Home

Privacy policy

PRIVACY POLICY – www.berfud.com

Welcome to the Privacy Policy of www.berfud.com. This policy helps you understand what data we collect, why we collect it, and your rights regarding such data.

Last updated: March 8, 2025

Summary

Data Controller
Types of Data Collected
Methods and Place of Data Processing
Purposes of the Data Collected
Facebook Permissions Requested by This Application
Details on the Processing of Personal Data
Information on How to Disable Interest-Based Advertising
Cookie Policy
Additional Information for Users in the European Union
Further Information on Processing
Definitions and Legal References

Data Controller

Marisabel Fiestas Canales
Email address of the Controller: info.berfudamericanfood@gmail.com

Types of Data We Collect

Among the Personal Data collected by this Application, either independently or through third parties, are:

Usage Data
Tracking Tools
Number of Users
Session statistics
Email
Postal code (ZIP)
Date of birth
City
First name
Last name
Payment information
Browsing history
Clicks
Pageviews

Detailed information about each type of Personal Data collected is provided in the relevant sections of this privacy policy or in specific information notices displayed prior to data collection.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Application.
Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide the Data, it may be impossible for this Application to provide the Service. Where this Application specifically states that some Data are optional, Users may choose not to provide those Data without any consequences on the availability or operation of the Service.
Users uncertain about which Data are mandatory are invited to contact the Controller.

Any use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy.

Users are responsible for any third-party Personal Data obtained, published, or shared through this Application and confirm that they have the third party’s consent to provide the Data to the Controller.

Methods and Place of Data Processing

Methods of Processing
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the stated purposes. In addition to the Controller, certain other parties involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) may have access to the Data, if necessary appointed as Processors by the Controller. An updated list of these Processors can be requested at any time from the Data Controller.

Place
Data are processed at the operational offices of the Controller and in any other place where the parties involved in the processing are located. For further information, contact the Controller.
The User’s Personal Data may be transferred to a different country from where the User is located. To learn more about the place of processing, Users can refer to the section containing details on the processing of Personal Data.

Retention Period
Unless otherwise stated in this document, Personal Data are processed and retained for as long as required by the purpose for which they were collected and may be retained for a longer period due to legal obligations or based on the Users’ consent.

Purposes of the Data Collected

User Data are collected to allow the Controller to:

Provide the Service
Fulfill legal obligations
Respond to requests or enforcement actions
Protect its rights and interests (or those of its Users or third parties)
Detect any malicious or fraudulent activity

And also for the following purposes:

Tag management
Access to third-party service accounts
Statistics
Display of content from external platforms
Contacting the User
Interaction with social networks and external platforms
Payment management
Advertising

Facebook Permissions Requested by This Application

This Application may request certain Facebook permissions enabling it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For more information about the following permissions, refer to the Facebook permissions documentation and Facebook’s privacy policy.

Permissions Requested Include:

Basic Information: The basic information of the User registered on Facebook that normally includes the following Data: id, name, picture, gender, and locale. In some cases, Facebook “Friends” may also be visible. If the User has made additional Data publicly available, those will be accessible.
Usage Data
Email: Provides access to the User’s primary email address.
Device Information
Tracking Tools

For further details:

A “Tracking Tool” refers to any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, or fingerprinting—that enables the tracking of Users, for instance by collecting or saving information on the User’s device.

