General terms and conditions of business

Here you will find the contractual conditions between

PIZZERIA DASIDHU (hereinafter referred to as "Provider") and the contractual partners specified in § 2 of the contract (hereinafter referred to as "Customer(s)").

1. scope of application

1.1 Within the scope of the business relationship between the provider and the customer, the following General Terms and Conditions of Business (hereinafter referred to as "GTC") shall apply exclusively, in the version valid at the time the contract is concluded.

1.2 Agreements deviating from these GTC shall not become part of the contract, unless they are based on a written declaration by the provider.

1.3 In accordance with the legal requirements of § 13 BGB (German Civil Code), the customer is a consumer if he acts as a natural person and the present legal transaction is neither predominantly attributable to his commercial nor self-employed professional activity. On the other hand, according to § 14 BGB, he is considered an entrepreneur, as far as he acts as a legal or natural person in exercising his commercial or independent professional activity when concluding the legal transaction.

1.4 The supplier distributes food, beverages and non-food articles (hereinafter referred to as "goods") produced by himself.

2. conclusion of contract

2.1 Orders of the customer can be placed during business hours in person, by telephone or online on the website www.rivolipizza.de on the basis of the following provisions.

2.2 The representations of the provider on his website, menus and exits on site or printed versions of the menu for home use, do not represent a binding offer of the provider in the sense of § 145 BGB to conclude a contract, but an invitation to submit an offer. Consequently, the customer offers the provider the conclusion of a contract by placing an order.

2.3 In case of an order via the internet presence of the provider, the customer can make a selection from the provider's range of goods and collect them in the digital shopping cart. The content of the shopping cart can be changed as desired before sending the order, so that input errors can be eliminated. By clicking on the button "order subject to payment", the Customer then submits a binding offer to purchase or manufacture the products in the shopping cart. This offer includes the present general terms and conditions. Thereupon, the Supplier will send the Customer an automatic e-mail in which the Customer's order is listed (hereinafter "confirmation of receipt"). This confirmation of receipt does not constitute an acceptance of the offer, but merely a confirmation of receipt of the customer's offer. Only by a separate declaration of acceptance, by e-mail, the contract is concluded (hereinafter "confirmation of order"). The order confirmation shall be accompanied by these General Terms and Conditions and the Customer's order as an attachment, so that the text of the contract is accessible to the Customer. These documents will be stored as contents of the contract in compliance with data protection. Further information on the subject of data protection can be found under Privacy Policy.

2.4 The conclusion of the contract outside of the electronic ordering system on the company's website, such as orders placed in the local pizzeria or by other means, is subject to the general legal regulations. With regard to the presentation of the goods of the supplier, reference is made to § 2 paragraph 2 of the General Terms and Conditions.

Contract language is the German language.

3. server information and company

IP: 164,68,111,100
Location: Nuremberg

Contabo GmbH

Aschauer Strasse 32a

81549 Munich

Germany

Phone: +49 89 3564717 70

Fax: +49 89 216 658 62

info@contabo.com

Authorized executives:

Thomas Noglik & Thomas white horse

Register court: AG Munich

Register number: HRB 180722

FA Munich Corporate bodies

 

4. delivery

(1) The delivery times stated by Restaurant begin with the time of receipt of the order confirmation by the customer. If no delivery time has been specified by the supplier, it is approximately 50 minutes.

(2) Should goods from the Supplier not be available at the time of the customer's order, the customer will be informed of this in the order confirmation. Hereby the offer of the customer is rejected, so that a contract does not come about. If the contract has already been concluded, the provider has the right to withdraw from the contract by informing the customer immediately about the non-availability of the goods and by immediately refunding any payments made by the customer.

(3) The orders of the customers are processed in the order of their temporal entrance, unless compelling operational reasons require another order.

(4) The following delivery restrictions exist: the supplier only delivers to those customers who have their address in the delivery areas available in the online shop.

(5) The delivery of spirits, tobacco products or other articles which are subject to legal sales restrictions for the protection of minors is only carried out on presentation of the customer's identity card.

5. reservation of proprietary rights

The goods delivered by the supplier to the customer remain the property of the supplier until full payment has been received.

6. prices

(1) All prices quoted in the representations of the provider are inclusive of the statutory value added tax applicable at the time.

(2) The shipping costs to be borne by the customer can be found in the order form.

