Cosina – Privacy Policy
Effective from 23 May 2025
This Privacy Policy explains how MKY Ventures Spain S.L. (operating under the Cosina brand, “Cosina”, “we”, “our”) collects, uses, and protects your personal data when you use our services via our website or mobile app.
We are committed to protecting your privacy in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Spanish law.
1. Who We Are
Legal Entity: MKY Ventures Spain S.L.
Brand: Cosina
Fiscal Address: Avenida Diagonal, 442 - P. 3 PTA. 1, Barcelona, Spain
Email: head@cosina.es
We act as the Data Controller for the personal data you provide.
2. What Data We Collect
We collect the following categories of personal data when you use Cosina:
a. When placing orders:
Name and surname
Delivery address
Phone number
Email address
Payment confirmation details (no card data is stored)
Order history
b. When creating an account (mobile app):
Full name
Email address
Phone number
Password (hashed)
IP address and device information
c. Automatically collected:
Browser type and version
Device type and OS
IP address and location
Cookie data and analytics
3. Why We Collect Your Data
We collect and process your data for the following purposes:
To process and deliver your orders
To manage your user account (mobile app)
To communicate with you about orders and support
To handle refunds and complaints
To analyse platform performance and improve services
To comply with legal obligations (e.g., tax, fraud prevention)
4. Legal Basis for Processing
We process your personal data based on:
Contractual necessity – to fulfil your orders and provide our service
Legal obligations – e.g., invoicing, consumer protection
Legitimate interests – platform improvement and fraud prevention
Consent – where required (e.g., for marketing communications)
5. Data Sharing
We only share your data with:
Independent chefs who prepare your order
Catcher (our delivery partner), to deliver your order
Payment providers (e.g., Stripe) for payment processing
Customer support platforms, to help resolve your issues
IT providers who host and maintain our systems
Authorities, if required by law
We do not sell your data to third parties.
6. Data Retention
We retain your data only for as long as necessary:
Order data: 5 years (required for accounting and legal purposes)
Account data: while your account remains active
Cookie data: see our Cookie Policy
You may request deletion of your account and personal data at any time.
7. Your Rights
Under GDPR, you have the right to:
Access your personal data
Correct inaccurate data
Request deletion (“right to be forgotten”)
Restrict or object to processing
Port your data to another service
Withdraw consent at any time (for marketing, etc.)
To exercise any of these rights, contact us at head@cosina.es.
8. Data Security
We use industry-standard security protocols (SSL, encryption, access controls) to protect your data. Only authorised personnel have access to your personal data.
9. International Transfers
Your data is stored and processed within the European Economic Area (EEA). If data is ever transferred outside the EEA, we ensure appropriate safeguards (e.g., Standard Contractual Clauses) are in place.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on our website and app with the effective date clearly shown. Continued use of Cosina implies your acceptance of any changes.
11. Contact
If you have questions or concerns about your privacy, contact:
📧 Email: head@cosina.es
🏢 Address: Avenida Diagonal, 442 - P. 3 PTA. 1, Barcelona, Spain
You may also lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.