Details on the Processing of Personal Data

Access to Third-Party Service Accounts
These services allow this Application to retrieve Data from your accounts on third-party services and perform actions with them. These services are not activated automatically; they require explicit authorization by the User.
- Meta Platforms, Inc. – Facebook Account Access
  - Company: Meta Platforms, Inc. (USA)
  - Requested Permissions: Usage Data, +3 more
Contacting the User
- Mailing List or Newsletter: By registering on the mailing list or newsletter, the User’s email address is automatically added to a contact list that may receive email messages containing information of a commercial or promotional nature related to this Application. The User’s email address may also be added to this list as a result of registration or after making a purchase.
- Contact Form: By filling in the contact form with their Data, the User authorizes this Application to use such details to reply to information requests, quotes, or any other kind of request as indicated by the form’s header.
Payment Management
Unless otherwise specified, this Application processes all payments by credit card, bank transfer, or other means through external payment service providers. In general—and unless otherwise indicated—Users are requested to provide payment details and personal information directly to such payment providers, which handle the information independently. This Application is not involved in the collection and processing of such information but only receives a notification from the provider once the payment is completed.
- Google Pay (Google LLC)
  - Company: Google LLC (USA)
  - Personal Data: Last name +5 more
Tag Management
These services enable the Controller to centrally manage tags or scripts needed on this Application. As a result, User Data may be processed by these services and stored.
- Google Tag Manager (Google LLC)
  - Company: Google LLC (USA)
Interaction with Social Networks and External Platforms
These services allow interaction with social networks or other external platforms directly from the pages of this Application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings for each social network.
- “Like” Button and Facebook Social Widgets (Meta Platforms, Inc.)
  - Company: Meta Platforms, Inc. (USA)
Advertising
These services allow User Data to be used for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User’s interests (behavioral retargeting).
- Meta Ads Conversions (Meta Pixel): A statistics service provided by Meta Platforms, Inc. that connects data from the Meta advertising network with actions performed within this Application.
Statistics
These services enable the Data Controller to monitor and analyze web traffic data and track User behavior.
- Google Analytics 4 (Google LLC): Google Analytics is a web analysis service provided by Google LLC (“Google”). Google may use Personal Data to contextualize and personalize ads in its advertising network.
- Meta Events Manager (Meta Platforms, Inc.): Provides traffic and interaction data via the Meta Pixel.
Display of Content from External Platforms
These services allow you to view and interact with content hosted on external platforms directly from the pages of this Application.
- Google Fonts (Google LLC)
- Google Maps Widget (Google LLC)

Information on How to Disable Interest-Based Advertising

In addition to any opt-out feature provided by any of the services mentioned in this document, Users can learn more about how to disable interest-based advertising in the relevant section of the Cookie Policy.

Cookie Policy

This Application uses Tracking Tools. To learn more, Users may consult the Cookie Policy (included below).

Additional Information for Users in the European Union

Legal Basis of Processing
The Controller processes Personal Data relating to the User if one of the following conditions applies:

The User has given consent for one or more specific purposes.
Processing is necessary for the performance of a contract with the User or to take pre-contractual measures.
Processing is necessary to comply with a legal obligation.
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by third parties.

It is always possible to ask the Controller to clarify the concrete legal basis for each processing and to specify whether the processing is based on law, required by a contract, or necessary to enter into a contract.

Additional Information on Retention Time
Unless otherwise indicated, Personal Data are processed and stored for the time required by the purpose for which they have been collected and may be retained for a longer period due to legal obligations or with the User’s consent.

Data collected for contractual purposes are retained until the contract has been fully performed.
Data collected for the Controller’s legitimate interests are retained until such interests have been satisfied.

When processing is based on User consent, the Controller may retain Personal Data until such consent is withdrawn. The Controller may also be obliged to retain Personal Data for a longer period to comply with a legal obligation or an order of an authority.

Once the retention period expires, Personal Data will be deleted. Therefore, the rights of access, erasure, rectification, and data portability can no longer be exercised after this period has expired.

User Rights under the GDPR

Users may exercise certain rights regarding their Data processed by the Controller. Specifically, subject to legal limits, the User has the right to:

Withdraw consent at any time
Object to the processing of their Data
Access their Data
Verify and request rectification
Obtain restriction of processing
Obtain erasure of their Personal Data
Receive their Data or have it transferred to another controller
Lodge a complaint with the relevant data protection authority

If Personal Data are transferred outside the EU or to an international organization, Users have the right to be informed about the legal basis for such transfer and the security measures adopted by the Controller to protect their Data.

Details on the Right to Object

When Personal Data are processed in the public interest, in the exercise of official authority vested in the Controller, or for the legitimate interests pursued by the Controller, Users may object to such processing for reasons related to their particular situation.

Users are reminded that if their Personal Data are processed for direct marketing purposes, they can object at any time without providing any justification. Once they object, the Personal Data shall no longer be processed for such purposes.

How to Exercise Your Rights

Requests to exercise User rights can be directed to the Controller using the contact details in this document. Requests are free of charge, and the Controller will address them as quickly as possible, within one month. Any rectifications, erasures, or restrictions of processing will be communicated by the Controller to each recipient of the Personal Data unless this proves impossible or involves disproportionate effort.

Further Information on Processing

Legal Defense
The User’s Personal Data may be used by the Controller in court or in the preliminary stages leading to possible legal action arising from improper use of this Application or related Services by the User. The User declares they are aware that the Controller may be required to reveal Personal Data upon request of public authorities.

