Privacy policy
PRIVACY POLICY – www.berfud.com
Welcome to the Privacy Policy of www.berfud.com. This policy helps you understand what data we collect, why we collect it, and your rights regarding such data.
Last updated: March 8, 2025
Summary
- Data Controller
- Types of Data Collected
- Methods and Place of Data Processing
- Purposes of the Data Collected
- Facebook Permissions Requested by This Application
- Details on the Processing of Personal Data
- Information on How to Disable Interest-Based Advertising
- Cookie Policy
- Additional Information for Users in the European Union
- Further Information on Processing
- Definitions and Legal References
Data Controller
Marisabel Fiestas Canales
Email address of the Controller: info.berfudamericanfood@gmail.com
Types of Data We Collect
Among the Personal Data collected by this Application, either independently or through third parties, are:
- Usage Data
- Tracking Tools
- Number of Users
- Session statistics
- Postal code (ZIP)
- Date of birth
- City
- First name
- Last name
- Payment information
- Browsing history
- Clicks
- Pageviews
Detailed information about each type of Personal Data collected is provided in the relevant sections of this privacy policy or in specific information notices displayed prior to data collection.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Application.
Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide the Data, it may be impossible for this Application to provide the Service. Where this Application specifically states that some Data are optional, Users may choose not to provide those Data without any consequences on the availability or operation of the Service.
Users uncertain about which Data are mandatory are invited to contact the Controller.
Any use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published, or shared through this Application and confirm that they have the third party’s consent to provide the Data to the Controller.
Methods and Place of Data Processing
Methods of Processing
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the stated purposes. In addition to the Controller, certain other parties involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) may have access to the Data, if necessary appointed as Processors by the Controller. An updated list of these Processors can be requested at any time from the Data Controller.
Place
Data are processed at the operational offices of the Controller and in any other place where the parties involved in the processing are located. For further information, contact the Controller.
The User’s Personal Data may be transferred to a different country from where the User is located. To learn more about the place of processing, Users can refer to the section containing details on the processing of Personal Data.
Retention Period
Unless otherwise stated in this document, Personal Data are processed and retained for as long as required by the purpose for which they were collected and may be retained for a longer period due to legal obligations or based on the Users’ consent.
Purposes of the Data Collected
User Data are collected to allow the Controller to:
- Provide the Service
- Fulfill legal obligations
- Respond to requests or enforcement actions
- Protect its rights and interests (or those of its Users or third parties)
- Detect any malicious or fraudulent activity
And also for the following purposes:
- Tag management
- Access to third-party service accounts
- Statistics
- Display of content from external platforms
- Contacting the User
- Interaction with social networks and external platforms
- Payment management
- Advertising
Facebook Permissions Requested by This Application
This Application may request certain Facebook permissions enabling it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For more information about the following permissions, refer to the Facebook permissions documentation and Facebook’s privacy policy.
Permissions Requested Include:
- Basic Information: The basic information of the User registered on Facebook that normally includes the following Data: id, name, picture, gender, and locale. In some cases, Facebook “Friends” may also be visible. If the User has made additional Data publicly available, those will be accessible.
- Usage Data
- Email: Provides access to the User’s primary email address.
- Device Information
- Tracking Tools
For further details:
- https://developers.facebook.com/docs/facebook-login/permissions
- https://www.facebook.com/about/privacy/
A “Tracking Tool” refers to any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, or fingerprinting—that enables the tracking of Users, for instance by collecting or saving information on the User’s device.
Details on the Processing of Personal Data
-
Access to Third-Party Service Accounts
These services allow this Application to retrieve Data from your accounts on third-party services and perform actions with them. These services are not activated automatically; they require explicit authorization by the User.-
Meta Platforms, Inc. – Facebook Account Access
- Company: Meta Platforms, Inc. (USA)
- Requested Permissions: Usage Data, +3 more
-
Meta Platforms, Inc. – Facebook Account Access
-
Contacting the User
- Mailing List or Newsletter: By registering on the mailing list or newsletter, the User’s email address is automatically added to a contact list that may receive email messages containing information of a commercial or promotional nature related to this Application. The User’s email address may also be added to this list as a result of registration or after making a purchase.
- Contact Form: By filling in the contact form with their Data, the User authorizes this Application to use such details to reply to information requests, quotes, or any other kind of request as indicated by the form’s header.
