Legal

Privacy Policy

Last updated: April 2026

[DRAFT — This document contains placeholder legal business data pending final confirmation.]

1. Data controller

The entity responsible for processing your personal data on this website is:

  • Owner: Michael Sepulveda
  • Tax ID (NIF/NIE): [DRAFT — Pending]
  • Address: [DRAFT — Pending] Mallorca, Spain
  • Contact Email: info@michaelprivatechef.com

2. Data collected and source

We collect personal data directly from you when you complete the contact form on our website. The data collected includes: First name, last name, email address, phone number, stay dates, number of guests, any voluntarily provided dietary preferences, and free-text messages.

3. Purpose of data processing

The personal data collected is processed exclusively for the following purposes:

  • To respond to your enquiries regarding availability and services.
  • To manage booking requests and prepare service proposals.
  • To fulfill contractual obligations once a booking is confirmed.

4. Legal basis for processing

The processing of your data relies on the following legal bases:

  • Consent: When you submit an enquiry via the web form, you explicitly consent to the processing of your data to handle your request (Article 6(1)(a) GDPR). The processing of any sensitive dietary or health data (Article 9 GDPR) is also based exclusively on your explicit consent.
  • Contractual Necessity: For the execution of the services requested if a booking is confirmed (Article 6(1)(b) GDPR).

5. Data retention

Your personal data will be kept for as long as necessary to address your enquiry. If a service is booked, data may be retained for the legal minimum required under Spanish tax and commercial law (typically 5 years). Enquiries that do not lead to a booking will be deleted within 6 months of the last contact.

6. Recipients and processors

Your data will not be shared with third parties for marketing purposes. Data may be shared with IT service providers (such as hosting and email infrastructure) strictly to operate the website and communication tools. Any such providers act as data processors under strict confidentiality agreements. No international transfers of data occur outside the scope of European data protection regulations.

7. User rights and how to exercise them

Under the GDPR and the Spanish LOPDGDD, you have the right to:

  • Access, rectify, or request deletion of your data.
  • Limit or object to the processing of your data.
  • Request data portability.
  • Withdraw your consent at any time without affecting the lawfulness of past processing.

To exercise your rights, please send a written request to info@michaelprivatechef.com.

8. Right to complain

If you believe your rights have not been respected, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

9. Security

We apply appropriate technical and organizational security measures to protect your personal data from unauthorized access, loss, or alteration. The website uses HTTPS encryption for all communications.