Privacy Policy

Last updated: January 1, 2026

This Privacy Policy describes how Lightengineorium GmbH ("we," "our," or "us") collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring transparency about our data practices.

Data Controller Information

The data controller responsible for your personal data is:

Data Collection

We collect personal data that you provide directly to us and information that is automatically collected when you use our website. The data we collect includes:

• Contact Information: Name, email address, phone number, and mailing address when you make reservations, contact us, or sign up for our newsletter
• Reservation Data: Dining preferences, special requests, party size, and reservation history
• Website Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and referral sources
• Communication Records: Records of your communications with us, including emails, phone calls, and feedback
• Marketing Preferences: Your preferences for receiving marketing communications and promotional offers

How We Use Your Information

We use the personal data we collect for the following purposes, based on legitimate business interests and legal obligations:

• Service Provision: To process reservations, provide dining services, and fulfill your requests
• Customer Communication: To respond to inquiries, provide customer support, and send service-related notifications
• Marketing and Promotions: To send newsletters, promotional offers, and information about our services (with your consent)
• Website Improvement: To analyze website usage, improve user experience, and optimize our services
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Business Operations: To manage our business operations, maintain records, and ensure security

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our cookie usage, please see our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our website, conducting business, or providing services to you
• Legal Requirements: When required by law, regulation, legal process, or governmental request
• Business Transfers: In connection with a merger, acquisition, or sale of all or part of our business
• Consent: When you have given explicit consent for specific sharing purposes

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Reservation data is typically retained for accounting and customer service purposes for up to 7 years. Marketing data is retained until you withdraw consent or request deletion. Website analytics data is typically retained for 26 months.

Your Rights

Under the General Data Protection Regulation (GDPR) and applicable data protection laws, you have the following rights:

• Access: Request access to your personal data and information about how we process it
• Rectification: Request correction of inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data under certain circumstances
• Restriction: Request restriction of processing your personal data
• Portability: Request transfer of your data to another controller in a structured format
• Objection: Object to processing of your personal data for direct marketing or legitimate interests
• Withdraw Consent: Withdraw consent for processing based on consent at any time

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after any changes indicates your acceptance of the updated policy.

Contact Information

If you have any questions about this Privacy Policy, want to exercise your rights, or need to contact us about your personal data, please reach out to us:

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with data protection laws. In Germany, you can contact your local data protection authority or the Federal Commissioner for Data Protection and Freedom of Information (BfDI).