Skip to content

Legal

Privacy Policy

Last updated:

This English version is provided for convenience. In case of any discrepancy, the Spanish version Política de Privacidad shall prevail.

At Gelateria el Faro S.L.U. (the "Controller") we process your personal data in accordance with EU Regulation 2016/679 (GDPR) and Spanish Organic Law 3/2018 of 5 December on the Protection of Personal Data and Digital Rights (LOPDGDD). This policy explains what data we collect, why we use it and what rights you have over it.

1. Data controller

  • Identity: Gelateria el Faro S.L.U.
  • Tax ID (NIF/CIF): B75611814
  • Address: Carrer del Maestro Joaquín Rodrigo Vidre, 1, 46408 Faro de Cullera, Valencia, Spain
  • Email:

2. What data we collect

The Controller may collect the following personal data:

  • Contact data you provide voluntarily when you write to us by email, Instagram or phone (name, email, phone number, message content).
  • Technical browsing data collected by our hosting provider (truncated IP address, browser type, pages visited) for statistical and security purposes only.

This is an informational website. We do not collect payment data, health data, or any of the special categories listed in Article 9 GDPR.

3. Purpose and legal basis for processing

PurposeLegal basis
Responding to your enquiries, reservations or requestsConsent (Art. 6.1.a GDPR) and pre-contractual steps (Art. 6.1.b GDPR)
Compliance with legal obligations (tax, health, commercial)Legal obligation (Art. 6.1.c GDPR)
Ensuring the security and technical operation of the websiteLegitimate interest (Art. 6.1.f GDPR)

4. How long we keep your data

  • Enquiry data is kept for as long as needed to handle the request and then for up to 12 months, unless you ask otherwise.
  • Data linked to legal obligations (invoices, health records) is kept for the periods required by law (up to 6 years for tax purposes).

5. Who we share your data with

We do not transfer your data to third parties except where legally required. Our data processors (hosting, email) act on our behalf under contract pursuant to Article 28 GDPR:

  • Website hosting: Cloudflare, Inc. (USA) — covered by the European Commission's Standard Contractual Clauses.
  • Email: our professional email provider (EU).

When you interact with third-party widgets embedded on our site (Google Maps, Instagram links), those services may process your data under their own policies:

6. Your rights

You have the right to:

  • Access the personal data we hold about you.
  • Rectification of inaccurate data.
  • Erasure ("right to be forgotten").
  • Restriction of processing.
  • Object to processing for reasons related to your particular situation.
  • Data portability in a structured, commonly used format.
  • Withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal.

You can exercise these rights by emailing with a copy of your ID or equivalent document.

If you believe the processing does not comply with the regulations, you can lodge a complaint with the Agencia Española de Protección de Datos (AEPD).

7. Security

We apply appropriate technical and organisational measures to ensure data security: HTTPS encryption across the site, restricted information access, backups and internal confidentiality policies.

8. Changes to this policy

We may update this policy to reflect legal or operational changes. The date of the last update is shown at the top of this document. We recommend you review this page periodically.

Legal Notice · Cookie Policy