Privacy Policy

Privacy Statement Mondi

At Mondi, we highly value the protection of your personal data. In this privacy statement, we explain which personal data we collect via our website mondirestaurant.com, for what purposes, and how we handle this data. We process personal data in accordance with the General Data Protection Regulation (GDPR).

1. Who is responsible for processing your data?

The Mondi restaurants fall under different legal entities. These entities are joint data controllers for the website. They are:

• Corendon Vitality Hotels B.V., located at Aletta Jacobslaan 7, Amsterdam. This includes Mondi Amsterdam New-West Caribbean Cuisine.
• Corendon Village Exploitatie B.V., located at Schipholweg 275, Badhoevedorp. This includes Mondi Skybar & Restaurant.
• Mondi Holding B.V., located at Pater Euwensweg 31, Willemstad. This includes Mondi Beach Curacao.

2. Which data do we process and why?

a) Contact form

When you fill in our contact form, your data (such as name, email address, and message content) is sent directly to the mailbox of the respective restaurant and is only used to answer your question or request, such as a group reservation or other event.
Purpose: Handling your contact request and/or special reservation.
Legal basis: Performance (or preparation) of a contract and/or legitimate interest.
Retention period: Maximum 6 months after the request is handled, unless further correspondence is required.

b) Reservations

You can make a reservation on our website. We process your personal data (such as name, email address, phone number, and reservation details).
Purpose: Processing your reservation.
Legal basis: Performance of a contract.

c) Newsletter

You can subscribe to our newsletter. We process your name and email address to inform you about news, offers, and events. You can unsubscribe at any time using the unsubscribe link in the email.
Purpose: Sending newsletters.
Legal basis: Consent.
Retention period: Until you unsubscribe.

d) Analytics

We use analytics services, such as Google Analytics, to gain insights into how our website is used and to improve it. This includes anonymized data such as IP address, device details, browser information, and visited pages.
Purpose: Website usage insights.
Legal basis: Legitimate interest.

e) Website Security

Our web servers automatically log certain data (server logs) when you visit the website. This includes your IP address, browser information, date and time of visit, and visited pages. We use this data for technical and security purposes, such as preventing abuse and ensuring website stability.

We process health-related data, such as allergies, only if you voluntarily provide it. We handle this data with the utmost care.

If you apply for a vacancy, we process your data to decide whether to invite you for an interview and whether to offer you a job. For more information, visit werkenbijcorendonhotels.nl.

3. Do we share your data with third parties?

We do not sell your data to third parties. Your data is only shared with parties necessary for our services, such as Formitable, which provides the reservation widget. We have data processing agreements in place with these parties to protect your data.

We may share data if necessary to establish, exercise, or defend our legal rights. We may also share data with government agencies or authorities if required by law or by an official order.

4. Sharing of personal data within Corendon Hotels & Resorts

Where necessary, we share personal data with other companies within the Corendon group. We do this solely to provide the requested services, manage and improve our operations, and contact you when applicable.

5. Transfer of personal data outside the EEA

In certain cases, we transfer your data to partners or Corendon/Mondi entities outside the European Economic Area (EEA), for example, when making a reservation for the Curacao restaurant or when using a service provider outside the EEA.

These countries may not provide the same level of data protection as within the EEA. In such cases, we implement appropriate contractual and security measures, such as standard contractual clauses approved by the European Commission, to ensure compliance with EU data protection law.

6. Links to other websites and social media features

Our websites may contain links to external websites operated by other organizations, each with their own privacy policies. Please review their policies carefully before submitting any personal data. We accept no responsibility or liability for these third-party websites.

Our websites include social media features like Instagram, which have their own privacy policies. Please review these carefully before providing personal data. We accept no responsibility or liability for these features.

7. Your rights

You have the right to access, correct, delete, restrict processing, object to processing, and data portability. You can contact us via [email protected]. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

8. Security

We implement appropriate technical and organizational measures to protect your data against loss or unlawful processing.

9. Changes

We reserve the right to amend this privacy statement. The most recent version is always available on our website.