Language
English Français Deutsch

Privacy Statement

1. Overview and Scope

This Privacy Statement explains how we process personal data when you use Letzdine, our websites, restaurant search, ordering and reservation features, customer accounts, contact and partner forms, giveaways, Restaurant Awards, loyalty features or restaurant websites operated on the Letzdine platform.

Personal data means any information relating to an identified or identifiable natural person. This may include, in particular, names, contact details, delivery addresses, order and reservation data, payment information, device and usage data and online identifiers.

Processing is carried out under the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and, where cookies, Local Storage, Session Storage or comparable technologies are concerned, Section 25 of the German TDDDG.

Last updated: April 23, 2026

2. Controller

The controller responsible for processing personal data in connection with Letzdine is:

Virtuma UG (haftungsbeschränkt)
Managing Director: Klein Adrien
Petersberg 12
54457 Wincheringen
Germany

Phone: (+49) 6501 9606 930
Email: info@letzdine.eu

Register Court: Amtsgericht Wittlich
Registration number: HRB41888
VAT ID: DE 282761603

3. Privacy Contact and Data Protection Officer

For privacy questions, to exercise your rights or to withdraw consent, you can contact us at:

Email: info@letzdine.eu

No data protection officer has currently been appointed.

4. Data We Process

Depending on how you use Letzdine, we may process in particular the following categories of data:

  • master data such as name, first name, company name, customer account ID and language settings,
  • contact details such as email address, phone number, address, delivery address, city, postal code, country and floor,
  • account and access data such as login status, encrypted password, reset tokens, customer tokens and account status,
  • order data such as selected products, extras, quantities, prices, payment method, delivery or pickup method, restaurant, order status, requested time, notes and order comments,
  • reservation data such as restaurant, date, time, number of guests, name, phone number, email address, status, comments and special reservation details,
  • payment data such as payment method, payment status, payment references, transaction numbers, amounts and payment information provided by payment service providers,
  • usage and device data such as IP address, shortened or anonymised IP address, browser, operating system, device type, language, time zone, referrer, page views, clicks, search data, campaign parameters and technical identifiers,
  • content from contact, partner and recommendation forms, such as restaurant name, business address, contact person, email, phone, cuisine, delivery area, opening hours, menu link, uploads and free-text messages,
  • data relating to Restaurant Awards, giveaways, loyalty points, vouchers, wish lists and carts,
  • communication data such as emails, system messages, support requests and internal processing notes.

We only process data that is required for the relevant purpose, that you provide voluntarily, that is generated technically during use or that we must retain due to legal requirements.

5. Purposes and Legal Bases

We process personal data in particular for the following purposes and on the following legal bases:

Technical provision of the platform
Provision, security, error analysis, abuse prevention and stability of the website. The legal basis is Art. 6(1)(f) GDPR. Where information is stored on or read from your device and this is technically necessary, this is done under Section 25(2) TDDDG.
Customer account, orders and reservations
Creation and management of customer accounts, login, cart, order processing, delivery, pickup, reservation, communication with restaurants and customer service. The legal basis is Art. 6(1)(b) GDPR or, where we only provide technical intermediation, Art. 6(1)(f) GDPR.
Payments and accounting
Processing of online payments, payment confirmation, fraud and abuse prevention, accounting and tax documentation. The legal bases are Art. 6(1)(b), (c) and (f) GDPR.
Contact, partner requests and restaurant recommendations
Processing your request, communicating with you, reviewing a possible collaboration, following up on recommendations and internal organisation. The legal bases are Art. 6(1)(b) and (f) GDPR.
Analytics, marketing and retargeting
Analysing use, improving the platform, measuring campaign success and advertising retargeting through internal analytics, Google services and Meta services. Where required, this only takes place with your consent under Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
Legal obligations and legal enforcement
Compliance with statutory retention duties, proof of consent, handling data subject rights, defending and enforcing claims and reviewing abuse. The legal bases are Art. 6(1)(c) and (f) GDPR.

6. Website Access, Server Logs and Security

When you access our websites, technically necessary data is processed so that the page can be delivered. This includes in particular IP address, date and time of access, requested URL, referrer, browser and device information, language settings, HTTP status and transmitted data volume.

This data is processed for technical provision, error diagnosis, system security and abuse detection. Where bots or automated access are identifiable, additional technical events may be logged to protect the platform against scraping, overload and security incidents.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in providing Letzdine securely, stably and free from abuse.

