Privacy & Cookies
Privacy Statement
In this privacy statement, we explain which personal data we collect and use and for what purpose. We also inform you about your privacy rights. We recommend that you read this statement carefully and contact us if you have any questions.
Our contact details:
Restaurant de Echoput BV is a data controller within the meaning of the General Data Protection Regulation (GDPR). You can contact us using the details below:
Restaurant de Echoput B.V. (Statutory name)
Amersfoortseweg 86
7346 AA Hoog Soeren
Netherlands
Email: info@echoput.nl
KVK: 08062131
To whom does this privacy statement apply?
This privacy statement applies to all individuals whose personal data is processed by Restaurant de Echoput BV. Therefore, this statement applies to:
- Hotel and restaurant guests, customers, clients, and all other relations of Restaurant de Echoput BV, including suppliers of goods and services
- Visitors to our website www.echoput.nl and the linked websites, www.academievoorgastronomie.nl and the webshop
- Recipients of our emails, mailings, and regular mail
- All other individuals who contact us or whose personal data we process.
Links to third parties:
Our website may contain links to websites, plug-ins, and other applications of third parties. If you use these, third parties may collect or share information about you. We have no control over this and are not responsible for it. Upon leaving our website, we recommend that you read the privacy statement of each website you visit carefully.
What personal data do we collect?
Depending on the services and functionalities used, we process the following data:
Personal data provided by you:
required for fulfilling your reservation, order for goods and services, or your request for these will be requested. This includes, among others, email address and phone number, billing details such as address or company name, cost center, and VAT number;
on contact forms or other web forms or business cards provided by you;
in written correspondence (including emails or other forms of electronic communication);
by phone or similar forms of communication; and
during (introductory) meetings, gatherings, etc.
Personal data obtained via or generated by our website, emails, phone system, or similar methods.
Personal data obtained from other sources, such as
Online travel agencies and other booking channels
public business websites.
This may include the following data:
Identification data: first name, last name, nickname, marital status, title, date of birth, and gender.
Contact data: address, email address, and phone numbers.
Financial data: bank account number and payment card details.
Transaction data: information about payments to and from you and regarding any goods and services you have purchased from us or costs we have incurred for you with third parties
Technical data: IP address, login data, browser version and type, time zone settings and location, browser plug-in types and versions, operating system and platform, and other technology on the device you use to visit our website.
Profile data: your interests, preferences, feedback, and survey information.
User data: information about your use of our website and services.
Communication data: your preferences regarding how you communicate with us.
Case data: all relevant information for fulfilling your reservation
Legal grounds:
We will only use your data based on one or more of the following legal grounds and in compliance with applicable laws and regulations:
1. to perform an agreement in which you have given us an assignment;
2. to comply with any legal obligations that apply to us (including administrative and accounting obligations, tax obligations);
3. to protect your vital interests or those of another person;
We may also process your personal data after obtaining your consent, but we only do so when the processing does not fall under one of the other legally permitted grounds mentioned above. You always have the right to withdraw your consent. In such a case, please contact us.
Processing purposes:
Below we outline the purposes for which we use your personal data and the legal basis for this.
