Haris Bistro

GDPR - PRIVACY POLICY

1. INTRODUCTION

The protection of your personal data is of particular concern to us, Hari Catering & Event GmbH, Newaldgasse 5, 1090 Vienna, Tel.: +43 (664) 5005846 Email: office@harisbistro.com (Hari’s Bistro). We therefore process your personal data exclusively on the basis of the legal provisions, in particular the General Data Protection Regulation (“GDPR”), the applicable Data Protection Act 2018 (“DSG”) and the Telecommunications Act (“TKG”). Below you will find out what information we collect, process and use when you visit and use our website www.kumarskitchen.com, www.harisbistro.at (“Website”). 

We may need to update this privacy notice from time to time as the Internet continues to develop. We therefore recommend that you check this page periodically to ensure that you have read the current version.

2. WHAT IS PERSONAL DATA?

Personal data is information about those affected whose identity has been determined or at least can be determined. This includes your name, your email address and your IP address.

3. WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND FOR WHAT?

3.1. Contact us 

If you contact us by email, telephone, post or via our contact form, your voluntarily provided personal data (title, title, name, company, email, telephone number) and the content of your request will be used for the purpose of processing this and for stored by us in the event of follow-up questions (pre-contractual measures or legitimate interests). This data will be used to process the request if this is necessary to answer your request. Of course, we will not pass on your request to third parties without your consent.

3.2. registration 

If you create an account via this website, we will collect, store and process your title, name, user name, address, email address, telephone number and password. If necessary, we also store your title, company and VAT number. The processing takes place for the purpose of managing your online account.

3.3. Orders via the web shop
For the purpose of processing the contract, we process the information provided during registration as well as the selected goods, comments on your orders, delivery address and credit card details (credit card provider, credit card holder, the last four digits of the credit card number). The data you provide is necessary to fulfill the contract or to carry out pre-contractual measures. Without this data we cannot conclude the contract with you. Data will not be transferred to third parties, with the exception of the transfer of the name, address and, if necessary, the telephone number to the shipping and delivery company commissioned by us to deliver the goods as well as to the accounting department of Hari Catering & Event GmbH and tax advisors to fulfill our tax obligations Commitments.

3.4. Transmission to third parties 

In addition to the data transfers mentioned above, we also transfer your personal data to external vicarious agents or service providers to the extent necessary: 

to IT service providers and/or providers of data hosting or data processing or similar services; 
to other service providers, providers of tools and software solutions who also support us in providing our services and act on our behalf; 
to any third parties who are involved in fulfilling our obligations to you (such as service providers when delivering your webshop order to you, payment service providers when processing payments in the webshop, banks for payment processing); 
to other external third parties to the extent necessary (e.g. auditors, insurance companies in the event of an insured event, legal representatives in the event of an incident, etc.); 
to authorities and other public bodies to the extent required by law (e.g. tax authorities, etc.). 
The website www.kumarskitchen.com and www.harisbistro.at is maintained in a third country that is GDPR compliant.

4. COOKIES

Our website uses so-called cookies. Cookies are small text files that are stored on your device using the browser. 

We use cookies to make the website and our offering user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit. 

If you do not wish this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases. If cookies are deactivated, the functionality of our website may be restricted.

4.1. Google Analytics 


Our website uses functions of the web analysis service Google Analytics from Google Inc. (“Google”). This analytics tool uses cookies to collect standard logging information and visitor behavior on our website in aggregate form. The information collected by the Google Analytics cookies about your use of this website is transmitted to Google servers (usually in the USA or in other countries outside the EU) and stored there. Because the privacy of our users is important to us, the IP addresses are anonymized. 

The following information is collected by Google Analytics: IP address in anonymized form, browser, device type, device model, country, service provider, screen resolution (on mobile device), time spent on the website, language, operating system, pages visited on the website. Google will use this information in particular to evaluate the use of the website by users and to compile reports on website activity. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. If you do not want our website to record your activities via Google Analytics, you can download and install a corresponding browser plugin at http://tools.google.com/dlpage/gaoptout. 

The user data is stored indefinitely or until you request that your data be deleted. Google will then delete the data as quickly as possible, in any case within 180 days.

4.2. Google Maps 

Our website uses Google Maps API to visually display geographic information on the Contact/Directions page. Google Maps is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. 

When you use Google Maps, information about your use of our website, including your IP address, is transmitted to a Google server in the USA and stored there. By using this website, you agree to the collection, processing and use of your automatically collected data by Google. We never receive knowledge of your personal data. 

The terms of use for Google Maps can be found at Terms of Use for Google Maps http://www.google.com/intl/de_de/help/terms_maps.html. 

If you do not want Google Maps to process your personal data, please deactivate JavaScript in your browser. However, we would like to point out that in this case you cannot use the map display.

4.3. Map service 

On our website we use the map service Google Maps, a map service provided by Google LLC, Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). When you access a page that contains Google Maps, your browser establishes a direct connection with Google’s servers. The map content is transmitted by Google directly to your browser and integrated into the website via a so-called iFrame. If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. However, in this case you cannot use the map display. Further information on data processing by Google can be found in Google’s privacy policy: https://www.google.com/intl/de/policies/privacy/index.html.