7. Cookies, Local Storage, Session Storage and Consent

We use cookies, Local Storage, Session Storage and comparable technologies. Some of these technologies are technically necessary; others are only used if you have consented.

Technically necessary storage is used in particular for session management, language settings, cart and wish list functions, login, security, website display and saving your cookie choice. The legal basis for processing personal data is Art. 6(1)(f) GDPR; technically necessary storing or reading of information is carried out under Section 25(2) TDDDG.

Non-essential analytics and marketing technologies are only used on the basis of your consent. The legal bases are Art. 6(1)(a) GDPR and Section 25(1) TDDDG.

The following storage may occur on Letzdine in particular:

  • ci_session: session cookie for technical session management.
  • letzdine_lang: stores the selected language.
  • restopage_lang_preferences: language settings for participating restaurant websites.
  • jfrost_carts: stores cart information.
  • jfrost_wishlist: stores wish list information.
  • letzdine_tracking_consent: stores your cookie and tracking choices.
  • jfrost_allow_cookie: compatibility cookie documenting a cookie choice.
  • letzdine_tracking_visitor, letzdine_tracking_session, letzdine_tracking_entry: pseudonymous identifiers and session data for analytics where you have consented.
  • letzdine_awards_guest: pseudonymous guest identifier for Restaurant Awards voting.

In addition, data may be stored in the browser, such as saved address entries, reservation times, weekly menu selections, filters, theme settings or form states, to make use more convenient.

You can change or withdraw your consent at any time via the cookie settings in the footer. You can also delete or block cookies and local storage in your browser. Some functions may be limited if you block them.

8. Customer Account, Registration and Login

When you create a customer account or log in, we process the account and contact data required for this, in particular name, email address, phone number, password in encrypted form, account status, address data and technical login data.

We use this data to provide the account, recognise you on participating restaurant websites, manage your orders and reservations, communicate with you and prevent abuse.

The legal basis is Art. 6(1)(b) GDPR. Where we process data for security, fraud prevention or defending against claims, the legal basis is Art. 6(1)(f) GDPR.

9. Orders, Deliveries, Pickups and Reservations

When you place an order or make a reservation through Letzdine, we process the data necessary to handle it. This includes in particular name, email address, phone number, delivery or billing address, restaurant, products, quantities, prices, payment method, order status, requested delivery, pickup or reservation time, number of guests, notes and special details.

This data is transmitted to the relevant restaurant so that the restaurant can prepare the order, deliver it, make it available for pickup, ask questions or manage the reservation. The restaurant may pass the data to its own staff, service staff, delivery staff or service providers where necessary for fulfilment.

The legal basis is Art. 6(1)(b) GDPR. Where Letzdine provides the technical platform and processes data in the interest of proper intermediation, documentation or troubleshooting, Art. 6(1)(f) GDPR may also apply.

For restaurant websites technically based on Letzdine, the respective restaurant may, depending on the specific integration, also be an independent controller or involved jointly with us. Please also observe the information provided by the respective restaurant.

10. Payments via Stripe, PayPal and Other Payment Methods

Depending on the restaurant and chosen payment method, online payments may be processed by payment service providers, in particular Stripe and PayPal. For online payments, the data required for payment is transmitted to the relevant provider, for example name, email address, amount, currency, order reference, payment status, transaction identifier, billing or payment data and technical security information.

Full card or account details are generally processed directly by the payment service provider and are not permanently stored by Letzdine. The payment service provider may also process personal data as an independent controller, in particular for payment processing, fraud prevention, compliance with legal obligations and risk checks.

The legal bases are Art. 6(1)(b) GDPR for payment execution, Art. 6(1)(c) GDPR for legal obligations and Art. 6(1)(f) GDPR for fraud prevention and payment security.

11. Internal Analytics, Google and Meta

We may process usage data to understand how Letzdine is used, which pages and restaurants are accessed, which search and ordering paths work and where errors or drop-offs occur. For this purpose, we may use internal analytics as well as services from Google and Meta.

Internal analytics may process in particular pseudonymous visitor and session identifiers, shortened or anonymised IP address, browser, device type, language, time zone, referrer, campaign parameters, page views, clicks, search data, restaurant IDs, order mode, interactions, scroll depth, time on page and event data.

