Privacy Policy
Bavarian Ale House values your trust and is fully committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines the data practices of Bavarian Ale House (“we”, “us”, or “our”) in connection with your use of our website, bavarianalehouse.com (the “Website”). We remain dedicated to transparency, data minimization, and your control over your personal information, in compliance with applicable privacy regulations including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
We are committed to protecting the confidentiality, integrity, and availability of your personal data. We follow strict procedures to ensure all data collected through bavarianalehouse.com is handled in a secure and lawful manner. This Privacy Policy describes how we collect, use, disclose, and safeguard your information and details your rights concerning that data.
2. Scope and Data Controller
This Privacy Policy applies to all visitors, users, and others who access or interact with bavarianalehouse.com. For the purposes of the GDPR and other data protection laws, Bavarian Ale House is the data controller for the personal data collected through this Website. You may contact us regarding any data protection concerns via email at [email protected].
3. Categories of Personal Data We Process
We collect and process various categories of personal data, dependent on how you interact with us:
A. Usage Data
This includes data automatically collected about your interaction with bavarianalehouse.com such as:
– IP address
– Browser type and version
– Device identifiers
– Pages visited
– Duration of sessions
– Referral sources
B. Account Data
If you create an account or make a reservation or inquiry, we may collect:
– Full name
– Email address
– Phone number
– Mailing/billing address
C. Profile Data
We also collect data to understand your preferences and behavior, including:
– Purchase history
– Loyalty program status
– Preferred products
– Dietary or seating preferences
D. Communication Data
This includes information provided through direct communication with us:
– Support inquiries
– Email or form submissions
– Feedback and reviews
– Contact history
E. Technical Data
Collected automatically through your device during usage of the Website:
– Operating system
– Device model
– Screen resolution
– System settings
– Network type
F. Transaction Data
If you make a payment or purchase, we may collect:
– Payment method used (e.g., last four digits of your card)
– Billing address
– Order history
– Order fulfillment details
G. Preference Data
We track preferences where you have opted in, such as:
– Marketing communication choices
– Events or promotions you’ve shown interest in
– Product or food preferences shared voluntarily
4. Legal Bases for Processing
Our lawful bases for processing your personal data under the GDPR are as follows:
– Consent: Where you have given us explicit permission to process your data (e.g., for marketing emails).
– Contractual Necessity: To fulfill our contractual obligations to you, such as processing purchases or confirming reservations.
– Legitimate Interests: For operational purposes, such as website analytics, fraud prevention, and improving services—provided these interests do not override your fundamental rights.
– Legal Obligation: Where necessary to comply with legal requirements (e.g., tax, accounting).
Under CCPA, our handling of your Personal Information is done for business purposes as defined under the Act, and we do not sell your personal data.
5. Your Rights
If you are a resident of the European Economic Area (EEA) or California, you have certain data protection rights. Depending on your jurisdiction, these may include:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of incomplete or inaccurate information.
– Right to Erasure: Request deletion of your personal data where applicable.
– Right to Restrict Processing: Request restriction of processing under certain circumstances.
– Right to Data Portability: Obtain and reuse your personal data across different services.
– Right to Object: Object to processing conducted under legitimate interest or direct marketing.
– Right Not to Be Discriminated Against: We will not deny services, charge different prices, or provide a different level of service if you exercise any rights under the CCPA.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We use industry-standard security measures to safeguard your data, including:
– Data encryption in transit and at rest
– Secure access controls and authentication protocols
– Regular security audits and vulnerability testing
– Secure hosting environments with firewalls and DDoS protection
– Staff training on privacy and data-handling best practices
– Routine backup and recovery plans to protect data integrity
While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the internet is 100% secure.
7. International Data Transfers
Where personal data is transferred outside of the EEA, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or reliance on countries deemed to offer an appropriate level of data protection. We ensure all vendors and partners adhere to comparable data protection standards.
8. Data Retention
We retain your data only as long as necessary to fulfill the purposes outlined in this Privacy Policy:
– Usage and Technical Data: Up to 12 months, for analytics and diagnostics
– Account and Profile Data: For the life of the account, plus 24 months thereafter
– Transaction Data: Retained for 7 years for financial and legal compliance
– Communication Data: Retained for 36 months for customer service reference
– Preference Data: Retained until consent is withdrawn
Data may be retained longer where required by legal obligation.
9. Cookie Policy
Our Website uses cookies and similar technologies to enhance user experience. Types of cookies used on bavarianalehouse.com include:
– Essential Cookies: Necessary for the Website to function properly (e.g., session management, login).
– Functional Cookies: Remember your settings and preferences.
– Analytics Cookies: Help us understand how visitors interact with our Website (e.g., Google Analytics).
– Performance Cookies: Used to test different versions of pages or functionality to improve the user experience.
10. Cookie Management and Regulatory Compliance
You have full control over how cookies are used on your browser. Upon first visiting bavarianalehouse.com, you will be prompted with a cookie consent banner that allows you to enable or disable certain types of cookies under GDPR and CCPA. You may adjust your consent preferences or withdraw consent at any time by accessing the cookie settings via your browser or a “Manage Cookies” link, where available.
11. Special Protections for Children
Our services are not directed toward individuals under the age of 13. We do not knowingly collect personal data from children under 13. If we learn that we have inadvertently collected data from a child under 13 without verified parental consent, we will take immediate steps to delete such information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].
12. Policy Updates
We reserve the right to modify or update this Privacy Policy at our discretion. Substantive changes will be communicated clearly through the Website or via channels such as email. Continued use of bavarianalehouse.com after such modifications indicates your acceptance of the updated policy.
13. Contact
If you have any questions, concerns, or requests related to this Privacy Policy, your personal data, or your rights under applicable laws, please contact us at:
Email: [email protected]
Bavarian Ale House takes privacy seriously and complies fully with the GDPR, CCPA, and other applicable privacy regulations. Please reach out to us if you have any concerns or would like to exercise your data rights.