-
Payment Management
Unless otherwise specified, this Application processes all payments by credit card, bank transfer, or other means through external payment service providers. In general—and unless otherwise indicated—Users are requested to provide payment details and personal information directly to such payment providers, which handle the information independently. This Application is not involved in the collection and processing of such information but only receives a notification from the provider once the payment is completed.-
Google Pay (Google LLC)
- Company: Google LLC (USA)
- Personal Data: Last name +5 more
-
Google Pay (Google LLC)
-
Tag Management
These services enable the Controller to centrally manage tags or scripts needed on this Application. As a result, User Data may be processed by these services and stored.-
Google Tag Manager (Google LLC)
- Company: Google LLC (USA)
-
Google Tag Manager (Google LLC)
-
Interaction with Social Networks and External Platforms
These services allow interaction with social networks or other external platforms directly from the pages of this Application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings for each social network.-
“Like” Button and Facebook Social Widgets (Meta Platforms, Inc.)
- Company: Meta Platforms, Inc. (USA)
-
“Like” Button and Facebook Social Widgets (Meta Platforms, Inc.)
-
Advertising
These services allow User Data to be used for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User’s interests (behavioral retargeting).- Meta Ads Conversions (Meta Pixel): A statistics service provided by Meta Platforms, Inc. that connects data from the Meta advertising network with actions performed within this Application.
-
Statistics
These services enable the Data Controller to monitor and analyze web traffic data and track User behavior.- Google Analytics 4 (Google LLC): Google Analytics is a web analysis service provided by Google LLC (“Google”). Google may use Personal Data to contextualize and personalize ads in its advertising network.
- Meta Events Manager (Meta Platforms, Inc.): Provides traffic and interaction data via the Meta Pixel.
-
Display of Content from External Platforms
These services allow you to view and interact with content hosted on external platforms directly from the pages of this Application.- Google Fonts (Google LLC)
- Google Maps Widget (Google LLC)
Information on How to Disable Interest-Based Advertising
In addition to any opt-out feature provided by any of the services mentioned in this document, Users can learn more about how to disable interest-based advertising in the relevant section of the Cookie Policy.
Cookie Policy
This Application uses Tracking Tools. To learn more, Users may consult the Cookie Policy (included below).
Additional Information for Users in the European Union
Legal Basis of Processing
The Controller processes Personal Data relating to the User if one of the following conditions applies:
- The User has given consent for one or more specific purposes.
- Processing is necessary for the performance of a contract with the User or to take pre-contractual measures.
- Processing is necessary to comply with a legal obligation.
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
- Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by third parties.
It is always possible to ask the Controller to clarify the concrete legal basis for each processing and to specify whether the processing is based on law, required by a contract, or necessary to enter into a contract.
Additional Information on Retention Time
Unless otherwise indicated, Personal Data are processed and stored for the time required by the purpose for which they have been collected and may be retained for a longer period due to legal obligations or with the User’s consent.
- Data collected for contractual purposes are retained until the contract has been fully performed.
- Data collected for the Controller’s legitimate interests are retained until such interests have been satisfied.
When processing is based on User consent, the Controller may retain Personal Data until such consent is withdrawn. The Controller may also be obliged to retain Personal Data for a longer period to comply with a legal obligation or an order of an authority.
Once the retention period expires, Personal Data will be deleted. Therefore, the rights of access, erasure, rectification, and data portability can no longer be exercised after this period has expired.
User Rights under the GDPR
Users may exercise certain rights regarding their Data processed by the Controller. Specifically, subject to legal limits, the User has the right to:
- Withdraw consent at any time
- Object to the processing of their Data
- Access their Data
- Verify and request rectification
- Obtain restriction of processing
- Obtain erasure of their Personal Data
- Receive their Data or have it transferred to another controller
- Lodge a complaint with the relevant data protection authority
If Personal Data are transferred outside the EU or to an international organization, Users have the right to be informed about the legal basis for such transfer and the security measures adopted by the Controller to protect their Data.
Details on the Right to Object
When Personal Data are processed in the public interest, in the exercise of official authority vested in the Controller, or for the legitimate interests pursued by the Controller, Users may object to such processing for reasons related to their particular situation.
Users are reminded that if their Personal Data are processed for direct marketing purposes, they can object at any time without providing any justification. Once they object, the Personal Data shall no longer be processed for such purposes.
How to Exercise Your Rights
Requests to exercise User rights can be directed to the Controller using the contact details in this document. Requests are free of charge, and the Controller will address them as quickly as possible, within one month. Any rectifications, erasures, or restrictions of processing will be communicated by the Controller to each recipient of the Personal Data unless this proves impossible or involves disproportionate effort.
Further Information on Processing
Legal Defense
The User’s Personal Data may be used by the Controller in court or in the preliminary stages leading to possible legal action arising from improper use of this Application or related Services by the User. The User declares they are aware that the Controller may be required to reveal Personal Data upon request of public authorities.
Specific Information
Upon request by the User, this Application may provide additional, contextual information about specific Services or the collection and processing of Personal Data.
