Privacy Policy
Dine Out Dine In Limited trading as www.eatingpoints.app - Privacy Policy
Last Updated 26th January 2023
________________________________________
Introduction
At Dine Out Dine In Limited (“DODI”) we are committed to protecting the privacy of everyone in our community whilst providing an amazing food community. This means that we will protect the personal information of all visitors who access our website or services through any mobile application, platform or device (collectively, the “Services”).
This privacy policy (“Privacy Policy”) explains how DODI collects, shares, and uses your personal information. You’ll also find information about how you can exercise your privacy rights. By using our Services, you agree to DODI using your personal information as described in this Privacy Policy. The terms “we”, “us” or “our” are each intended as reference to www.eatingpoints.app and any terms not defined in this Privacy Policy are defined in our Terms and Conditions.
Summary
The key points of our Privacy Policy are disclosed below.
1. Information we collect from you and why
Here are the broad categories of personal information that we may collect about you and the reasons why:
A. Information that you provide voluntarily:
• Registration information when you create a DODI account so we can:
1. Create your account so you can place Orders under our Terms and Conditions
2. Identify you when you sign-in to your account;
3. Contact you for your views on our Services; and
4. Notify you of changes or updates to our Services.
• Transaction Information when you place an Order with a Restaurant in order to:
1. Process your Order and to bill you (though DODI never stores your credit card information in our systems);
2. Communicate your Order to the Restaurant;
3. Send you status updates on your Order;
4. Reply to your Order queries and questions and to resolve problems;
5. Carry out analysis and research to develop and improve our Services; and
6. Protect you and the Services by seeking to detect and prevent fraud or other acts in breach of our Terms and Conditions or policies relevant to the Services.
• Information regarding your marketing preferences so we can:
1. Send you customised marketing about our products or services.
• Feedback on your views of our Services in order to:
1. Reply to your questions or queries;
2. Publish reviews you submit to us about our Restaurants and services; and
3. Conduct analysis and research to improve and develop our Services.
B. Information that we collect automatically
• Activity Information so we can:
1. Provide you with an improved experience;
2. Give you access to your Order history and preferences; and
3. Provide other services at your request.
• Cookies and similar technologies so we can:
1. Measure and analyse the use and effectiveness of our Services;
2. Customise and optimise the targeting of advertising for our Services across other websites and platforms; and
3. Provide location services if you choose to share your geo-location.
C. Information that we obtain from third-party sources
• Analytics reports and market research surveys in order to:
1. Measure the performance of marketing campaigns for our Services; and
2. Better understand your preferences so that we can customise our marketing campaigns and Services accordingly.
We process information that you provide voluntarily, information that we collect automatically and information that we obtain from third party sources in order to constantly improve our Services. Using this, we can make it even easier for you to find the food you want when you want it, no matter what device you choose to use or where you are in the world.
2. Who we share personal information with
We may share your personal information with the following recipients and whenever we do, we will ensure that we have appropriate security and contractual safeguards in place to protect it:
1. Restaurants that you have placed an Order with for processing and delivery;
2. Companies within the Resource One Limited group of companies, being the holding company of DODI
3. Third parties who support our Services (e.g. partners for marketing or promotions in the food, drink and leisure sectors based on your preferences);
4. Any law enforcement or regulatory body, government agency, court or other third party where we believe disclosure is necessary under applicable law or regulations;
5. New owners or re-organised entities in the event of a business restructuring, sale, purchase or joint venture affecting our business.
6. Any other person provided that you have given your consent.
7. We will never sell, distribute or otherwise share your personal information unless we have your permission.
3. Legal basis for processing personal information
DODI will always make sure we have a legal basis to collect and use your personal information. The legal basis we rely on will change depending on the type of information and the context in which we collect it.
Our main reason for collecting and using your personal information is to perform our contract with you (i.e. to make sure you get your Order when and where you want it), but we may also process it where it is in our legitimate business interests to do so.
4. International data transfers
We may transfer your personal information to countries outside the one in which you are resident to other countries where DODI or our service providers have operations. The data protection laws of these countries may differ from the laws of your country, but DODI takes care to implement appropriate safeguards to protect your personal information in those countries in accordance with this Privacy Policy.
5. Security
DODI places great importance on protecting your information from and against unauthorised access and against unlawful processing, accidental loss, destruction and damage. We implement appropriate technical and organisational measures to safeguard such information.
6. Data retention
DODI will retain your personal information for no longer than is necessary to fulfil the purposes described in this Privacy Policy. We may also retain certain elements of your personal information for a period after you delete or deactivate your account for our legitimate operations such as record keeping and to comply with our legal obligations. Whenever we retain your information we will do so in compliance with applicable laws.