(3) The goods are sent to the customer's billing address by a delivery service or by employees of the provider. The shipping risk is borne by the provider.

(4) A right of revocation of the customer and thus the reimbursement of delivery costs exists only to the extent described in § 10 of these terms and conditions.

7. terms of payment

(1) The customer has the possibility to process the payment of the goods ordered by him with the payment methods indicated in the shopping cart of the online shop.

(2) The agreed payment is due on the day the contract is concluded. To the entrance of the delay it does not need a further reminder, if for the achievement a time is determined after the calendar, § 286 exp. 2 No. 1 BGB.

8. exclusion of liability

(1) Claims for damages by the customer are excluded, with the exception of the following provisions.

(2) Excluded from this exclusion of liability are claims of the customer for damages due to injury to life, body, health, as well as claims for damages resulting from the violation of essential contractual obligations. Essential contractual obligations are those whose fulfilment is necessary to achieve the goal of the contract and on whose compliance the contractual partner regularly relies and may rely or the provider has to grant the contractual partner according to the content of the contract (so-called "cardinal obligations"). In the event of a breach of cardinal obligations, the liability of the Provider shall only extend to foreseeable damage typical for the contract, including damage caused by simple negligence, unless claims for damages due to injury to life, limb or health are concerned, which are excluded from this limitation.

(3) The exclusion of liability according to § 7 para. 1 of these GTC also does not cover any other damages which are based on an intentional or grossly negligent breach of duty by the provider, his legal representatives or vicarious agents.

(4) The limitations of liability mentioned in § 7 para. 1 to 3 of these GTC also apply in favour of the vicarious agents and legal representatives of the provider if claims are asserted against them.

(5) The regulations of the product liability law (ProdhaftG) remain unaffected.

8. links to third party content

Although the provider carefully selects external links, the provider does not adopt their contents as his own and cannot accept any liability for them. The respective third-party providers are solely responsible for their content.

9th warranty

(1) The liability of the provider for material defects is based on the legal regulations, in this case in particular §§ 434 ff., 651 BGB.

(2) The assertion of claims for damages is only possible under the conditions stated in § 7 of the GTC.

(3) A guarantee of the provider is only part of the contract if it is explicitly stated in the order confirmation.

10. general information

(1) The handling of data of our customers (hereinafter also referred to as "you", "your", "your" "affected person(s)") is particularly important for PIZZA RIVOLI Indisches Restaurant (hereinafter referred to as "operator", "we", "us" or "our"). In the following, we therefore inform you about the type of data that is collected as part of our service and how this data is subsequently handled. This refers both to the use of our application (hereinafter "App") and our website at www.rivolipizza.de (hereinafter "Website").

(2) The data collected by us can be distinguished according to the legal provisions into data by which a certain person cannot be identified (hereinafter "anonymous data") and data which allows the identification of a person (hereinafter "personal data"). Together, anonymous data and personal data are referred to as "data".

(3) Please read the following provisions carefully. With your consent on the website by registering or placing an order, you acknowledge the described collection and use of the data.

(4) Indisch Restaurant strives to ensure the greatest possible protection of your data. Please note, however, that the transmission of data via the Internet can result in gaps in protection, so that absolute security cannot be achieved in this form of communication.

(5) In general, we follow the general data protection principles, in particular the purpose limitation of data, data minimization, limited storage periods, data quality, data protection through technology design and through data protection-friendly presettings, observance of the legal basis for processing, as well as measures to ensure data security and observance of the requirements for further transmission to third parties. If you have information that helps the operator to pursue these goals, please contact the person responsible named in the following § 2.

(6) Automatic decision making is not supported by the app and website. Profiling, i.e. the automatic combination of personal data to evaluate personal characteristics, such as the economic situation, does not take place.

 

11 General Terms and Conditions of Delivery Service for App and Online Orders

The following delivery service conditions apply to all orders. The terms of delivery service are considered accepted by any form of order and at the latest upon receipt of the goods. Any contractual conditions of the customer that deviate from these terms and conditions shall not be valid even then. For your order, the General Terms and Conditions in the version valid at the time of the order shall apply.

