1. Who are we?
De Chinese Muur, located at Zuiderstraat 42, 1931GE Egmond aan Zee, is responsible for the processing of personal data as described in this privacy policy.
2. What data do we collect?
We process the following personal data:
- First and last name
- Email address
- Phone number
- IP address (anonymised after 30 days)
- Order details
- Reservation details
3. Why do we collect this data?
- Processing orders: Your name, email and phone number are needed to process your order and inform you about its status (legal basis: performance of contract).
- Reservations: To manage and confirm your table reservation (legal basis: performance of contract).
- Fraud prevention: IP addresses are temporarily stored to prevent fraud (legal basis: legitimate interest).
- Analytics (with consent): anonymized usage statistics, approximate location (country/city) and device information to improve the site, only after you accept cookies (legal basis: consent).
4. How long do we retain your data?
- Order data: 7 years (tax retention obligation)
- Reservation data: 1 year after reservation date
- IP addresses: 30 days (then anonymised)
5. Sharing with third parties
We only share your data with:
- Buckaroo: for processing iDEAL/Wero payments
- Resend: for sending confirmation emails
- Supabase: for securely storing our data (database/hosting, EU region)
- Vercel: for website hosting and — only with your consent — analytics and performance measurement
- Sentry: for error monitoring so we can detect and fix technical problems
These parties process your data solely on our behalf and on the basis of processing agreements.
6. Your rights
You have the right to:
- Access your personal data
- Have your personal data corrected
- Have your personal data deleted
- Have your data transferred (data portability)
- Object to the processing
You can submit a request via dechinesemuuregmond@gmail.com. We will respond within 30 days.
7. Security
We take the protection of your data seriously. We use:
- SSL/TLS encryption for all connections
- Encryption of data at rest (AES-256)
- Row Level Security at database level
- Strict access control for employees
8. Cookies
We only use functional cookies that are necessary for the operation of the website (e.g. shopping cart, authentication). We do not place tracking or marketing cookies without your consent.
9. Complaints
Do you have a complaint about how we handle your data? Contact us or file a complaint with the Dutch Data Protection Authority.
Last updated: March 2026