7. Your data protection rights
You can access your account at any time to review and update your personal information. You can also contact us to ask us to delete your personal information, restrict its processing or request that it be ported to a third party. You also have the right to unsubscribe from the marketing communications we send you by using the unsubscribe functionality in any marketing communication you receive from us or by amending your profile accordingly.
8. Links to third-party sites
Our websites may, from time to time, contain links to and from third-party websites (for example, those of our partner networks, advertisers and affiliates). If you follow these links, please be aware that DODI is not responsible or liable for these third-party websites which will have their own privacy policies.
9. Updates to this Privacy Policy
We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. We encourage you to periodically review this page for the latest information on our privacy practices.
10. How to contact us
If you have any questions or concerns about this Privacy Policy and DODI's privacy practices, please contact our Data Protection Officer:
contact@eatingpoints.app
More information
1. Information we collect from you and why
The personal information that we may collect about you broadly falls into the following categories:
A. Information that you provide voluntarily
Certain parts of our Services may ask you to provide personal information voluntarily.
For instance:
• Registration information: When you create a DODI account, sign-up or fill in forms on the Services, we collect information about you including your name, address, telephone number, email address and the password you create.
• Transaction information: We collect information relating to your Orders, including payment information (e.g. your credit card number) using the secure services of our payment processors. Payment operations are outsourced to our payment processors and we do not store your credit card information in our systems. We also collect delivery details (e.g. your physical address) to fulfil each Order.
• Information regarding your marketing preferences: We collect information about your preferences to receive marketing information any time you subscribe or unsubscribe.
• Feedback: When you post messages and reviews of the Services or you contact us, for example with a question, problem or comment, we collect information about you including your name and the content of your query. If you contact our customer support teams, we will record and keep a record of your conversation for quality and training purposes and to aid in the resolution of your queries.
• Sensitive Information: We collect information that you provide when you contact us (such as through our call centre or by using our online forms). This information may include sensitive personal information, such as health-related information (allergies or dietary requirements) or information about your religion (such as if you only eat halal food). We do not require this information and we ask that you share this information with the restaurant only. However, there are some situations where you may nonetheless provide this type of information, for example if you make a complaint and, in those circumstances, we will only be collecting it with your consent.
B. Information that we collect automatically
When you access our Services, we may collect certain information automatically from your device. In some countries, including countries in Europe, this information may be considered personal information under applicable data protection laws.
For instance:
• Activity information: We collect information about your usage of the Services and information about you from the content you create and the notifications or messages you post or send as well as what you search for, look at and engage with.
• Cookies and similar technologies: We use cookies and similar tracking technology to collect and use personal information about you (e.g. your Internet Protocol (IP) address, your device ID, your browser type and when, how often and how long you interact with the Services), including to facilitate interest-based advertising.
For further information about the types of cookies and similar technologies we use, why, and how you can control such technologies, see our Cookies Policy.
C. Information that we obtain from third party sources.
From time to time, we may receive personal information from third party sources, including advertising networks and social media platforms like Facebook but only where we have checked that these third parties either have your consent to process the information or are otherwise legally permitted or required to share your personal information with us. This information may include your likely demographic group.
For instance:
• Analytics reports and market research surveys: We collect information from our third-party affiliates about the way you respond to and engage with our marketing campaigns so that we can customise our marketing and Services accordingly.
• We may also receive aggregated information in the form of audience segments from third party sources in order to display targeted advertising on digital properties operated by organisations like Facebook and Google.
Our use of collected information
Examples of how we may use this information include:
A. Information that you provide voluntarily
• Registration information
The registration information you provide when you create a DODI account allows us to give you access to the Services and to supply them to you under our Terms. We also use this information to authenticate your access to the Services, to contact you for your views and to notify you of important changes or updates to our Services.
• Transaction information
Your transaction information (such as the food items you add to your basket) allow us to process your Order and send you an accurate bill. It also helps us and any Restaurant you order with contact you where necessary.
DODI may contact you by email, phone or SMS to give you status updates or other information or to resolve problems with your account or Order. A Restaurant may contact you by phone or SMS to provide you with status updates or other information regarding your Order.
Where you pay for your Order with a mobile payment or digital wallet service provider (such as Applepay or Pay with Google) we will send you transaction information via confirmation emails or SMS to the email address or phone number registered with that service provider (since this is required by those providers).
Some Restaurants on our platform use our third-party delivery companies; these companies may use your information to provide you with status updates on the delivery of your Order.
We will also analyse information on completed transactions and successfully delivered Orders based on data matching or statistical analysis so that we can administer, support, improve and develop our business and Services. Our analyses also help us detect and prevent fraud or other illegal activities or acts prohibited by our Terms or any policies applicable to the Services.
• Information regarding your marketing preferences
DODI may market to you, where permitted by law, by post, email, telephone, mobile (i.e. SMS, in-app messaging and push notification) about our products or Services.