12 Order form

By clicking on the "order" button at the end of the ordering process, you submit a binding offer to purchase the goods in the shopping cart and confirm beforehand that you agree to the validity of these General Terms and Conditions. The acceptance of this contractual offer is accepted by delivery of the goods. Please make sure that the transmitted data is correct. Incorrect or incomplete personal data can lead to problems or delays in delivery. Therefore, please make sure that you provide the correct address (including postcode), e-mail address and telephone number when ordering. We cannot be held responsible for non-delivery or late delivery if the information provided is incorrect or incomplete and in this case the full price of the goods ordered may be charged. In case of typing, printing or calculation errors in the app, on the website or in the flyer, we are entitled to a concrete price calculation. In this case the customer has an unlimited right to withdraw from the supply contract. The images displayed in the app, on the website or in flyers are symbolic; the goods may vary in design, layout and colour.

13. delivery

We deliver while stocks last. The delivery is made as soon as possible, regularly within 45 minutes. All information about the delivery period and/or a delivery date, including any delivery time forecasts, are non-binding. This also applies to orders for delivery by the customer, the binding nature of which must be expressly confirmed in writing. The prices stated in the app, on the website or in the flyers are gross prices. The delivery takes place exclusively within our delivery areas, which are firmly programmed in the app and on the website. We offer different payment options. The payment options can be extended or changed. The payment options available at the time of an order are mentioned during the ordering process. If payment is made by credit or debit card, your credit or debit card will be authorized and the amount will be reserved for payment as soon as your order is confirmed. Payment is made to Karvi Solutions , (Wiesbaden) - our technical service provider and representative - and is then forwarded to us by Karvi Solutions . If customers cannot be found on the agreed or expected delivery date, we reserve the right to charge an expense allowance. This right to charge an expense allowance also exists if delivery fails for reasons that are the responsibility of the customer (e.g. defective doorbell). The amount of the expense allowance corresponds to the gross order value.

14. alcohol and cigarettes

Alcoholic beverages (except beer) and cigarettes, can only be ordered and delivered by persons who are at least 18 years old. In contrast, beer can also be ordered online by 16-year-olds. Alcohol will only be delivered or collected on presentation of an identity card.

15. liability for defects

We do not assume any guarantee of quality or other guarantees. The customer will check the goods on delivery for external damage and obvious defects and, if necessary, complain immediately. Should damage and/or loss occur during transport, the driver will inform the customer directly and immediately, at the same time notifying us. If the delivered goods are defective, the customer can demand subsequent performance by means of a replacement delivery. If the supplementary performance fails, the customer can withdraw from the purchase contract, reduce the purchase price or claim damages in case of a not insignificant defect. Further claims of the customer - regardless of the legal grounds - are excluded, unless otherwise stated below. We shall not be liable for damages that have not occurred to the delivery item itself; in particular, liability for loss of profit or other financial losses of the customer is excluded. We shall be liable for intent and gross negligence as well as for the negligent breach of obligations, the fulfilment of which is essential for the proper execution of the contract, the breach of which endangers the achievement of the purpose of the contract and on the observance of which you as a customer regularly rely. The above exclusions of liability shall not apply in the event of injury to life, body or health. Liability under the Product Liability Act remains unaffected.

16th data protection declaration

Please read this privacy policy completely and carefully. It informs you which data is processed by us and our technical service provider Karvi Solutions (Wiesbaden) when you visit our app/website and place an order, and how and by whom the data is used.

We collect, process and use your data only with your consent or if a legal provision permits this. If the collection, processing and use of your personal data is not already permitted by law, you declare your consent to this privacy policy by clicking on the field provided for this purpose during your registration and/or when placing an order via the app / on the website. By agreeing to the validity of this Privacy Policy, you consent to the collection, processing and use of the data you have entered during the registration and/or order process for the purposes set out in detail below.

As the data controller, Karvi Solutions , has implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. However, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, such as by telephone.

17. definitions of terms

The Karvi Solutions data protection declaration is based on the terms used by the European legislator for directives and regulations when the basic data protection regulation (DS-GVO) was issued. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this data protection declaration:

a) personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as 'data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

(b) data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

(c) Processing

Processing is any operation or set of operations, performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

(d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

(e) profiling

Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location.

(f) Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.

(g) Controller or data controller

Controller or data controller shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or by the law of the Member States, provision may be made for the controller or for the specific criteria for his or her designation in accordance with Union law or the law of the Member States.

(h) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

(i) recipient

The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data in the course of a specific investigation, in accordance with Union or national law, shall not be considered as recipients.

(j) third parties

Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.