System Logs and Maintenance
For operation and maintenance purposes, this Application and any third-party services it uses may collect system logs, i.e., files that record interactions and may contain Personal Data such as the User’s IP address.
Information Not Contained in This Policy
Additional information regarding Personal Data processing may be requested from the Controller at any time.
Changes to This Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if technically and legally feasible, by sending a notification to Users via any contact information available. Please consult this page frequently, referring to the date of the last update at the bottom.
Where the changes affect processing activities whose legal basis is consent, the Controller will collect new consent from the User, if necessary.
Definitions and Legal References
Personal Data (or Data)
Any information that directly or indirectly, including in connection with any other information—such as a personal identification number—makes a natural person identified or identifiable.
Usage Data
Information collected automatically through this Application (or by third-party applications integrated in this Application), including: IP addresses or domain names of the computers used by the User; the Uniform Resource Identifier (URI) addresses; the time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numeric code indicating the status of the server’s answer (successful, error, etc.); the country of origin; the browser and operating system features used by the visitor; the time details of each visit (e.g., the time spent on each page); and other parameters about the operating system and the User’s IT environment.
User
The individual using this Application, who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refer.
Data Processor (or Processor)
A natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Controller)
The natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. Unless otherwise specified, the Data Controller is the owner of this Application.
This Application
The hardware or software tool by which the Personal Data of Users are collected and processed.
Service
The Service provided by this Application as described in the relevant terms (if available) on this website/application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document is deemed to include all current member states of the European Union and the European Economic Area.
Cookie
Cookies are Tracking Tools that consist of small portions of data stored in the User’s browser.
Tracking Tool
Any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, or fingerprinting—that enables the tracking of Users, for example by collecting or saving information on the User’s device.
Legal References
Unless otherwise specified, this privacy policy applies exclusively to this Application.
How We Can Help You
What You Can Do (Your Rights)
- Ask to know and access the information we hold about you
- Ask us to correct any inaccuracies
- Ask us to erase the information we hold about you (“right to be forgotten”)
- Ask us to transfer your data to another service
If You Have Issues
While we strive to ensure a positive user experience, we understand that issues may arise. If so, please contact us.
Contact Us
- Website: www.berfud.com
- Data Controller: Marisabel Fiestas Canales
- Email: info.berfudamericanfood@gmail.com
Downloadable Documents
- Privacy Policy (Last updated: March 8, 2025)
- Cookie Policy (Last updated: March 8, 2025)
- Terms and Conditions (Last updated: March 8, 2025)
Legal center by iubenda
COOKIE POLICY – www.berfud.com
This document contains information regarding the technologies that allow this Application to achieve the purposes described below. These technologies enable the Controller to collect and save information (for example, through the use of Cookies) or to use resources (for example, by running a script) on the User’s device when the User interacts with this Application.
Definition of “Tracking Tools”
For simplicity, all these technologies are collectively referred to as “Tracking Tools” in this document, unless there is a reason to differentiate them. For instance, while Cookies can be used in both web and mobile browsers, it would be inaccurate to speak of Cookies in the context of mobile applications, as those are Tracking Tools that require the presence of a browser. Therefore, in this document, the term “Cookie” is used only to refer to that specific type of Tracking Tool.
Some of the purposes for which Tracking Tools are used may require the User’s consent. If consent is granted, it may be freely revoked at any time by following the instructions contained in this document.
This Application uses both first-party Tracking Tools—managed directly by the Controller—and third-party Tracking Tools that enable services provided by third parties. Unless otherwise specified in this document, such third parties have access to their respective Tracking Tools. The duration and expiration of Cookies and other similar Tracking Tools may vary depending on the settings established by the Controller or each third-party provider. Some of them expire at the end of the User’s browsing session. In addition to the descriptions of each category below, Users may obtain more detailed and updated information on duration or any other relevant information (e.g., the presence of other Tracking Tools) by consulting the privacy policies of the respective third-party providers (via the links provided) or by contacting the Controller.
How This Application Uses Tracking Tools
1. Strictly Necessary
This Application uses “technical” Cookies or similar Tracking Tools to perform activities strictly necessary to ensure the functioning or delivery of the Service.
Third-Party Tracking Tools
- Google Tag Manager (Google LLC): A tag management service provided by Google LLC.
- Google Pay (Google LLC): A payment service provided by Google LLC that allows the User to make online payments using their Google credentials.
2. Functionality
This Application uses Tracking Tools to enable simple interactions and activate features that allow Users to access certain Service resources and simplify communication with the Controller.
Third-Party Tracking Tools
- Mailing List or Newsletter: When registering, the User’s email is added to a contact list that may send information, promotions, or commercial content regarding this Application.
