TastyCakes Privacy Policy

Our contact details 

TastyCakes

C/Jaime Vera 1, Esc B 2 izq 

28011 Madrid Spain

+34 613077089

Website: www.tastycakesmadrid.com 

Email: tastycakesmadrid@gmail.com

The type of personal information we collect 

We currently collect and process the following information:

  • Contact details: name, email address and phone number (in some cases home address) 

  • Personal dates: birthday and special celebrations

  • Personal dietary information: known allergens

How we get the personal information 

  • By phone or email when you contact us regarding a future order and inquiry about our products and classes

  • By direct message on social media platforms when you contact us regarding an order or inquiry about our products and classes

  • By online form when you contact us regarding a future order and inquiry about our products and classes

  • By online shop when you order and purchase one of our products for pick-up or delivery

  • By online form when you subscribe to our email list

When you make a purchase through our online store, no matter the payment type, your bank information never comes to us. 

  • Direct bank transfer: we receive a notice with your name and date of transfer only

  • Bank or Credit card: this is processed through Stripe, our payment gateway. We never receive any personal bank information from them, simply that your payment has been received. 

  • SEPA Direct Debit: this is also processed through Stripe, our payment gateway. We never receive any personal bank information, simply that your payment has been received. 

  • Bizum: this is processed through TPV Virtual payment systems. We will see your name, date of payment, and concept of payment. 

How we use the personal information

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • To Respond to inquiry regarding a product or class

  • To confirm the details of and/or deliver an order

  • To process orders or provide the service you have requested

  • To keep you informed of offers for special events that you have indicated.

  • To add you to our email list and send you regular updates and marketing emails

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

  1. Your consent. When you sign up to be on our mailing list, we will ask for your consent to be contacted and added to our database. You are able to remove your consent at any time. You can do this by contacting tastycakesmadrid@gmail.com 

  2. To fulfill our contract with you. When you place an order, purchase a product, or sign up for a class, we will ask for personal information and any dietary restrictions you may have. We will ask for this information, because we need to fulfill our contract with you. 

Our condition for processing your dietary requirements (special category data) is explicit consent. 

  1. We have a legitimate interest. If you contact us requesting information regarding products or classes, we will use personal data to respond to this request. 

After receiving a product from or participating in a class with TastyCakes, you will have the opportunity to provide feedback and commentary that can serve as testimonials for future marketing and/or sales purposes. If we choose to publish this feedback on our website, in marketing emails, or on social media platforms, we will never include any identifying personal information with this feedback without your prior consent.

Who we share your data with

We may share this information with: 

  • Our service providers, e.g. gestor/accountant and virtual assistant 

  • Employees of TastyCakes

We will only share your information with our trusted service providers when there is a legitimate need to do so. In this case we will only share the minimum information necessary to meet our legitimate business requirement. When doing so, we expect these service providers to treat your personal data securely and for only the purposes intended.

How we store your personal information 

Your information is securely stored on our secure computer system and via a cloud-based CRM platform. We only work with CRM companies who meet all GDPR regulations and have the appropriate measures and security protocols in place to comply with EEA data protection laws. See the privacy policy for our CRM platform here.

We keep all contact information and dates while you are an active client or email subscriber of TastyCakes Madrid, and for two years after.  We will then dispose of your information by deleting all information from our computer and CRM databases.

Our “opt-out” list will be maintained for a period of two years, to ensure that you are in fact not receiving emails, then will be permanently deleted.

Your data protection rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information. 

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances. 

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances. 

Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at tastycakesmadrid@gmail.com if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at tastycakesmadrid@gmail.com

You can also complain to the AEPD if you are unhappy with how we have used your data.

The AEPD’s contact information:            

Agencia Española de Protección de Datos

C/Jorge Juan 6

28001 Madrid

Telephone number: +34 91 266 3517

Email: internacional@aepd.es

Website: www.aepd.es