Privacy

Privacy Policy

Last updated: December 2024

1. Data Controller

The Data Controller for personal data is:

Associazione Papalugia Via Giacomo Peroni 106 00131 Rome, Italy Email: legal@foodoso.com

2. What Data We Collect

We collect the following categories of personal data:

Data provided directly by the user:

  • Registration data: email address, name (if provided)
  • Authentication data: login credentials via email (magic link) or third-party providers (Google, Facebook)
  • Submitted content: restaurant suggestions, applications as Anonymous Taster
  • Communications: messages sent through our contact channels

Data collected automatically:

  • Browsing data: IP address, browser type, operating system, pages visited, date and time of access
  • Cookies and similar technologies: as described in the dedicated section

3. Purposes of Processing

We use personal data for the following purposes:

  • Service provision: account management, authentication, personalization of user experience
  • Communications: responding to requests, sending service-related notifications
  • Service improvement: aggregate statistical analysis, technical problem resolution
  • Security: prevention of fraud, abuse, and violations of terms of use
  • Legal obligations: compliance with legal requirements

4. Legal Basis for Processing

The processing of personal data is based on the following legal grounds under the GDPR:

  • Contract performance (Art. 6.1.b): for providing the requested service
  • Consent (Art. 6.1.a): for sending promotional communications, where applicable
  • Legitimate interest (Art. 6.1.f): for service security and statistical analysis
  • Legal obligation (Art. 6.1.c): for compliance with legal requirements

5. Cookies and Tracking Technologies

Our site uses technical cookies necessary for operation and, with consent, analytical cookies to understand how users interact with the site.

Technical cookies (always active):

  • Session cookies for authentication
  • Cookies for language preferences
  • Cookies for cookie consent

Analytical cookies (with consent):

  • Google Analytics: for aggregate statistical analysis

Users can manage cookie preferences through the banner displayed on first access or through their browser settings.

6. Data Sharing

We do not sell users' personal data. We may share data with:

  • Service providers: hosting providers, email services, analytics tools operating as data processors
  • Competent authorities: when required by law or to protect our legal rights
  • Authentication providers: Google and Facebook, if the user chooses to log in through these services

7. Data Transfers

Some of our service providers may be located outside the European Economic Area. In such cases, we ensure transfers comply with GDPR through:

  • European Commission adequacy decisions
  • Standard contractual clauses approved by the European Commission

8. Data Retention

We retain personal data for the time strictly necessary for the purposes for which it was collected:

  • Account data: until account deletion by the user
  • Browsing data: maximum 26 months
  • Data for legal obligations: for the period required by applicable law

9. User Rights

Under the GDPR, users have the right to:

  • Access: obtain confirmation of processing and a copy of their data
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of their data ("right to be forgotten")
  • Restriction: limit processing in certain circumstances
  • Portability: receive their data in a structured format
  • Objection: object to processing based on legitimate interest
  • Withdraw consent: withdraw consent at any time

To exercise these rights, contact: legal@foodoso.com

Users also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali - www.garanteprivacy.it).

10. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption of communications (HTTPS)
  • Limited access to data on a "need-to-know" basis
  • Regular monitoring and updating of security systems

11. Children's Data

Our service is not directed at children under 16 years of age. We do not knowingly collect personal data from minors. If a parent or guardian believes that a minor has provided us with personal data, they may contact us to request deletion.

12. Changes to This Policy

We reserve the right to modify this Policy. Significant changes will be communicated through the website. The date of the last update is indicated at the top of this page.

13. Contact

For any questions regarding the processing of personal data:

Associazione Papalugia Via Giacomo Peroni 106 00131 Rome, Italy Email: legal@foodoso.com