Tiramisúp — Siciliaanse keuken← Back home
Legal

Privacy Policy

Last updated · 8 May 2026

This Privacy Policy explains how Tiramisúp(“we”, “us”, “our”), located at Lindenstraat 48, 1015 KX Amsterdam, the Netherlands, collects, uses, and protects your personal data when you visit our website (the “Site”).

We comply with the General Data Protection Regulation (GDPR, Regulation EU 2016/679) and the Dutch Data Protection Implementation Act (UAVG).

1. Data we collect

We only collect personal data that you voluntarily provide through our catering enquiry form:

  • Name (required)
  • Email address (required)
  • Phone number (optional)
  • Your message (required)

We do not use cookies, analytics, advertising pixels, or any other tracking technologies on this Site.

2. Why we collect it

Your data is processed for a single purpose: to respond to your catering enquiry and, if applicable, to plan and deliver the catering service you request.

Legal basis: pre-contractual measures taken at your request and, where a booking follows, performance of a contract — GDPR Art. 6(1)(b).

We do not use your data for marketing, profiling, or any automated decision-making.

3. Who has access to your data

Your enquiry is delivered to our inbox via the following processors, with whom we have data processing agreements in place:

  • Resend, Inc. — transactional email delivery (United States, certified under the EU-US Data Privacy Framework).
  • Vercel Inc. — hosting infrastructure for the contact form endpoint (data processed in EU regions where possible).

We never sell, rent, or share your data with any other third party.

4. How long we keep it

  • General enquiries are kept in our inbox for up to 12 months and then deleted, unless an active conversation is still ongoing.
  • Confirmed catering bookings become part of our accounting records and are kept for the legal retention period required by Dutch tax law (7 years, art. 52 AWR).

5. Your rights

Under the GDPR, you have the right to:

  • access the data we hold about you
  • have inaccurate data corrected
  • request deletion of your data (“right to be forgotten”)
  • restrict or object to processing
  • receive your data in a portable, machine-readable format
  • lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens — autoriteitpersoonsgegevens.nl)

To exercise any of these rights, email info@tiramisup.nl. We will respond within 30 days.

6. Security

Form submissions are transmitted over TLS-encrypted connections. Our processors store data on encrypted infrastructure and apply industry-standard access controls.

7. Changes to this policy

We may update this policy from time to time. The “last updated” date at the top of this page reflects the most recent revision.

8. Contact

Tiramisúp
Lindenstraat 48, 1015 KX Amsterdam
The Netherlands
info@tiramisup.nl

PrivacyTermsImprinttiramisup.nl