Privacy Policy
Last updated: June 1, 2026
This Privacy Policy explains how personal data is collected and processed through the website https://privatechefcostabrava.com, in accordance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on the protection of personal data and the guarantee of digital rights (LOPDGDD). Last updated: 1 June 2026.
Data controller
The data controller for the personal data processed through this website is: Lara Petrella, tax identification number Y2485188Y, address Carrer del Puig 5, 17246 Santa Cristina d'Aro (Girona), email lara@privatechefcostabrava.com.
For any question regarding this Privacy Policy or the processing of your personal data, you may contact the controller at the email address indicated above.
What data we collect
When you contact us through the enquiry form, we collect the data you provide: first name, last name, email address, phone number, event date, number of guests, location and the content of your message. The fields needed to respond to your enquiry are required; the remainder are optional.
We may also collect technical data automatically, such as your IP address, browser type, device information and the pages you visit, generated when you browse the website. This data is used to operate, secure and improve the website.
Purposes and legal basis
We process your data to manage your enquiry, respond to your questions and provide you with a quote or proposal for our services. The legal basis is the performance of a contract or the taking of steps at your request prior to entering into a contract (Article 6(1)(b) GDPR).
Where we use optional cookies or similar technologies that are not strictly necessary, the legal basis is your consent (Article 6(1)(a) GDPR), which you may give or withhold and may withdraw at any time. Technical data needed to operate and secure the website is processed on the basis of our legitimate interest (Article 6(1)(f) GDPR).
Data retention
We keep your personal data only for as long as necessary to fulfil the purposes for which it was collected, in particular to handle your enquiry and any resulting service. Once those purposes have been fulfilled, your data will be deleted or kept blocked only for the period and to the extent required to meet legal obligations, after which it will be securely deleted.
Recipients of the data
We do not sell your personal data and we do not share it for purposes unrelated to your enquiry. Your data may be accessed by service providers acting as processors who help us operate the service, such as website hosting and email providers. These providers process the data only on our instructions and under a contract that requires them to protect it.
International transfers
As a general rule, your data is processed within the European Economic Area. If any provider processes data outside this area, we will ensure that the transfer is covered by an appropriate safeguard recognised by the GDPR, such as an adequacy decision of the European Commission or standard contractual clauses. The operator must verify and complete the details of any such transfer.
Your rights
Under the GDPR you have the right to access your personal data, to request its rectification or erasure, to obtain the restriction of its processing, to object to its processing and to data portability. Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before the withdrawal.
To exercise these rights, you may send a request to lara@privatechefcostabrava.com, indicating the right you wish to exercise. We may ask you to confirm your identity in order to process your request.
Right to lodge a complaint
If you consider that the processing of your personal data does not comply with the applicable rules, you have the right to lodge a complaint with the competent supervisory authority. In Spain this authority is the Spanish Data Protection Agency (AEPD), www.aepd.es.
Security
We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, loss or disclosure, taking into account the nature of the data and the risks of the processing. No method of transmission over the internet is, however, entirely secure.
Changes to this policy
We may update this Privacy Policy to reflect changes in our practices or in the applicable law. The current version, with its update date, will always be available on this website. We recommend that you review it periodically.