Specific Information
Upon request by the User, this Application may provide additional, contextual information about specific Services or the collection and processing of Personal Data.

System Logs and Maintenance
For operation and maintenance purposes, this Application and any third-party services it uses may collect system logs, i.e., files that record interactions and may contain Personal Data such as the User’s IP address.

Information Not Contained in This Policy
Additional information regarding Personal Data processing may be requested from the Controller at any time.

Changes to This Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if technically and legally feasible, by sending a notification to Users via any contact information available. Please consult this page frequently, referring to the date of the last update at the bottom.
Where the changes affect processing activities whose legal basis is consent, the Controller will collect new consent from the User, if necessary.

Definitions and Legal References

Personal Data (or Data)
Any information that directly or indirectly, including in connection with any other information—such as a personal identification number—makes a natural person identified or identifiable.

Usage Data
Information collected automatically through this Application (or by third-party applications integrated in this Application), including: IP addresses or domain names of the computers used by the User; the Uniform Resource Identifier (URI) addresses; the time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numeric code indicating the status of the server’s answer (successful, error, etc.); the country of origin; the browser and operating system features used by the visitor; the time details of each visit (e.g., the time spent on each page); and other parameters about the operating system and the User’s IT environment.

User
The individual using this Application, who, unless otherwise specified, coincides with the Data Subject.

Data Subject
The natural person to whom the Personal Data refer.

Data Processor (or Processor)
A natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Controller)
The natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. Unless otherwise specified, the Data Controller is the owner of this Application.

This Application
The hardware or software tool by which the Personal Data of Users are collected and processed.

Service
The Service provided by this Application as described in the relevant terms (if available) on this website/application.

European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document is deemed to include all current member states of the European Union and the European Economic Area.

Cookie
Cookies are Tracking Tools that consist of small portions of data stored in the User’s browser.

Tracking Tool
Any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, or fingerprinting—that enables the tracking of Users, for example by collecting or saving information on the User’s device.

Legal References
Unless otherwise specified, this privacy policy applies exclusively to this Application.

How We Can Help You

What You Can Do (Your Rights)

Ask to know and access the information we hold about you
Ask us to correct any inaccuracies
Ask us to erase the information we hold about you (“right to be forgotten”)
Ask us to transfer your data to another service

If You Have Issues

While we strive to ensure a positive user experience, we understand that issues may arise. If so, please contact us.

Contact Us

Website: www.berfud.com
Data Controller: Marisabel Fiestas Canales
Email: info.berfudamericanfood@gmail.com

Downloadable Documents

Privacy Policy (Last updated: March 8, 2025)
Cookie Policy (Last updated: March 8, 2025)
Terms and Conditions (Last updated: March 8, 2025)

Legal center by iubenda

COOKIE POLICY – www.berfud.com

This document contains information regarding the technologies that allow this Application to achieve the purposes described below. These technologies enable the Controller to collect and save information (for example, through the use of Cookies) or to use resources (for example, by running a script) on the User’s device when the User interacts with this Application.

Definition of “Tracking Tools”

For simplicity, all these technologies are collectively referred to as “Tracking Tools” in this document, unless there is a reason to differentiate them. For instance, while Cookies can be used in both web and mobile browsers, it would be inaccurate to speak of Cookies in the context of mobile applications, as those are Tracking Tools that require the presence of a browser. Therefore, in this document, the term “Cookie” is used only to refer to that specific type of Tracking Tool.

Some of the purposes for which Tracking Tools are used may require the User’s consent. If consent is granted, it may be freely revoked at any time by following the instructions contained in this document.

This Application uses both first-party Tracking Tools—managed directly by the Controller—and third-party Tracking Tools that enable services provided by third parties. Unless otherwise specified in this document, such third parties have access to their respective Tracking Tools. The duration and expiration of Cookies and other similar Tracking Tools may vary depending on the settings established by the Controller or each third-party provider. Some of them expire at the end of the User’s browsing session. In addition to the descriptions of each category below, Users may obtain more detailed and updated information on duration or any other relevant information (e.g., the presence of other Tracking Tools) by consulting the privacy policies of the respective third-party providers (via the links provided) or by contacting the Controller.

How This Application Uses Tracking Tools

1. Strictly Necessary

This Application uses “technical” Cookies or similar Tracking Tools to perform activities strictly necessary to ensure the functioning or delivery of the Service.