3. Experience
This Application uses Tracking Tools to enhance the user experience and enable interactions with external content, networks, and platforms.
Third-Party Tracking Tools
-
Access to the Facebook Account (Meta Platforms, Inc.)
- Permissions: Usage Data, Email, device information, Tracking Tools
- Google Fonts (Google LLC): Manages the display of font styles.
- Google Maps Widget (Google LLC): Integrates map content.
- Facebook “Like” Button and Social Widgets (Meta Platforms, Inc.)
4. Measurement
This Application uses Tracking Tools to measure traffic and analyze User behavior to improve the Service.
Third-Party Tracking Tools
- Google Analytics 4 (Google LLC): A web analytics service that tracks and examines the use of this Application and prepares reports. Google may use Personal Data to personalize ads in its advertising network. In Google Analytics 4, IP addresses are used at collection time and then deleted before data is logged in any data center or server.
- Meta Events Manager (Meta Platforms, Inc.): Provides information on traffic and interactions within this Application by integrating the Meta Pixel.
5. Marketing
This Application uses Tracking Tools to deliver personalized ads or marketing content and to measure performance.
Third-Party Tracking Tools
- Meta Ads Conversion Tracking (Meta Pixel) (Meta Platforms, Inc.): Connects data from the Meta advertising network with actions taken in this Application (for example, conversions from Facebook or Instagram ads).
How to Manage Preferences and Give or Withdraw Consent on This Application
If the use of Trackers is based on consent, Users can provide or withdraw such consent by setting or updating their preferences through the relevant privacy choice panel available on this Application.
For third-party Tracking Tools, Users can manage their preferences and revoke their consent by visiting the associated opt-out link (if available), by consulting the privacy policy of the third party, or by contacting the third party directly.
How to Control or Delete Cookies and Similar Technologies via Your Device Settings
Users can use their browser settings to:
- See which Cookies or similar technologies have been set
- Block Cookies or similar technologies
- Delete Cookies or similar technologies
However, browser settings do not allow granular control of consent by category. Some useful links to manage cookies in common browsers:
Users can also manage some Tracking Tools used by mobile apps by disabling them via their device settings (e.g., mobile ad settings or system-wide tracking settings).
How to Opt Out of Interest-Based Advertising
In addition to what is indicated above, Users can take advantage of the information available on:
- YourOnlineChoices (EU/UK)
- Network Advertising Initiative (USA)
- Digital Advertising Alliance (USA)
- DAAC (Canada)
- DDAI (Japan)
These services allow the User to manage most advertising preferences. The Digital Advertising Alliance also provides an application called “AppChoices” to control behavioral advertising on mobile applications.
Consequences of Refusing the Use of Tracking Tools
Users are free to decide whether or not to allow the use of Tracking Tools. However, please note that these tools enable this Application to provide Users with a better experience and advanced features. If the User chooses to block the use of Tracking Tools, the Controller may be unable to provide certain functionalities.
Data Controller
Marisabel Fiestas Canales
Email address of the Controller: info.berfudamericanfood@gmail.com
Since the use of third-party Tracking Tools on this Application cannot be fully controlled by the Controller, any specific references to third-party Tracking Tools are indicative. To obtain complete information, Users are kindly requested to consult the privacy policies of the respective third-party services listed in this document.
Given the objective complexity in identifying tracking technologies, Users are encouraged to contact the Controller if they wish to receive further information regarding the use of such technologies on this Application.
Definitions and Legal References
Personal Data (or Data)
Any information that directly or indirectly, including in connection with any other information (e.g., a personal identification number), makes a natural person identified or identifiable.
Usage Data
Information collected automatically through this Application (including by third-party applications integrated into this Application), such as: IP addresses or domain names of the computers used by the User, URIs, the time of the request, the method used to submit the request to the server, the file size obtained in response, the numeric code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, time details per visit, and the path followed within the Application, with particular reference to the sequence of pages visited.
User
The individual using this Application, who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Processor)
A natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Controller)
The natural or legal person, public authority, or other body that, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including any security measures related to the functioning and use of this Application.
This Application
The hardware or software tool by which the Personal Data of Users are collected.
Service
The Service provided by this Application, as defined in the relevant terms (if available) on this website/application.
European Union (EU)
Unless otherwise specified, any reference to the European Union includes all current member states of the European Union and the European Economic Area.
Cookie
A Cookie is a Tracking Tool consisting of small data sets stored within the User’s browser.
Tracking Tool
Any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, or fingerprinting—that enables the tracking of Users.
Legal References
Unless otherwise stated, this privacy policy covers only this Application.
Last updated: March 8, 2025
Version: 2