(k) Consent

Consent shall mean any freely given specific and informed expression of the data subject's will in an informed and unequivocal manner, in the form of a declaration or other unequivocal affirmative act by which the data subject signifies his or her consent to the processing of personal data relating to him or her.

18. the name and address of the controller

The person responsible within the meaning of the Basic Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is the:

Silvio Manfred Schmidt 

Unterislinger Weg 39, 93053 Regensburg

info@rivolipizza.de

Unterislinger Weg 39
93053 Regensburg

 

19 . Collection of general data and information

Gurvinder Kaur's website collects a number of general data and information every time a data subject or automated system accesses the website. This general data and information is stored in the log files of the server. The following can be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system accesses our internet page (so-called referrer), (4) the sub-websites that are accessed via an accessing system on our internet page, (5) the date and time of an access to the internet page,

(6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information which serve to prevent danger in the event of attacks on our information technology systems.

Karvi Solutions does not draw any conclusions about the person concerned when using this general data and information. This information is required (1) to deliver the contents of our website correctly, (2) to optimise the contents of our website and the advertising for it, (3) to ensure the permanent functionality of our information technology systems and the technology of our website and (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. These anonymously collected data and information are therefore evaluated by Karvi Solutions, both statistically and with the aim of increasing data protection and data security in our company, in order to ultimately ensure an optimum level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all personal data provided by a person concerned.

20. routine deletion and blocking of personal data

The controller shall process and store personal data relating to the data subject only for the time necessary to achieve the purpose of storage or where provided for by the European Directive and Regulation or by any other law or regulation to which the controller is subject.

If the purpose of storage ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or any other competent legislator expires, the personal data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.

21. rights of the data subject

(a) Right to confirmation

Every data subject has the right, granted by the European Directives and Regulations, to obtain confirmation from the controller as to whether personal data relating to him are being processed. If a data subject wishes to exercise this right of confirmation, he or she may at any time contact an employee of the controller.

(b) Right of access

Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to obtain at any time and free of charge from the controller information on the personal data stored in relation to him or her and a copy thereof. Furthermore, the European Directive and Regulation Giver has granted the data subject access to the following information:

the processing purposes

the categories of personal data processed

the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular to recipients in third countries or to international organisations

if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration

the existence of a right of rectification or erasure of personal data relating to them or of a right of objection to their processing by the controller

the existence of a right of appeal to a supervisory authority

if the personal data are not collected from the data subject: All available information on the origin of the data

the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the DPA and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject

The data subject shall also have the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards in relation to the transfer.

If a data subject wishes to exercise this right of access, he or she may at any time contact a member of the staff of the controller.

(c) Right of rectification

Every person concerned by the processing of personal data has the right, granted by the European legislator, to request the rectification without delay of inaccurate personal data concerning him. The data subject shall also have the right to request the completion of incomplete personal data, including by means of a supplementary declaration, having regard to the purposes of the processing.

If a data subject wishes to exercise this right of rectification, he or she may at any time contact an employee of the controller.

d) Right of erasure (right to be forgotten)

Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to obtain from the controller the immediate erasure of personal data relating to him/her, where one of the following reasons applies and provided that the processing is not necessary:

the personal data have been collected or otherwise processed for purposes for which they are no longer necessary

The data subject withdraws the consent on which the processing was based pursuant to Article 6(1)(a) of the DPA or Article 9(2)(a) of the DPA, and there is no other legal basis for the processing.

The data subject lodges an objection to the processing pursuant to Article 21(1) DPA and there are no overriding legitimate reasons for the processing, or the data subject lodges an objection to the processing pursuant to Article 21(2) DPA.

The personal data were processed unlawfully.

The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.

The personal data were collected in relation to information society services offered in accordance with Article 8 (1) DS-GVO.

If one of the above reasons applies and a data subject wishes to have personal data stored by Karvi Solutions deleted, he or she can contact an employee of the data controller at any time. The Karvi Solutions employee will ensure that the deletion request is complied with immediately.

If the personal data has been made public by Karvi Solutions and our company as the responsible party is obliged to delete the personal data in accordance with Art. 17 para. 1 DS-GVO, Karvi Solutions will take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform other data controllers who process the published personal data that the data subject has requested that these other data controllers delete all links to these personal data or copies or replications of these personal data, insofar as processing is not necessary. The Karvi Solutions employee will make the necessary arrangements in individual cases.

e) Right to limit processing

Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to request the controller to restrict the processing if one of the following conditions is met:

the accuracy of the personal data is contested by the data subject, for a period of time sufficient to enable the controller to verify the accuracy of the personal data

The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests the restriction of the use of the personal data.

