Privacy Policy

Last updated: 21.08.2025
Effective as of: 21.08.2025

Introduction

This document constitutes the Privacy Policy (the “Policy”) of Ofira Pareve Patisserie (the “Company”, “we”, “us”, “our”) and is intended to detail how we collect, store, use, process, and protect personal data collected in the course of our activities.
The Policy was drafted in accordance with the Israeli Protection of Privacy Law, 1981, including Amendment No. 13 and regulations enacted thereunder, as well as the guidelines of the Israeli Privacy Protection Authority.
Our goal is to ensure that personal data is used responsibly, securely, fairly, and proportionately, and subject to your rights under applicable law.

Definitions

For the purposes of this Policy:

“Personal Data” – any information about an identified or identifiable individual, directly or indirectly, including name, ID number, address, phone number, email address, location data, biometric data, medical data, financial data, online usage data, and any other data as defined by law.

“Sensitive Data” – personal data relating to a person’s physical or mental health, sexual orientation, political opinions, religious beliefs, criminal record, or any other data defined by law as particularly sensitive.

“Database” – as defined by law, including a collection of data held by computerized or other means and accessible according to defined permissions.

Fundamental Principles

Transparency – we inform data subjects about collection and use and specify processing purposes.

Consent – processing is carried out after obtaining informed consent, unless another legal basis applies.

Purpose Limitation – data is used solely for the purposes for which it was collected.

Data Minimization – we collect only the data necessary to achieve the purposes.

Storage Limitation – data is retained only for the period required.

Information Security – we implement technological and organizational measures to ensure confidentiality and integrity.

Data Subject Rights – right of access, rectification, deletion, restriction of processing, and objection.

Types of Data Collected

Data you provide voluntarily – when registering, contacting us, purchasing a product/service, filling forms, or communicating with our representatives.

Data collected automatically – IP address, browser type, browsing data, geolocation, cookies.

Data from third‑party sources – business partners, suppliers, public bodies, or lawful databases.

Particularly sensitive data – collected only when necessary and in accordance with the law.

Mechanisms that Collect Data
Forms

The site implements forms using the Elementor plugin. Data entered into forms is emailed to the site owner and also stored in the site’s database in order to respond to visitors’ inquiries at their request.

Comments on the site

If you comment on content on the site, the comment and its metadata are retained indefinitely so we can recognize and approve follow‑up comments automatically.

Gravatar

Although our site does not display user comments, we note that WordPress integrates with the Gravatar service to display user images for accounts registered with that service (when posting a comment). The user image is solely controlled by the account holder. (Gravatar’s privacy policy: https://automattic.com/privacy/
)

Anti‑spam plugin

Every form submitted on the site is checked by an anti‑spam plugin. This plugin states it does not store personal or sensitive information about visitors, as described at: https://wpmaspik.com/refund_returns/

Facebook Pixel

Our site uses Facebook Pixel. This means Facebook receives information about your use of the site and may use it for statistics or to display personalized ads.

We do not offer an on‑site opt‑out for the Pixel (continuing to browse constitutes awareness and consent). If you have a Facebook account, you can control this data directly with Facebook: delete previously stored activity and decide whether future activity from our site (or others) will continue to be associated with your account.

Manage Facebook’s off‑site activity here: https://www.facebook.com/off-facebook-activity

Google Services

Our site uses Google tools (e.g., Google Analytics and Google Ads). This means Google receives information about your use of the site and may use it to provide us statistics and to show you personalized ads.

We do not offer an on‑site opt‑out for these tools (continuing to browse constitutes awareness and consent). If you have a Google account, you can manage this data directly with Google: delete stored history or opt out of personalized ads.

Delete activity: https://myactivity.google.com/myactivity?pli=1

Manage ad personalization: https://myadcenter.google.com/home?sasb=true&ref=ad-settings

Site Backups via UpdraftPlus

The site uses the UpdraftPlus backup plugin, configured to store site backups on Google Drive. Backups include site content and data provided by users in the course of using the site (such as form details or registrations) and are performed to maintain availability and enable restoration if needed. Backups are retained for one month. Access to backups is restricted to the site owners.