| Purpose | Type of personal data | Legal basis / legitimate interest |
| Registration as a guest, accepting the reservation or intake (conversation) | a) identification b) contact | a) performance of an agreement b) compliance with legal obligation |
Processing and delivery of goods and services: including– accounting
– debt collection | a) identification b) contact c) financial d) transaction e) marketing and communication | a) performance of the agreement b) legitimate interest: collection c) compliance with legal obligation |
Relationship management: including– information on changes to our terms and privacy statement
– feedback | a) identification b) contact c) profile d) marketing and communication | a) performance of the agreement b) compliance with legal obligation c) legitimate interest: keeping our files up to date and studying the use of our products and services |
| Customer research | a) identification b) contact c) profile d) use e) marketing and communication | a) performance of the agreement b) legitimate interest: studying the use of our products and services, product development, and promotion of our activities |
| Managing and protecting our organization, activities, and websites, as well as protecting client privacy (including troubleshooting, data analysis, testing, system maintenance, support, reporting, hosting data) | a) identification b) contact c) technical | a) legitimate interest: business operations, administration and IT services, network security, fraud prevention, and internal organization b) compliance with legal obligation c) to protect your vital interests or those of another person |
| Providing relevant information to you and measuring its effectiveness | a) identification b) contact c) profile d) use e) marketing and communication f) technical | a) performance of the agreement b) legitimate interest: studying the use of our products and services, product development, promotion of our activities, and determining our marketing strategy |
| Data analysis to improve our websites, products and services, marketing, customer relationship, and experiences | a) technical b) use | Legitimate interest: Distinguishing types of customers for our services, updating our websites, and developing our activities and determining our marketing strategy |
| Making suggestions and recommendations regarding services that may interest you | a) identification b) contact c) technical d) use e) profile | a) performance of the agreement b) legitimate interest: product development and promotion of our activities |
| Execution of your requests for information or advice and measuring its effectiveness | a) identification b) contact c) profile d) use e) financial f) transaction g) marketing and communication h) technical | a) performance of the agreement b) legitimate interest: studying the use of our products and services, product development, promotion of our activities, and determining our marketing strategy c) compliance with legal obligation d) to protect your vital interests or those of another person |
Marketing and "opting out":
We may use data to form a picture of what you might want or need or what interests you. This allows us to make decisions about relevant products, services, and offers for you (marketing). You may occasionally receive marketing messages from us (without your prior consent) unless you have indicated that you do not wish to receive them. If we share your personal data for marketing purposes with a third party (which we generally do not do), we will ask for your explicit consent in advance. You always have the opportunity to ask us to stop sending marketing messages with each message. In marketing activities, we do not process special personal data or confidential data protected by the attorney-client privilege. If we want to create a personal, individual marketing customer profile for you, we will ask for your prior consent. You can always withdraw this consent later.
Change of purposes:
We will only use your personal data for the purposes for which it was collected unless we reasonably believe that we can use it for another reason that is compatible with the original purpose. If this is not the case and we still want to use your data, we will contact you to explain this.
It may happen that we process personal information without your knowledge or consent, where the law allows or prescribes this.
International transfer of personal data:
Your personal data will in principle remain within the European Economic Area (EEA) and Switzerland. However, it may sometimes be necessary to transfer your personal data to parties located outside the European Economic Area (EEA) and Switzerland, for example, if this is necessary for handling your case. It may also be necessary to transfer data because a data center or our supplier is located outside the EEA or Switzerland. We only transfer personal data to parties located outside the EEA and Switzerland under the conditions set by data protection laws and regulations.
Security:
We take appropriate security measures to prevent misuse, loss, unauthorized access, and other unwanted actions regarding your personal data. We ensure that only necessary persons have access to the data, access to the data is protected, and our security measures are regularly checked. If there is a security incident with possible consequences for your privacy, we will inform you and the supervisory authority as soon as possible in cases where we are required to do so and inform you of the measures we have taken to limit the consequences and prevent recurrence in the future.
Access to your data:
Your personal data is only accessible to and shared with persons and parties who need to be aware of it.
Provision to third parties:
We may need to share your personal data with third parties to execute the purposes mentioned above. This includes IT companies or automators, professional advisors (such as banks, accountants, and insurance companies), and the tax authorities.
When we provide your data to a third party, we ensure, among other things, that your data is not used for other purposes, that this third party safeguards the security of your personal data, and treats it in accordance with applicable laws and regulations. Third parties are not allowed to use your personal data for their own purposes. In some cases, we will enter into a processing agreement with third parties who process your data on our behalf to ensure this. However, it may not be necessary because the third party has a professional secrecy obligation and/or provides sufficient guarantees in its own privacy statement. Furthermore, we will not provide the data to third parties unless it is legally required or permitted.
Retention period:
We do not retain the data longer than necessary for the purposes for which it was collected and/or the retention period based on applicable legal rules and/or codes of conduct and/or recommendations.
Your rights:
You have the following rights regarding the processing of your personal data:
Right of access: This means you can inquire with us about which personal data we process and for what purpose.
Right to rectification and supplementation: Incorrect data must be rectified by us and supplemented where necessary.
Right to erasure: This right means that we must delete personal data in a number of cases if you request it. This concerns the following cases: (a) we no longer need the personal data, (b) you have given consent for the use of your personal data but withdraw it, (c) you have rightly objected to the processing of your data, (d) there is unlawful processing, (e) the legal retention period has expired, or (f) the data subject is younger than 16 years and the personal data of the minor has been collected through an app or website.
Right to data portability: If you request it, we must transfer your personal data so that you can reuse your data in another environment.
