgegevens.nl.
We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or destruction. These measures include SSL encryption on our website, secure hosting environments, access controls, and regular security reviews.
Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.
We may update this Privacy Policy from time to time. The most current version will always be available on our website with the date of the last update. We encourage you to review this policy periodically.