Book catering
Transparency

Privacy & Cookie Policy

Last updated: June 2026

Contents

  1. 1. Data controller
  2. 2. Data collected
  3. 3. Purposes of processing
  4. 4. Data retention
  5. 5. Data sharing
  6. 6. Your rights (GDPR)
  7. 7. Cookie Policy
  8. 8. Contact

1. Data controller

Cucina della Nonna

Business ID: 3603743-8
Helsinki, Finland
Email: info@cucinadellanonna.fi

The controller manages the Cucina della Nonna brand and the Holy Crepe project, operating at cucinadellanonna.fi.

2. Data collected

We collect the following personal data:

Registration data

First name, last name, email address and password (hashed with bcrypt).

Loyalty card data

Points accumulated, purchase history and rewards redeemed.

Optional data

Phone number and date of birth (voluntarily provided in the profile, used for birthday offers).

Technical data

IP address, browser type, operating system, server access logs. Collected automatically for service security.

Marketing preferences

Consent to newsletter and push notifications, only if explicitly given.

3. Purposes of processing

A — Account and loyalty card management

Creating and managing your account, calculating and assigning loyalty points, granting rewards.

Legal basis: performance of a contract — Art. 6.1.b GDPR

B — Transactional emails

Registration confirmation, email verification, points notifications, password reset. These emails are necessary for the service to function.

Legal basis: performance of a contract — Art. 6.1.b GDPR

C — Newsletter and marketing communications

Sending offers, promotions and updates via email or push notifications. Only if you have given explicit consent. You may withdraw consent at any time from your profile or by writing to the controller.

Legal basis: consent — Art. 6.1.a GDPR

D — Security and fraud prevention

Monitoring access to prevent unauthorised use of the loyalty points system.

Legal basis: legitimate interest — Art. 6.1.f GDPR

E — Legal and fiscal obligations

Retention of data required by Finnish and European legislation on tax and commercial matters.

Legal basis: legal obligation — Art. 6.1.c GDPR

4. Data retention

Data typeRetention period
Account and loyalty card dataFor the duration of the relationship + 5 years after deletion
Server technical logs90 days
Session cookiesUntil browser is closed (session cookie)
Newsletter consentUntil consent is withdrawn
Data for fiscal obligationsAs required by Finnish law (kirjanpitolaki)

5. Data sharing

We do not sell or transfer your data to third parties for commercial purposes. We share it exclusively with:

Email provider (SMTP)

For sending transactional emails (account confirmation, password reset). The provider acts as a data processor under Art. 28 GDPR.

Hosting — OVH SAS (France, EU)

The server hosting the application is located within the European Union. OVH acts as a data processor. Data is not transferred outside the European Economic Area.

Competent authorities

Where required by law or by order of the competent Finnish or European authorities.

6. Your rights (GDPR)

Under EU Regulation 2016/679 (GDPR), you have the following rights:

Access (Art. 15)

Request a copy of the personal data we process about you.

Rectification (Art. 16)

Correct inaccurate or incomplete data directly from your app profile.

Erasure (Art. 17)

Request the removal of your data ("right to be forgotten"), subject to legal obligations.

Portability (Art. 20)

Receive your data in a structured, machine-readable format.

Objection (Art. 21)

Object to processing for marketing purposes at any time.

Restriction (Art. 18)

Request restriction of processing in certain circumstances.

How to exercise your rights

Write to info@cucinadellanonna.fi stating your name, email address and specific request. We will respond within 30 days as required by Art. 12 GDPR.

You also have the right to lodge a complaint with the Tietosuojavaltuutettu (Finnish Data Protection Ombudsman).

7. Cookie Policy

Cookies are small text files that websites save on your device. This page explains how and why we use them.

7.1 Cookies we use

We use only strictly necessary technical cookies required for the site to function. We do not use profiling, advertising or third-party tracking cookies.

Cookie namePurposeDuration
sessionidMaintains the login session. Required to access the members area and loyalty card.2 weeks
csrftokenCSRF protection. Ensures the security of site forms.1 year
cookie_consentStores the dismissal of the cookie information banner. Saved in localStorage.Persistent

✓ No tracking cookies

We do not install Google Analytics, Facebook Pixel, or any other third-party tracking tool. We do not build advertising profiles of users.

7.2 Technical cookies and consent

The technical cookies listed fall under the category of "strictly necessary cookies" and do not require your consent under Art. 5.3 of the ePrivacy Directive (2002/58/EC), as they are indispensable for providing the requested service.

7.3 How to manage cookies

You can manage or delete cookies through your browser settings. Please note that disabling technical cookies may affect how the site functions.

🌐 Google Chrome 🦊 Mozilla Firefox 🧭 Safari 🔷 Microsoft Edge

8. Contact

Cucina della Nonna

For any questions regarding the processing of your personal data or this policy:

Email: info@cucinadellanonna.fi

Supervisory authority: Tietosuojavaltuutettu — Finnish Data Protection Ombudsman.

← Back to home Version: June 2026