Privacy Policy – EZIO Restaurant & Steakhouse

Legal

Privacy Policy

Last updated: May 2026  ·  EZIO Restaurant & Steakhouse

1. Data Controller

EZIO Restaurant & Steakhouse
Via della Ninna 7, 50122 Firenze (FI), Italy
P.IVA: IT06685190487
Email: ezioristoranteenoteca@gmail.com
Phone: +39 055 2658 123

This Privacy Policy explains how EZIO Restaurant & Steakhouse ("we", "us", or "our") collects, uses, and protects personal data when you visit our website www.ezioristorantesteakhouse.com or contact us directly, in compliance with the EU General Data Protection Regulation (GDPR – Regulation 2016/679).

2. Data We Collect

Data you provide directly

  • Name, email address, phone number when contacting us or making a reservation
  • Reservation details (date, time, number of guests, special requests)
  • Any communications you send to us via email or phone

Data collected automatically

  • IP address and browser/device information
  • Pages visited, time spent on the site, referring URLs
  • Cookie identifiers (only after your explicit consent – see Cookie Policy)

Data from third-party services

  • Reservation data processed via OpenTable (subject to their own privacy policy)
  • Review data displayed via Elfsight (Google Reviews, TripAdvisor)

3. Legal Basis & Purpose of Processing

  • Contract performance – processing reservations and responding to enquiries
  • Legitimate interest – website security, fraud prevention, improving our services
  • Consent – analytics and marketing cookies (only when you accept via our cookie banner)
  • Legal obligation – fiscal and accounting requirements under Italian law

4. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Reservation records: up to 3 years for operational and fiscal purposes
  • Email communications: up to 2 years from last contact
  • Analytics data: as defined by the respective tool's data retention settings (max 26 months for GA4)
  • Cookie consent logs: up to 1 year

5. Data Sharing & Third Parties

We do not sell or rent your personal data. We may share data with trusted third parties strictly necessary to operate our services:

  • OpenTable Inc. – reservation management platform (USA, Standard Contractual Clauses apply)
  • Google LLC – analytics and advertising services (USA, SCC apply)
  • Elfsight – review widgets displayed on the website
  • Weglot SAS – website translation service
  • Webflow Inc. – website hosting platform (USA, SCC apply)

All third-party processors have been selected to ensure an adequate level of data protection.

6. International Transfers

Some of our third-party providers are based outside the European Economic Area (EEA), primarily in the United States. Where this is the case, data transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an adequate level of protection for your personal data.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access – obtain a copy of the data we hold about you
  • Right to rectification – correct inaccurate or incomplete data
  • Right to erasure – request deletion of your data ("right to be forgotten")
  • Right to restriction – limit how we process your data
  • Right to data portability – receive your data in a structured, machine-readable format
  • Right to object – object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent – at any time, without affecting prior processing

To exercise any of these rights, please contact us at ezioristoranteenoteca@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at www.garanteprivacy.it.

8. Cookies

Our website uses cookies and similar technologies. For detailed information about which cookies we use, their purpose, and how to manage your preferences, please refer to our Cookie Policy.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our website is served over HTTPS and hosted on Webflow's secure infrastructure.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will indicate the date of the latest revision at the top of this page. We encourage you to review this policy periodically.