The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims.

The data subject has lodged an objection to the processing in accordance with Article 21 (1) of the DPA and it is not yet clear whether the legitimate reasons given by the controller outweigh those of the data subject.

If one of the above-mentioned conditions is met and a data subject wishes to request the restriction of personal data stored by Karvi Solutions , he or she can contact an employee of the data controller at any time. The Karvi Solutions employee will arrange for the processing to be restricted.

(f) Right to data portability

Every person concerned by the processing of personal data has the right, granted by the European Directives and Regulations, to receive the personal data concerning him/her which have been provided by the data subject to a controller in a structured, common and machine-readable format. He/she also has the right to have this data communicated to another controller without hindrance by the controller to whom the personal data has been made available, provided that the processing is based on the consent pursuant to Art. 6(1)(a) DPA or Art. 9(2)(a) DPA or on a contract pursuant to Art. 6(1)(b) DPA and that the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data transferability in accordance with Art. 20 Paragraph 1 FDPIC, the data subject has the right to obtain that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

To assert the right to data transferability, the person concerned can contact a Karvi Solutions employee at any time.

g) Right to object

Every person concerned by the processing of personal data has the right, granted by the European legislator for directives and regulations, to object at any time, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that is carried out on the basis of Article 6(1)(e) or (f) of the DPA. This also applies to profiling based on these provisions.

In the event of an objection, Karvi Solutions , will no longer process the personal data unless we can demonstrate compelling reasons for processing that are worthy of protection and outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.

If Karvi Solutions processes personal data for the purpose of direct marketing, the data subject has the right to object at any time to the processing of personal data for the purpose of such marketing. This also applies to profiling, insofar as it is connected with such direct advertising. If the data subject objects to Karvi Solutions processing for the purposes of direct advertising, Karvi Solutions will no longer process the personal data for these purposes.

In addition, the data subject has the right to object to the processing of personal data concerning him/her that is carried out at Karvi Solutions , for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DS-GVO for reasons arising from his/her special situation, unless such processing is necessary to fulfil a task in the public interest.

In order to exercise the right of objection, the data subject can contact any Karvi Solutions employee or another employee directly. The data subject is also free to exercise his/her right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.

(h) Automated case-by-case decisions including profiling

Every person concerned by the processing of personal data has the right, as granted by the European Directives and Regulations, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or significantly affects him or her in a similar way, provided that the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorised by Union or national legislation to which the controller is subject and that such legislation provides for adequate safeguards of the rights and freedoms and legitimate interests of the data subject, or (3) is taken with the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or fulfilment of a contract between the data subject and the responsible person or (2) is made with the express consent of the data subject, Karvi Solutions takes appropriate measures to protect the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to obtain the intervention of a person on the part of the responsible person, to present its own standpoint and to contest the decision.

If the data subject wishes to exercise rights relating to automated decisions, he or she may at any time contact a member of the staff of the controller.

(i) Right to withdraw consent for data protection

Every person affected by the processing of personal data has the right, granted by the European Directive and Regulation Giver, to revoke his or her consent to the processing of personal data at any time.

If the data subject wishes to exercise his or her right to withdraw consent, he or she may at any time contact an employee of the controller.

§2 Controller, data recipients, contact details

(1) If you have any questions regarding data protection, please do not hesitate to contact the responsible person of the operator at  info@rivolipizza.de  or Unterislinger Weg 39, 93053 Regensburg

(2) Persons who come into contact with data in accordance with this data protection information (hereinafter referred to as "data recipients") as well as categories of recipients and, if available, their contact details can be found here for an overview:

- Third parties who have access to a device on which the App is running (see also § 4 para. 1 of this privacy policy);

- The operator of the website (see also § 1 and § 2 para. 1 of this privacy policy) PIZZA RIVOLI Indisches Restaurant

- The host of the website and app service PIZZA RIVOLI Indisches Restaurant ( www.rivolipizza.de )

- Employees of the operator

- Order data processors, such as delivery services and payment service providers (see also Section 7 of this privacy statement)

- public authorities and third parties, provided that there is a legal obligation to do so or that such disclosure serves the prosecution of criminal offences.

(3) Personal data is only stored and processed on servers rented from German companies. Personal data will not be transferred to a third country or international organisations.

