Approval Date: 10.08.2025
PERSONAL DATA PROCESSING POLICY OF «ИП Каминская Евгения Владимировна»

Terms and Definitions

All capitalized terms used in this Policy have the following meanings:
  • "Platform" – Software for remote trade of food products, prepared meals, beverages, and related goods in the information and telecommunications network "Internet," including:
    • The Seller’s website and mobile applications for "iOS" and "Android."
    • Integration modules with third-party inventory and order management systems ("iiko," "r-keeper," "Poster").
  • "Seller"ИП Каминская Евгения Владимировна (OGRN: 320784700167352, INN: 781444097885), located at г Санкт-Петербург, Приморский пр-кт, using the Platform for commercial trade activities, organizing and processing personal data, and determining the purposes, scope, and methods of processing.
  • "Platform Owner"LLP "GOOD SPACE" (BIN: 220940030594), the exclusive rights holder of the Platform, providing technical maintenance and hosting services. The Platform Owner does not use personal data collected by the Seller. Its Privacy Policy is available at: https://starterapp.ru/privacy.
  • "Buyer" – An individual using the Platform to browse the Seller’s product range and/or purchase goods.
  • "Recipient" – An individual designated by the Buyer as the Order recipient.
  • "Order" – A purchase request submitted by the Buyer via the Platform, forming a sales contract with the Seller (and delivery services, if applicable).
  • "Goods" – Food products, meals, beverages, and related items.
  • "Third Parties" – Entities involved in Order fulfillment (delivery, processing), the Platform Owner, Seller’s partners, and other service providers or legally authorized entities.
  • "Personal Data" – Any information directly or indirectly identifying an individual.
  • "Processing of Personal Data" – Any automated or manual operation (collection, storage, modification, transfer, deletion, etc.).
  • "Data Security" – Protection against unauthorized access, destruction, alteration, or unlawful disclosure.

General Information

This Personal Data Processing Policy ("Policy") complies with Serbian data protection laws. It outlines the Seller’s approach to collecting, storing, using, and securing personal data.
By placing Orders, registering, or using the Platform, Buyers consent to the processing of their data by the Seller, Platform Owner, and Third Parties, including data obtained via third-party services (e.g., social logins). The Platform cannot fulfill Orders without this consent.
The Seller acts as an independent data controller for Buyer/Recipient data under this Policy. Processing occurs for contract fulfillment (e.g., sales, delivery) and other lawful purposes.
This Policy applies to data collected before and after its adoption.

Legal Basis and Processing Purposes

The Seller processes personal data under the following conditions:
  1. With Consent (e.g., via acceptance of this Policy during registration).
  2. Contractual Necessity (e.g., Order fulfillment).
  3. Legal Compliance (e.g., tax obligations).
  4. Legitimate Interests (e.g., fraud prevention, service improvement).
  5. Statistical/Marketing Research (if anonymized).
Categories of Data Subjects:
  • Buyers (for Orders, promotions, support, payments, reviews).
  • Recipients (if different from Buyers).
  • Delivery personnel.
  • Complainants (e.g., dispute resolution).
  • Employees (for labor contracts).
  • Business partners.
If a Buyer provides another person’s data (e.g., Recipient), they must ensure consent was obtained.

Data Categories Processed

The Seller processes:
  • Identifiers: Name, email, phone, delivery address, gender, birthdate.
  • Order Details: Purchase history, payment methods (masked card numbers).
  • Technical Data: IP address, device IDs, cookies, geolocation.
  • Communications: Support chats, call recordings.
  • Preferences: Wishlists, browsing history.
Data sources include:
  • Direct input (Platform forms).
  • Third-party integrations (e.g., social logins).
  • Automated tracking (cookies, analytics).

Processing Principles

The Seller adheres to:
  • Lawfulness & Fairness.
  • Purpose Limitation (no processing beyond stated purposes).
  • Data Minimization (only necessary data).
  • Accuracy & Storage Limitation (data is updated and deleted when obsolete).
  • Confidentiality & Security.
Sensitive Data: The Seller does not process race, religion, health, or biometric data.

Data Sharing

The Seller may share data with:
  • Delivery Providers (to fulfill Orders).
  • Payment Processors (for transactions).
  • Platform Owner (technical support).
  • Legal Authorities (if required by law).
Third parties act as independent data controllers or processors under their own policies.

Data Subject Rights

Individuals may:
  1. Access their data.
  2. Correct inaccuracies.
  3. Request deletion (unless retention is legally required).
  4. Withdraw consent (via email to evgenia.kaminskaia@gmail.com).
  5. Restrict processing.
  6. Lodge complaints with regulators.
Requests are processed within 30 days. Withdrawing consent may prevent Order fulfillment.

Data Security Measures

The Seller implements:
  • Access controls.
  • Encryption.
  • Regular audits.
  • Employee training.
  • Secure storage (on Serbian servers where required).

Retention Periods

  • Registered Buyers: Until account deletion + 30 days.
  • Unregistered Buyers/Recipients: 3 years post-Order.
  • Complaints: 3 years after resolution.
  • Marketing Data: 5 years post-consent.
Data is anonymized or destroyed post-retention.

Automated Data Collection

The Platform collects:
  • Search queries.
  • Device/browser data (IP, cookies).
  • Interaction logs (for analytics, fraud prevention).

Policy Updates

The Seller may amend this Policy, with changes effective upon publication.

Attachments

  1. Appendix 1: Detailed processing purposes, legal bases, and retention.
  2. Appendix 2: Third-party data sharing list.

Appendix 1

Personal Data Processing Details
Data TypePurposeRetentionProcessing MethodNameOrder fulfillment, fraud prevention, legal compliance.30 days post-account deletion.Automated/manual deletion.EmailOrder updates, marketing (with consent).5 years post-consent or account deletion.Automated deletion.PhoneDelivery coordination, support.3 years post-last Order.Mixed (automated + physical destruction).AddressDelivery logistics.30 days post-account deletion.Automated deletion.Payment DataTransaction processing.3 years post-last Order (masked).Secure deletion.Device IDsFraud prevention, analytics.30 days post-account deletion.Automated deletion.LocationService personalization (with device permissions).Duration of consent.Automated deletion.

Appendix 2

Third-Party Data Sharing
Shared Data: Names, contact details, Order history, device identifiers.
Purposes: Delivery, payments, marketing, analytics, legal compliance.
In the heart of Belgrade, you’ll find a cozy spot where every meal feels warm and heartfelt. We cook with love, just like at home, using fresh seasonal ingredients and carefully preserving traditional recipes. Our cuisine blends familiar flavors with subtle modern touches—perfect for even the most discerning palates.
We deliver only within the central district, ensuring your food arrives perfectly fresh, aromatic, and just as it should be. Every order is our chance to bring you a little piece of home, whether it’s a quick office lunch or a hassle-free family dinner.
Choose us if you want food that delights not just with taste but with thoughtful details. We’re not just a delivery service—we’re a small culinary pleasure, right in the center of Belgrade.

It's quicker in the app.

  • Quick pay
  • Order notifications.
  • Loyalty card

Scan the code with your camera and follow the link to install the app.

  • en
      ru
      en

Powered by

Starter