Google Fonts

This site uses fonts served by Google Fonts. When a font loads, Google may receive the user’s IP address.

Security via Wordfence

For site security, we use the Wordfence plugin, which may collect and store IP addresses and login attempts.

Embedded Content (iframe)

Articles or posts on this site may include embedded content (e.g., videos, images, articles). Embedded content from other websites behaves as if the visitor had visited those websites directly.

Collection and storage of data in such cases are performed by those external sites in accordance with their privacy policies; we have no control over this. To exercise rights regarding that data (e.g., a request for deletion or access), please contact the relevant external service provider.

For convenience, here are links to privacy policies of selected services that may be embedded on our site:

YouTube (Google): https://policies.google.com/privacy

Facebook: https://www.facebook.com/privacy/policy

Vimeo: https://vimeo.com/privacy

Purposes of Processing

Provision of services and products.

Improving user experience.

Customer relationship management, marketing, and personalized offers.

Compliance with legal obligations.

Fraud prevention and systems security.

Statistical analysis and research.

Sharing and Transfer of Data

Our site shares certain collected data with other parties to ensure full and proper operation:

Analytics services – e.g., Google Analytics or usage measurement tools.

Security providers – firewalls, anti‑spam systems, protection against intrusions.

Hosting provider – the servers on which site files are hosted.

Maintenance and technical support – subcontractors or companies providing us services.

Email marketing systems – e.g., Mailchimp.

Professional advisors – legal, financial, regulatory (if access or processing is required).

Authorized authorities as required by law.

Third parties in the event of a merger/acquisition.

Transfers of data outside Israel will be carried out in accordance with the law and subject to adequate protection.

Information Security

We implement physical, technological, and organizational safeguards as required by the Protection of Privacy Regulations (Data Security), 2017.
The site is protected using a security plugin.
We regularly update the site to prevent security vulnerabilities.
The site operates over SSL.
Access to data is granted only to authorized personnel under confidentiality obligations.
In the event of a serious security incident, we will take steps to mitigate harm and notify the Privacy Protection Authority and data subjects as required by law.

Data Subject Rights

Right of access – you may access data held about you.

Right to rectification and deletion – you may request correction or deletion of your data.

Objection to processing – you may object to the use of your data for direct marketing.

Lodging a complaint – you may file a complaint with the Privacy Protection Authority.

The site includes a built‑in mechanism for deletion or export of data as applicable. You may submit a request to access/delete personal data by emailing us, and we will act to fulfill it.

Data Retention

Data is retained only for the period necessary to achieve the processing purposes or as required by law.
At the end of the period, data will be deleted, destroyed, or anonymized.

Use of Cookies

We use cookies to improve user experience, analyze usage, and tailor advertising content.
You can change your browser settings to block cookies, though doing so may impair some services.

Data Protection Officer

In accordance with the law, a Data Protection Officer (DPO) has been appointed:

Name: Ofira Talmor
Email: ofira.pastry@gmail.com

Changes to this Policy

We reserve the right to modify this Policy from time to time.
Material updates will be posted on the site, and data subjects will be notified as needed.

Contact Us

For questions, requests, or complaints, please contact us:

Email: ofira.pastry@gmail.com


		
			


	



			

					

							

							

					

			

						

				

									
Design by Artpluweb | Built Netmii
								

				

					

		

				

			

						

				

																														

				

				

				

									
© All rights reserved to Ofira Talmor | Accesibility | Terms | Privacy policy |
								

				

				

				

									
 Site management – GreenCode
								

				

					

		

				

			

						

				

							

							
					
						Facebook
											
				
							
					
						Instagram
											
				
							
					
						Whatsapp
											
				
							
					
						Envelope
											
				
							
					
						Phone-alt