Cookie & Storage Policy
This Cookie & Storage Policy describes the storage tools and cookies used by the digital menu delivered through the MenuLampo technology platform, pursuant to Art. 122 of Legislative Decree no. 196/2003 (Italian Privacy Code), Articles 12 and 13 of Regulation (EU) 2016/679 ("GDPR") and the Guidelines of the Italian Data Protection Authority (Garante) on "cookies and other tracking tools" of 10 June 2021 (no. 231).
1. Controller
The MenuLampo technology platform is provided by RAD LAB di Riccardo M'Rad, P.IVA 11078251219, C.F. MRDRCR99M12E396O, with registered office at Via Chiummano n. 47, 80072 Barano d'Ischia (NA), e-mail: riccardo@radlab.it, PEC: riccardomrad@pec.it (hereinafter "RAD LAB"). RAD LAB is the data controller solely with regard to the technical and security aspects described on this page.
2. No consent banner: why
This digital menu uses exclusively technical tools strictly necessary to deliver the service requested by the user and to ensure its security. There are no profiling cookies, advertising tracking tools, marketing pixels, or third-party analytics tools (for example Google Analytics or Meta Pixel).
Pursuant to Art. 122(1) of Legislative Decree no. 196/2003 and the Garante's Guidelines of 10 June 2021, strictly necessary technical tools are exempt from consent of the user. For this reason no cookie consent banner is displayed: this notice is provided instead, in compliance with Art. 13 GDPR.
3. Local storage (localStorage) โ technical tools
To allow proper use of the menu, the page stores certain preferences directly in your browser's localStorage, on your device:
- the language chosen for displaying the menu;
- where the menu provides filters for allergens or dietary preferences, the relevant filter selection (e.g. gluten-free, vegetarian);
- the dismissal of interface notices (e.g. the language suggestion, the update-available notice), as a simple technical flag containing no identifiers.
This information remains on your device, is not transmitted to any profiling or marketing system, and serves solely to remember your choice from one page to another and from one visit to another.
Technical fallback cookie. If your browser prevents the use of localStorage and sessionStorage (for example in some private-browsing modes), the same technical preferences may be stored in an equivalent first-party technical cookie (named ml:v1:*, SameSite=Lax, lasting up to 12 months). This cookie is strictly necessary for the menu to function, is not used for profiling or marketing, and is exempt from consent pursuant to Art. 122(1) of Legislative Decree no. 196/2003.
- Nature: strictly necessary technical tools (Art. 122(1) of Legislative Decree no. 196/2003), exempt from consent.
- Legal basis: legitimate interest in providing a usable interface and in remembering the technical preferences requested by the user (Art. 6(1)(f) GDPR). The storage remains in any event exempt from consent as a strictly necessary technical tool (Art. 122(1) of Legislative Decree no. 196/2003).
- Duration: it persists in the browser until manually deleted by the user.
- Control: you may delete it at any time from your browser settings (see section 6).
4. Cloudflare technical security cookies
The site is delivered through the security and content distribution infrastructure of Cloudflare, Inc., which acts as a technical provider on behalf of RAD LAB. To protect the site and ensure its operation, Cloudflare may set certain technical security cookies on your browser, which are not used for profiling or marketing:
| Cookie | Provider | Purpose | Indicative duration | Consent |
|---|---|---|---|---|
__cf_bm |
Cloudflare | Bot management: distinguishes legitimate traffic from automated/malicious traffic, to protect the site | ~30 minutes | Technical security, exempt (Art. 122(1)) |
cf_clearance |
Cloudflare | Stores the passing of a security check (challenge/CAPTCHA), to avoid repeated verifications | As a rule 30 min (unless otherwise configured) | Technical security, exempt (Art. 122(1)) |
_cfuvid |
Cloudflare | Enforcement of security/rate-limiting policies (set only if such option is active) | Session/variable | Technical security, exempt (Art. 122(1)) |
- Legal basis: legitimate interest in network and information security (Art. 6(1)(f) GDPR; Recital 49 GDPR).
- Nature: strictly necessary technical cookies (Art. 122(1) of Legislative Decree no. 196/2003), exempt from consent.
The cookies actually set and their respective durations depend on the Cloudflare configuration and must be verified by means of a periodic scan of the site's cookies. Further details are available in Cloudflare's official documentation on cookies.
5. Real-time connection (SSE) and technical data
To update the menu in real time, the page opens a persistent connection (Server-Sent Events technology). This connection does not store any data in your browser: it is a technical transmission channel. It does, however, involve the processing, on the server side and by Cloudflare, of technical data such as IP address, date/time, requested URL, and browser information (user-agent), solely for the delivery of the service and for security. Such data is retained in the logs for the strictly necessary time for those purposes, in accordance with criteria of minimisation and technical rotation. For the retention periods and criteria and for your rights, please refer to the Privacy Policy.
6. How to delete the data from your browser
As only technical tools are involved, there is no consent panel. You may nonetheless manage and remove this data at any time:
- delete the cookies and local storage data (localStorage) from your browser settings, under "Privacy and security" (e.g. "Clear browsing data", "Delete cookies and site data");
- use incognito/private browsing so that preferences are not retained from one session to another.
Deleting or disabling these tools may result in the loss of the saved preferences (e.g. language and, where present, filters), but does not prevent consultation of the menu.
7. Processing of personal data and your rights
The processing of IP addresses and log data is governed in detail in the Privacy Policy (Privacy Policy), which describes the purposes, legal bases, recipients, any non-EU transfers, retention periods, and your rights (Articles 15-22 GDPR), as well as the right to lodge a complaint with the Italian Data Protection Authority (Garante) (Art. 77 GDPR).
8. Updates
This Cookie & Storage Policy may be updated in the event of technical or regulatory changes. Last updated: 22/06/2026 14:15 CEST.