OUR PRIVACY PROMISE (UK)
Privacy Promise (UK)
Privacy Promise (IE)
Beskyttelse af privatliv (DK)
Unser Datenschutzversprechen (DE)
The protection of your privacy is essential. This privacy policy summarises the protection and use of any personal information you may provide to us when using our mobile ordering application or our ordering website (together the “Service”). The EU General Data Protection Regulation (“GDPR”) provides individuals with greater transparency and control over the processing of their personal data.
This privacy policy will apply to your use of the Service in whatever context, whether by mobile digital routes including (but not limited to) mobile, tablet or other devices/technology, or by your pc or laptop (“devices”).
WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA
The restaurant is the data controller of your personal data (including name, address, telephone number, email, and other data which could identify you – together defined as “personal data”), which you provide in connection with your purchase of items (as defined in the “website terms and conditions”) through the Service. Hereafter, the terms “we”, “us” or “our” are each intended as reference to the restaurant.
Our information and contact details are provided to you at our website and/or through the Service.
We outsource the Service to OrderYOYO Ltd (OrderYOYO, Motion Media Technology and KingFood) (“OrderYOYO”). As a result, OrderYOYO acts as a data processor on behalf of explicit instructions given by us. These instructions are ruled in their totality by a separate data protection agreement (DPA).
WHAT INFORMATION DO WE COLLECT
We collect, use, disclose and process personal data as outlined in this privacy policy, including to operate and improve the Service and our business.
Data Category | Specific Data Type |
---|---|
Contact information | Name, address, telephone number, email address |
Transaction information | Order data, purchase history, payment information, payment card token |
Marketing | Consent for marketing purposes, device tokens |
Cookie | You can find an exhaustive list in the Cookie Policy |
Social media | Name, email address |
HOW AND WHY WE USE YOUR PERSONAL DATA
We process personal data:
- To manage your orders and provide our Service to you
- To personalise and improve your customer experience
We may use your information to let you know about our other products and services (including vouchers and offers) that may be of interest to you including services that may be the subject of direct marketing. We may contact you to do so by SMS and email, offers presented within the app and if you use our mobile application via push notification. It is always your choice whether to continue receiving such marketing materials and updates.
The data protection requires us to rely on a lawful basis to process your personal data. Thus, our legal basis for the processing is the general data protection regulation (“GDPR”) article 6(1)(b) since processing is necessary for the performance of a contract to which you are a party to.
In some instances, we may rely on your consent to use some of your personal data, for example when you choose to receive promotions. In this vein, the legal basis for such processing is GDPR article 6(1)(a) since you consent to such processing. You can always withdraw Your consent as per instructions and guidelines provided by using the Service. Further details are presented in the next section.
Last but not least, we might de-identify your personal data by excluding data components that make the data linkable to you, through anonymization techniques. As a result, our use of anonymized data is not subject to this privacy policy.
HOW YOU CAN OPT OUT
If you no longer wish to receive such information, you can manage your preferences for email and SMS marketing communications at any time by going to the my profile page. Alternatively, you can opt out by using the unsubscribe mechanism in the marketing communication itself (e.g. by clicking the unsubscribe link at the bottom of an email or by sending an SMS as per instructions).
To manage push notifications, go to the settings page of your phone or tablet and change the push notification permission. If you switch off in-app push notifications, you will no longer receive updates on your orders via push.
FOR HOW LONG IS YOUR PERSONAL DATA STORED
We will retain your personal data for as long as you maintain an account or as needed to provide you the Service. We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Inactivate accounts will be anonymized after 18 months, and as a result these will not considered to be personal data anymore.
YOU ARE IN CONTROL OF YOUR DATA
You have specific rights which help you to be in control of your personal data and we want to make it easy for you to exercise these rights:
Right to access | If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data. |
---|---|
Right to rectification | If your personal data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. |
Right to erasure and right to restrict processing | In certain circumstances you can ask us to erase the information or restrict the use of the information. |
Right to data portability | You have the right to obtain the personal data we process about you in a structured, commonly used and machine-readable format, and to reuse it elsewhere. |
Right to object and to withdraw consent | You have the right to object to the use of your data for direct marketing purposes at any time. Please see the previous section for more details on how you can unsubscribe from marketing |
Right to lodge a complaint | If you wish to complain about the processing of your personal data, you can file a complaint to the UK supervisory authority: Information commissioner’s office Wycliffe house. Water lane Wilmslow Cheshire sk9 5af Tel: 0303 123 1113 or 01625 545 745 Fax: 01625 524 510 Email: casework@ico.org.uk Website: https://ico.org.uk |
Please write an email to privacy@orderyoyo.com in order to exercise any of the rights mentioned above. If you contact us, please explain the reason(s) for your request and the desired action. On the other hand, you can update your data as well as delete permanently your account in your profile.
For the protection of your information, we will also need to verify your identity. It would be convenient if you contact us with the email address associated to your profile account and/or include a reference to an orderID.
In addition, any comments with regards to e.g. the reasons you want to obtain your data in a portable format and how you are planning to use it are welcomed. This is a new data right and we are keen to understand how we can provide portable data that is convenient. Please note that providing this information is not mandatory and it will not affect the way we will process your request, but it will help our future planning.
PROTECTING YOUR PERSONAL DATA
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risks, that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons. Access to personal data is restricted to authorised personnel who have a legitimate business purpose for accessing your personal data. In case of a data breach we commit ourselves to address it in an appropriate and timely manner.
WHY WE COLLECT DATA – USING COOKIES AND SIMILAR TECHNOLOGIES
A cookie is a small text file stored on your computer or mobile device and retrieved from there on subsequent visits. OrderYOYO use cookies to enhance and facilitate your visit. We do not use cookies to store personal information. You can set your device to accept or decline tracking mechanisms by using the settings option on your device, but in doing so you might not be able to use certain parts of the Service.
There are two different types of cookies, permanent and temporary (cookies for sessions). Permanent cookies are saved as a file on your computer or mobile for a period of not more than 12 months. Cookies for sessions are temporary and disappear when you close the session in the browser.
We use cookies for a third party to collect statistics in aggregated form using analysis tools such as Google Analytics. Both permanent and temporary cookies (cookies for sessions) are used. Permanent cookies are stored in your computer or mobile device for a period of not more than 24 months.
SHARING PERSONAL DATA
In delivering the Service to you, we may share your personal information with the following entities:
Company’s Name | Short Description |
---|---|
Microsoft Ireland Operations Ltd. | Cloud computing, storing and processing |
Braintree Ltd. | Payment broker |
Agillic ApS | Marketing tool for direct marketing purposes |
MessageBird B.V. | SMS marketing |
Evercall ApS | Call forwarding system |
SendGrid, Inc. | E-mail service |
Stuart Delivery Ltd. | Delivery Partner |
MixPanel | Anonymous event tracking |
Google Analytics | Anonymous event tracking |
Google Firebase | A/B split testing |
AppSee | A/B split testing – Not in use |
Moreover, we may share personal data with any law enforcement or regulatory body, government agency, court or other third party where we believe disclosure is necessary as a matter of applicable law or regulation, to exercise, establish or defend our legal rights, or to protect your vital interests or those of any other person.
HOW TO CONTACT US
If you have any questions or concerns about this Privacy Policy, please contact us
- by writing to us at:
OrderYOYO Ltd.
56 Princess Street
Manchester
M1 6HS
United Kingdom - by email at: privacy@orderyoyo.com