Restriction of processing: You can ask us to suspend the processing of your personal data in the following cases: (a) to verify whether the data is correct, (b) when the processing is unlawful, but you do not want us to delete the data, (c) when we no longer need the data, but you need it for a legal claim, and (d) in the case that you have asked us to stop using your data, but we need to verify whether we have compelling legitimate grounds for processing.
Objection to data processing: You can object to the processing of personal data based on a task of public interest or a legitimate interest. We must then stop processing this data unless we have compelling legitimate grounds that outweigh your interests, rights, and freedoms, or that relate to a legal claim. You can always object to the use of personal data for direct marketing or profiling for these marketing purposes.
Withdrawal of given consent: Where we process based on your consent, you always have the right to withdraw it. This withdrawal does not apply to previous processing.
The right concerning automated decision-making and profiling: If we were to make a decision based on automatically processed data, you have the right to ask us to make a new decision where a human has assessed the data.
Handling your request:
We will comply with the above requests unless we have a compelling legitimate interest or legal obligation not to do so. This may be the case, for example, when your request concerns data that is subject to our confidentiality, a request is unclear (we ask you to clearly indicate with reasons which right you are invoking), is made unreasonably often, is impossible, requires a disproportionate effort from our organization or systems, or when the privacy of others is at stake.
We try to respond to your request within a month. In some cases, this may take longer if your request is complex or you have made multiple requests. In that case, we will inform you and keep you updated.
In principle, there are no costs associated with fulfilling your request. We may charge you a reasonable fee if your request is clearly unfounded, repetitive, or excessive. In that case, we may also choose not to comply with your request.
We may ask you for specific information to confirm your identity to fulfill your request, for example, by sending a copy of your ID (make the Citizen Service Number unreadable). This allows us to determine whether you have access to your personal data or can exercise one or more of your other rights. This is a security measure to prevent unauthorized access to your data.
Complaints and Data Protection Authority:
If you have complaints about the processing of your personal data, we ask you to contact us so that we can work with you to find a solution. Under privacy legislation, you always have the right to file a complaint with the privacy regulator, the Data Protection Authority.
Changes:
There may be changes in the personal data we store about you and how we do so, as well as in applicable laws and regulations. Therefore, we may adjust our privacy statement. Changes will be published on our website. We recommend that you regularly check this privacy statement to stay informed.
Effective date:
This privacy statement came into effect on September 1, 2018.
Cookie Policy
What are cookies?
Cookies and similar technologies are very small text files or pieces of code that often contain a unique identification code. When you visit a website or use a mobile application, a computer asks your computer or mobile device for permission to store this file on your computer or mobile device and access information. Information collected through cookies and similar technologies may include the date and time of the visit and how you use a particular website or mobile application.
Why do we use cookies?
Cookies ensure that during your visit to our online store, you remain logged in, all items in your shopping cart are saved, you can shop securely, and the website continues to function smoothly. The cookies also allow us to see how our website is used and how we can improve it. Additionally, depending on your preferences, our own cookies may be used to show you targeted advertisements that match your personal interests.
What types of cookies do we use?
Necessary cookies
These cookies are necessary for the proper functioning of the website. Some of the following actions can be performed using these cookies:
- Save items in a shopping cart for online purchases
- Save your cookie preferences for this website
- Save language preferences
- Log in to our portal. We need to verify that you are logged in.
Performance cookies
These cookies are used to collect statistical information about the use of our website, also known as analytical cookies. We use this data for performance and optimization of the website.
Functional cookies
These cookies provide more functionality for our website visitors. These cookies may be set by our external service providers or our own website. The following functionalities may or may not be activated when you accept this category:
- Live chat services
- Watch online videos
- Social media sharing buttons
- Log in to our website with social media
Advertising/tracking cookies
These cookies are set by external advertising partners and are used for profiling and tracking data across multiple websites. If you accept these cookies, we can show our advertisements on other websites based on your user profile and preferences. These cookies also store data on how many visitors have seen or clicked on our advertisements to optimize advertising campaigns.
Unclassified
These cookies are still in the classification process. They will appear in one of the following categories: Necessary, Performance, Functional, or Advertising.
How can I disable or delete cookies?
You can choose to disable all cookies except necessary cookies. In the browser settings, you can change the settings to ensure that cookies are blocked. Most browsers provide an explanation of how to do this in the so-called 'help function'. However, if you block the cookies, you may not be able to use all the technical features of our website, and this may negatively affect your user experience.