(4) Data will only be transmitted to third parties on the basis of this data protection declaration.

5) We are a software development company and have developed the project according to the customer's requirements. All possible modification things are done by our customer administrator. We are not responsible for any kind of data deletion and its article, price, content, user data and order entry.

22. purposes of collection, processing and use

1. Anonymous data shall only be collected in order to

- to be able to use the app and website technically

- to optimize the operator's offer and to increase the usability of the app and website within the scope of statistical purposes

- to be able to provide public institutions with data in the event of criminal proceedings.

(2) Personal data is collected, processed and used exclusively to

- App and website and to create a corresponding profile for this

- to select, order or receive and pay for the drinks, prepared dishes, other food products (hereafter "goods") offered by PIZZA RIVOLI Indisches Restaurant via app or on the website

- enable the work of commissioned data processors, i.e. partners of the operator, such as delivery and payment services, in the ordering and payment process

- to send advertising newsletters with the consent of the customer

- to optimize the operator's offer and to increase the usability of the app and website within the scope of statistical purposes

- to be able to provide public institutions with data in the event of criminal proceedings

- to be able to comply with legal obligations to pass on data, for example due to tax regulations.

(3) In case of an order, the following data will be collected, processed and used:

- Time of the order

- IP address

- the data mentioned in paragraph 1, but without password, if necessary with additional comments on the order, such as customer requests

- Data on the ordered goods (also § 4 of this privacy policy), including delivery costs

- Payment method and corresponding payment data. The status of the payment (amount invoiced and payment made) is saved. For the payment itself, data is collected on the websites or web-based offers of the payment providers (see § 7 of this privacy policy)

In addition, the data mentioned in paragraph 2, which were collected during registration, are processed and used. For the purposes of this collection, reference is made to § 3 paragraph 2 of this privacy policy, the order data serves in particular to provide the contractually agreed service to the customer, which without this information is actually and/or technically not possible. For the rights of the customer regarding his personal data, reference is made to § 11 of this data protection declaration.

(4) If the operator's website is called up, general information is generally collected, which is stored as a log file of the server. Log files are log files for the control and automation of the ordering process. Although these files may contain personal data, the Operator does not use them to identify a person concerned. The log files of the operator contain the following data:

- IP address and service provider of the person concerned

- Date or time of the visit to the website

- the operating system and browser used for visiting the website

- Referrer, i.e. other websites of third parties or subpages (also "subpages")

In addition, the operator reserves the right to collect further data in case of a justified suspicion of an unauthorized interference with the operator's system and its functions. For the purposes of this collection, reference is made to § 3 paragraph 1 of this privacy policy. The customer's rights with regard to his personal data result from § 11 of this data protection declaration.

(5) Cookies are used on the website of the operator. These are files that serve as identification marks. Through the use of cookies, the browser and previous entries of the customer are recognized. The operator transfers these files to the customer's local system (e.g. computer or smartphone) using the web browser and can read the cookies during the visit to the website. For the use of the product offer, however, only the session ID (also "session identifier") is stored by means of a cookie, so that a shopping cart for all selected goods can be created and the ordering process can be processed with it. The cookies are not encrypted by the provider. However, they are protected against being read out by third parties by the security standard of your browser.

(6) The customer can make settings in his web browser which prevent the use of cookies. The Provider considers this to be an objection to the use of this technology, with the result that the range of goods offered is not available or only available to a limited extent due to the website not being fully functional. To make such settings, the customer can consult the help function of the web browser.

 

23. duration of data collection

(1) App data according to § 22 para. 1 of this privacy policy will be collected on your device as long as the app is installed.

(2) Data, which are collected within the scope of registration and for orders, remain stored as long as the customer is registered. Order data without registration will be deleted or anonymized after three years at the latest. In general, the principles according to § 1 para. 5 of this privacy policy apply, especially the principle of data economy.

(3) Other data will only be stored for as long as this is necessary to process the concerns of the person concerned or as required by legal regulations and limitation periods. In general, the principles set out in Section 1 (5) of this privacy policy, in particular the principle of data economy, apply.