4.4. YouTube Videos

Our website includes video clips from the YouTube video platform. YouTube is a portal operated by YouTube, LLC, a subsidiary of Google Inc.

For data protection reasons, we have decided not to embed the video clips directly on our site but to keep them deactivated by default. Therefore, when you visit our site, no data is transmitted to Google. Instead, you will only see a preview image of the video clip. To play the video clip, you must activate it by clicking on the preview image. By clicking, you consent to the transfer of data to YouTube. The legal basis for processing your data is your consent in accordance with Art. 6(1)(a), 49(1)(a) of the GDPR. Only after this activation is a connection to Google’s servers established, and data is transmitted to Google. This means that your personal data is transferred to entities in a third country (outside the European Economic Area), where a level of data protection comparable to EU law is not guaranteed. Therefore, compliance with the data protection principles of Union law cannot be ensured. We have no control over the extent of the data collected in this context.

For more information about the purpose and scope of data collection, as well as the further processing and use of data by Google, your rights in this regard, and settings options to protect your privacy, please refer to Google’s privacy policy at: https://www.google.de/intl/de/policies/privacy/.

You can find YouTube’s terms of use at: https://www.youtube.com/t/terms.

4.5. Facebook (Instagram) Website Custom Audiences

This website uses the “Website Custom Audiences” pixel from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA.

When you visit our website, a direct connection is established between your browser and the Facebook server via this tracking pixel. As a result, Facebook receives the information that you have visited this website with your IP address. This allows Facebook to associate the visit to our pages with your user account. The information obtained in this way may be used to display Facebook Ads. We would like to point out that, as the provider of the website, we have no knowledge of the content of the transmitted data or its use by Facebook.

For more information, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/. If you do not want your data to be collected via Custom Audiences, you can disable Custom Audiences here.

4.6. Mailchimp – Newsletter

We work with Mailchimp for our newsletter management. What is Mailchimp?

Mailchimp is a cloud-based service for newsletter management. This means that users do not install Mailchimp on their own computer or server but use the service via a web interface on an external server.

Provider Information:

The Rocket Science Group, LLC
675 Ponce de Leon Ave NE
Suite 5000
Atlanta, GA 30308 USA

Mailchimp is an American marketing automation platform and email marketing service used by businesses to manage their mailing lists and create email marketing campaigns and automations sent to customers.

5. STORAGE DURATION

We generally store your personal data only for as long as necessary to fulfill our obligations to you. However, due to our tax and corporate retention obligations, we typically retain the personal data provided in connection with orders for seven years after contract fulfillment.

Personal data submitted as part of inquiries is stored for six months after the inquiry has been answered to respond to any follow-up questions. This storage is based on our legitimate interests. Henry, for example, has an interest in making customer support as user-friendly as possible, thereby strengthening the company’s reputation. In this case, there are no overriding interests on your part.

6. DATA PROCESSING IN THIRD COUNTRIES

If data is transferred to entities whose headquarters or data processing location is not in a member state of the European Union or in another contracting state of the Agreement on the European Economic Area, we ensure before the transfer that, apart from legally permitted exceptions, the recipient either maintains an adequate level of data protection (e.g., through an adequacy decision by the European Commission, appropriate safeguards such as the recipient’s self-certification under the EU-U.S. Privacy Shield, or the agreement of so-called EU Standard Contractual Clauses with the recipient) or that we have obtained your sufficient consent.

You may request an overview of recipients in third countries and a copy of the specific agreements ensuring an adequate level of data protection. Please refer to the contact details provided in Section 1.

7. DATA SECURITY

We implement appropriate technical and organizational security measures to protect your personal data from accidental or unauthorized deletion, alteration, loss, theft, and unauthorized access, disclosure, reproduction, use, modification, or access.

Our secure server software encrypts all your personal data, such as credit card numbers, bank codes, bank account numbers, names, and addresses. This ensures that unauthorized parties cannot read this information during transmission over the internet. During encryption, the characters you enter are converted into a secure code that can be safely transmitted online, providing optimal protection against unauthorized access.

Furthermore, we and our employees are committed to maintaining data confidentiality and secrecy. Likewise, our service providers and agents who require access to your personal data to fulfill their professional duties will be granted access and are subject to the same obligations of data confidentiality and secrecy.

8. YOUR DATA SUBJECT RIGHTS

You can request information at any time about the personal data we hold about you. In addition, under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to receive your provided data in a structured, commonly used, and machine-readable format.

Furthermore, you have the right to object to data processing when it is used for direct marketing purposes. If we process your data for legitimate purposes, you also have the right to object at any time if there are specific reasons arising from your particular situation.

You have the option to file a complaint with a data protection supervisory authority. The relevant supervisory authority for us is the Austrian Data Protection Authority, Wickenburggasse 8, 1080 Vienna.

If you have any questions, please feel free to contact us:

Hari Catering & Event GmbH
Newaldgasse 5
1090 Vienna
Tel.: +43 (664) 5005846
Email: office@harisbistro.com

To process your request regarding the rights mentioned above and to ensure that personal data is not disclosed to unauthorized third parties, please send your request with clear identification of yourself and a brief description of the scope of exercising your listed data subject rights.

Scroll to Top