Google services may include in particular Google Analytics 4, Google Ads and Google Consent Mode. Meta services may include in particular Meta Pixel and, where activated, server-side conversion interfaces.

Analytics and marketing services that are not technically necessary are only activated after your consent. The legal bases are Art. 6(1)(a) GDPR and Section 25(1) TDDDG. You can withdraw your consent at any time via the cookie settings.

For Google and Meta, transfers of personal data to the USA or other third countries cannot be ruled out. Where required, we base such transfers on appropriate safeguards, in particular adequacy decisions, certifications under the EU-US Data Privacy Framework or standard contractual clauses.

12. Google Maps, Google Places and Location Search

Google Maps and Google Places may be used for address search, restaurant search, geocoding, location determination and map display. In this context, in particular IP address, browser and device information, search terms, address or location details, map interactions and technical usage data may be transmitted to Google.

Where processing is necessary to provide location and search functions, it is based on Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR. Our legitimate interest lies in functioning restaurant, delivery-area and address search. Where consent is required, processing is based on Art. 6(1)(a) GDPR and Section 25(1) TDDDG.

13. Google reCAPTCHA

We may use Google reCAPTCHA to protect forms against abuse, spam and automated access. In this context, IP address, browser and device information, mouse and keyboard interactions, time spent, referrer and other technical data may be processed and transmitted to Google.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in protecting our forms and systems against abuse. Where storing or reading information on your device requires consent, this is done under Section 25(1) TDDDG.

14. Notifications to Restaurants and Firebase Cloud Messaging

To process orders and reservations quickly, restaurants may receive technical notifications, for example about new orders or new reservations. Push services such as Firebase Cloud Messaging by Google may be used for this purpose.

In particular, restaurant device tokens, technical delivery information and order-related notification content are processed. Customer data is only transmitted to the extent necessary for notification and processing by the restaurant.

The legal bases are Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR. Our legitimate interest lies in fast and reliable transmission of order and reservation information.

15. Email Communication, System Messages and Support

We process contact details and communication content when we send order confirmations, reservation information, account emails, password messages, partner-form confirmations, responses to requests or other necessary system messages.

The legal bases are Art. 6(1)(b), (c) and (f) GDPR. Our legitimate interest lies in handling your request, documenting communication and securely processing platform functions.

You only receive advertising emails if there is legal permission or if you have consented. You can withdraw consent at any time with effect for the future.

16. Partner Forms and Restaurant Recommendations

When you register a restaurant, request a collaboration or recommend a restaurant, we process the data you enter. This may include in particular business name, business address, partner type, delivery method, contact person, name, email, phone number, cuisine, delivery area, opening hours, menu link, uploaded menu files, postal code, city and free-text messages.

We use this data to process the request, contact you, review a possible collaboration, forward it internally and document it. Uploaded files may be stored temporarily and deleted after completion or after technical cleanup periods expire.

The legal bases are Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR.

17. Restaurant Awards, Giveaways, Vouchers and Loyalty Points

When you participate in Restaurant Awards, giveaways, voucher campaigns, loyalty points or comparable features, we process the data required for the respective feature. Depending on the feature, this may include name, email address, customer account, restaurant selection, vote, guest identifier, pseudonymised or hashed IP address, hashed browser identifier, timestamp, participation and points status, voucher data and campaign status.

We process this data to carry out the relevant feature, verify participation, prevent multiple votes or abuse, evaluate results and redeem benefits.

The legal bases are Art. 6(1)(b) GDPR, Art. 6(1)(f) GDPR and, where consent is obtained, Art. 6(1)(a) GDPR.

18. Recipients of Personal Data

We only disclose personal data where this is required for the relevant purposes, where a legal basis exists or where you have consented. Recipients may include in particular:

  • the restaurant you selected and its staff, delivery or service teams,
  • payment service providers such as Stripe, PayPal or other payment providers activated depending on the restaurant,
  • hosting, infrastructure, maintenance, email and IT service providers,
  • analytics and marketing providers such as Google and Meta, where activated and covered by your consent,
  • map, security and push services such as Google Maps, Google Places, Google reCAPTCHA and Firebase Cloud Messaging,
  • tax advisors, legal advisors, banks, authorities or courts where legally required or needed for legal enforcement,
  • connected technical service providers that operate, maintain or secure Letzdine or restaurant websites based on Letzdine.

Where service providers process personal data on our behalf, we use them on the basis of a data processing agreement under Art. 28 GDPR. Where recipients are independent controllers, they process data according to their own privacy information.