24 Legal basis

The legal basis for the collection, processing and use is Art. 6 para. 1 lit. a) DSGVO or § 4 para. 1 BDSG, namely your consent (see § 1, and on the right of withdrawal § 11 para. 8 of this privacy policy) and Art. 6 para. 1 lit. b) DSGVO or § 28 para. 1 No. 1 BDSG, namely for the preparation and execution of the contract for ordering and payment of our goods and in the case of legal obligation Art. Art. 6 para. 1 lit. c) DSGVO. In addition, it may happen that vital interests of the person concerned or of another natural person depend on the information, for example in the case of medical information, on the processing of the information (Art. Art. 6 para. 1 lit. d) DSGVO). Finally, a processing operation may be based on Art. 6 para. 1 lit. f) DPA, namely to safeguard the legitimate interests of the controller or of a third party. Such a legitimate interest arises from the contractual relationship with the customer, e.g. to enforce payment or compensation claims.

25. payment service provider

Purchased goods can be paid for in addition to cash using online payment services such as PayPal, VISA, Mastercard or IMMEDIATELY. If you choose one of these options, you will be redirected to the website of the corresponding payment service provider, where you can make the payment. PIZZA RIVOLI Indisches Restaurant receives from the payment service provider the status of the payment, the amount paid, the transaction number and, in the case of PayPal payment, the name, address and the email address used to reconcile the payment made.

26 Contact form

In addition to the conventional communication channels, such as telephone or correspondence, the operator also enables the persons concerned to contact the data subjects by e-mail or by using a contact form set up on the website. The data transmitted on this basis will be used exclusively to process the request of the person concerned. In this context, reference is made to the rights of the persons concerned according to § 11 of this data protection declaration. Regarding the storage period, please note § 5 of this privacy policy.

 

27 Newsletter

(1) During the registration process and on the operator's website, the customer has the opportunity to subscribe to a newsletter, which provides information on the operator's product range at regular intervals. For this purpose, the data listed under § 4 paragraph 2 of this privacy policy, but in particular the e-mail address, are required. In addition, corresponding log files in terms of § 4 paragraph 4 of this privacy policy are stored. This serves above all to protect the customer's own data, our copyrights and to prevent or prosecute data misuse. In addition, the operator collects data by using counting pixels, which are part of the newsletter. These tracking pixels enable the operator to see whether the newsletter has been viewed and which product groups have been selected from the newsletter.

(2) In order to protect the customer's freedom of decision and information, we use the so-called double opt-in procedure during registration, in which an e-mail is sent to the e-mail address provided during registration and the customer confirms his or her wish to receive newsletters by means of an attached link.

(3) Customers have the option of being removed from the newsletter distribution list. Thereupon the customer will no longer receive newsletters. For this purpose, customers should contact the person responsible according to § 2 of this data protection declaration or consequences of the link to unsubscribe, which can be found at the end of each newsletter. Regarding the rights of the persons concerned, reference is also made to § 11 of this data protection declaration.

28. google analytics

(1) This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and stored there. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other Google data. Furthermore, the operator uses "anonymizeIP" to extend Google Analytics. This makes parts of the IP address of the persons concerned anonymous, so that the data is collected as anonymously as possible. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.

(2) On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports on the website activities and to provide further services to the operator in connection with the use of the website and the internet.

(3) Users of the website can prevent the storage of cookies by adjusting their browser software accordingly. In this case, it may not be possible to use all functions of the website. Furthermore, the collection of the data generated by the cookie to Google and its processing can be prevented by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Alternatively, the collection by Google Analytics can be prevented by clicking on this link. For this purpose, an opt-out cookie is set, which prevents the future collection of data when visiting the website. The opt-out cookie only applies to the respective browser and the operator's website and is stored locally. This means that the opt-out cookie must be set again if it is deleted in the browser, for example by a cleaning process.

29. rights of the persons concerned

(1) Data subjects shall first have a right of access. Thereafter, the person can demand confirmation from the person responsible (§ 2 of this data protection declaration) as to whether data relating to him or her is being processed. If this is the case, the person has the right to be informed about this personal data and to receive the following information

- the processing purposes

- the categories of personal data processed

- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular to recipients in third countries or to international organisations

- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration

- the existence of a right of rectification or erasure of personal data relating to them or of a right of objection to their processing by the controller

- the existence of a right of appeal to a supervisory authority

- if the personal data are not collected from the data subject: All available information on the origin of the data

- the existence of an automated decision making process including profiling in accordance with Art. 22 para. 1 and 4 DPA and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing on the data subject

If personal data are transferred to a third country or to an international organisation, the data subject has the right to be informed of the appropriate guarantees within the meaning of Article 46 FADP in connection with the transfer. The data subject has the right to obtain from the controller a copy of the personal data which are the subject of the processing. A fee based on the administrative costs may be charged for further copies.

2. The data subject shall have the right to obtain from the controller the rectification without delay of inaccurate personal data relating to him. Having regard to the purposes of the processing, the data subject shall have the right to request the completion of incomplete personal data, including by means of a supplementary declaration.

(3) In addition, data subjects shall have the right to have their data deleted (so-called "right to be forgotten"). According to that right, the person has the right to request the controller to delete personal data relating to him/her without delay and the controller is obliged to delete personal data without delay if one of the following reasons applies

- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

- The data subject withdraws the consent on which the processing was based pursuant to Art. 6 para. 1 letter a) DPA or Art. 9 para. 2 letter a) DPA, and there is no other legal basis for the processing.

- The data subject lodges an objection to the processing pursuant to Art. 21 para. 1 FADP and there are no overriding legitimate reasons for the processing, or the data subject lodges an objection to the processing pursuant to Art. 21 para. 2 FADP.

- The personal data were processed unlawfully.

- The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.

- The personal data was collected in relation to information society services offered in accordance with Art. 8 Paragraph 1 DSGVO.

4. The data subject shall have the right to obtain from the controller the restriction of processing if one of the following conditions is met:

- the accuracy of the personal data is contested by the data subject, for a period of time which enables the controller to verify the accuracy of the personal data

- the processing is unlawful and the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted

- the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to exercise or defend his rights, or

- the data subject has lodged an objection to the processing pursuant to Art. 21 para. 1 DPA, as long as it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If processing has been restricted in accordance with the above, such personal data may be processed - apart from storage - only with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another person or on grounds of an important public interest of the Union or a Member State. A data subject who has obtained a restriction on processing shall be informed by the controller before the restriction is lifted.

5. The data subject shall have the right to obtain the personal data relating to him which he has supplied to the controller in a structured, standard and machine-readable format and the right to have such data communicated to another controller without hindrance by the controller to whom the personal data have been supplied (so-called "right of data transferability"), provided that

- the processing is based on a consent pursuant to Art. 6 para. 1 letter a) DSGVO or Art. 9 para. 2 letter a) DSGVO or on a contract pursuant to Art. 6 para. 1 letter b) DSGVO and

- the processing is carried out using automated procedures

In exercising his or her right to data transferability, the data subject shall have the right to obtain that personal data be transferred directly from one controller to another controller to the extent technically feasible. The right to data transferability must not affect the rights and freedoms of other persons.

(6) The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out pursuant to Article 6 (1) (f) FADP; this shall also apply to profiling based on these provisions. The controller shall no longer process the personal data unless he can demonstrate compelling reasons for processing that are worthy of protection and outweigh the interests, rights and freedoms of the data subject, or unless the processing serves to assert, exercise or defend legal claims.

Where personal data are processed for the purpose of direct marketing, the data subject shall have the right to object, at any time, to the processing of personal data relating to him/her for the purpose of such marketing, including profiling, insofar as it relates to such direct marketing.

If the data subject objects to processing for the purposes of direct marketing, the personal data shall no longer be processed for those purposes.

The data subject shall be expressly informed of the above rights in this paragraph no later than at the time of the first communication with him/her, in a comprehensible and separate manner from any other information.

Notwithstanding Directive 2002/58/EC, in the context of the use of information society services, the data subject may exercise his right of objection by means of automated procedures involving technical specifications.

The data subject shall have the right to object, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out for the purposes of scientific or historical research or for statistical purposes, in accordance with Article 89 (1) of the DPA, except where such processing is necessary for the performance of a task carried out in the public interest.

(7) The data subject shall have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning him or her or significantly affects him or her in a similar way. This shall not apply if the decision

- is necessary for the conclusion or performance of a contract between the data subject and the controller,

- is authorised by Union or national legislation to which the controller is subject and that legislation provides for adequate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or

- with the express consent of the data subject.

In exclusion cases, the controller shall take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of the controller, to express his or her point of view and to challenge the decision. Such decisions of the controller may not be based on special categories of personal data referred to in Article 9(1), except where Article 9(2)(a) or (g) applies and adequate measures have been taken to safeguard the rights and freedoms and the legitimate interests of the data subject.