19. Transfers to Third Countries

Some service providers used by us or by restaurants may be based outside the European Union or the European Economic Area or process data there. This applies in particular to providers with a connection to the USA, such as Google, Meta, Stripe or PayPal.

A transfer only takes place where the requirements of Art. 44 et seq. GDPR are met. Depending on the provider, this may be based in particular on an adequacy decision, certification under the EU-US Data Privacy Framework, standard contractual clauses, additional safeguards, your consent or necessity for contract performance.

Despite such safeguards, a different level of data protection may apply in third countries. In particular, authorities may under certain circumstances access data without you having the same legal remedies as in the EU.

20. Retention and Deletion

We store personal data only for as long as required for the relevant purposes, statutory retention duties exist or legitimate interests justify further storage.

  • Account and profile data is generally stored for the duration of the customer account and deleted or anonymised after account deletion unless legal duties or claims prevent this.
  • Order, payment and invoice data may regularly need to be retained for six to ten years due to commercial and tax law requirements.
  • Reservation data is stored for as long as required for performance, follow-up questions, evidence, abuse checks or claims.
  • Contact and partner requests are stored for processing and appropriate follow-up, then deleted unless legal duties or legitimate interests prevent deletion.
  • Consent data is stored to prove and respect your choice, generally until change, withdrawal or expiry of the technical storage period.
  • Analytics and marketing data is deleted, anonymised or aggregated depending on the service, settings and purpose once no longer required.
  • Technical logs are deleted or anonymised once they are no longer required for security, error analysis and abuse prevention.

If data may not be deleted, it is blocked or restricted where possible.

21. Your Rights

Under the GDPR, you have in particular the following rights:

  • right of access under Art. 15 GDPR,
  • right to rectification under Art. 16 GDPR,
  • right to erasure under Art. 17 GDPR,
  • right to restriction of processing under Art. 18 GDPR,
  • right to data portability under Art. 20 GDPR,
  • right to object under Art. 21 GDPR,
  • right to withdraw consent under Art. 7(3) GDPR,
  • right to lodge a complaint with a data protection supervisory authority under Art. 77 GDPR.

To exercise your rights, you can contact us at info@letzdine.eu. If we cannot reliably verify your identity, we may request additional identifying information.

22. Right to Object under Art. 21 GDPR

Where we process personal data on the basis of Art. 6(1)(f) GDPR, you may object to this processing at any time on grounds relating to your particular situation.

We will then no longer process the data concerned unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or processing serves the establishment, exercise or defence of legal claims.

Where we process personal data for direct marketing, you may object at any time. In that case, we will no longer use the data for direct marketing.

23. Withdrawal of Consent

Where processing is based on your consent, you can withdraw it at any time with effect for the future. The lawfulness of processing carried out before withdrawal remains unaffected.

Consent for cookies, analytics and marketing can be changed or withdrawn via the cookie settings in the footer. Other consents can be withdrawn through the method indicated or by email to info@letzdine.eu.

24. Complaint to the Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement.

The supervisory authority generally responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Postfach 30 40
55020 Mainz
Germany
Phone: +49 (0) 6131 8920-0
Email: poststelle@datenschutz.rlp.de
Website: www.datenschutz.rlp.de

25. Obligation to Provide Data

Providing personal data is generally voluntary. For certain features, however, specific data is required. Without required contact data, delivery data, payment data or reservation data, we cannot process the corresponding order, delivery, pickup, payment, reservation or request.

26. Automated Decisions

We do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you.

Automated checks or rule sets may be used for security, abuse detection, fraud prevention, payment protection and technical prioritisation. A final legally significant decision is not made solely by automated means where this is legally required.

27. Minors

Letzdine is not specifically directed at children. Orders, payments and binding reservations may only be made by persons legally entitled to do so. If we determine that personal data of children has been processed without required consent, we will delete such data in accordance with legal requirements.

28. Data Security

We implement technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration and disclosure. These include in particular access restrictions, authorisation concepts, transport encryption, logging, security checks and organisational confidentiality measures.

Please note that data transmission over the Internet is never completely risk-free. Emails may pose particular risks when sent without encryption.

29. Changes to this Privacy Statement

We may update this Privacy Statement if our data processing, services used, legal requirements or guidance from authorities change. The current version is available on this page.