Where you have given your consent, we may share your information with third parties (e.g. other companies) in other sectors (such as food, drink and entertainment) so that they can tell you about goods or services which may interest you.
If you don’t want us to use your data in this way or generally change your mind about receiving any form of marketing communications, you can unsubscribe at any time using the unsubscribe functionality in the communication you receive or by amending your profile accordingly. You may also be able to opt-out of push notifications at a device level (e.g. by way of your iOS settings). If you choose to unsubscribe from our marketing, we will keep a record of your preferences so that we don’t bother you with unwanted marketing in future.
• Feedback and reviews
If you give us feedback, we will use it to reply to your questions or queries, to provide customer support and resolve any problems with your Orders or with the Services. We will publish reviews that you send to us about the Restaurants on our platform and our Services in general and we also analyse your feedback to improve and develop our Services and in order to enhance your experience.
B. Information that we collect automatically
When you access our Services, we may collect certain information automatically from your device such as your IP address, MAC address or device ID. In some countries, including in Europe, this information may be considered personal information under applicable data protection laws.
• Activity Information
We analyse your buying habits and how you interact with our Services so that we can suggest food options from new restaurants we think you would like to try. If you choose to share your geo-location with us, we may use this information to show you content that is local to you; this information will also help smooth the effective and speedy delivery of your Order. We may also provide you with customised content and advertisements based on your previous interactions with our Services and our knowledge of your preferences which we understand from your usage and buying history relating to the Services.
We enable you to access your Order history so that you can easily reorder with your favourite Restaurants. We may also collect information about your interaction with our emails and other forms of communication.
• Cookies and similar technologies
We work with advertising affiliates that serve advertisements on our Services on the websites and services of third parties. Some of those networks use cookies which allow us to display advertisements that are personalised to your interests based upon your internet browsing activity.
Like many websites and online services, we use cookies and other technologies to maintain a record of your interaction with our Services. Cookies also help us to manage a range of features and content as well as to store searches and re-present your information at the point of Order. For further information about the types of cookies and similar technologies we use, why, and how you can control such technologies, please see our Cookies Policy.
C. Information that we obtain from third party sources
• Analytics reports and market research surveys
We analyse information we collect from our third-party service providers (such as Google, Facebook, Amazon and other affiliates) to understand how you engage with our Services and advertisements (e.g. whether you have clicked on one of our advertisements). This helps us to understand your preferences and recommend you Services which are tailored to your interests.
2. Who we share personal information with
In delivering the Services to you, depending on the circumstances, we may share your personal information with the following entities:
1. Restaurants you place Orders with so that the Restaurant can process and deliver it to you.
2. Companies within the DODI group of companies (which means our subsidiaries and affiliates, our ultimate holding company and its subsidiaries and affiliates either now or at any time in the future) - these companies act for us and process your personal information for the purposes set out in this Privacy Policy.
3. Third parties who undertake various activities to promote, market or support our Services. This includes social media platforms like Facebook, offshore customer support agents, website and application support and hosting providers, marketing service providers, who manage our marketing emails and push notifications, send you text messages when your Order is on its way, delivery companies who deliver your Order to you, market research companies and payment processing providers which process payment card transactions - any of these third parties might be inside or outside your country of residence.
4. As mentioned in section 2 above, we may also share information with third parties (for example, in the food, drink and entertainment sectors) so that they can contact you about goods or services which may interest you. We will only share your information with these third parties where you have given your consent. If you don’t want us to use your personal information in this way or generally change your mind about receiving any form of marketing communications, you can unsubscribe at any time using the unsubscribe functionality in the communication you receive or by amending your profile accordingly. If you choose to unsubscribe from our marketing, we will keep a record of your preferences so that we don’t bother you with unwanted marketing in future.
5. If any part of our business enters into a joint venture, purchases another business or is sold to or merged with another business entity, your information may be disclosed or transferred to the target company, or new business partners or owners or their agents and advisors. In these circumstances we will always inform the relevant entities that they must only use your personal information for the purposes disclosed in this Privacy Policy.
6. Any law enforcement or regulatory body, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
7. Any other person provided that you have given your consent to the disclosure. We will not sell, distribute or lease your personal information unless we have your permission or are required by law to do so.
3. Legal basis for processing personal information
Our legal basis for collecting and using your personal information as described above will depend on the specific context in which we collect it.
Our main reason for collecting and using your personal information is to perform our contract with you (i.e. to make sure you get your Order when you want it). However, we will also use your personal information where it is in our legitimate business interests to do so (but only if our interests are not overridden by your data protection interests or your fundamental legal rights and freedoms). In some cases, we may have a legal obligation to collect personal information from you (e.g. in the event of legal proceedings) or we might need to process it or share it with others to “protect your vital interests” (this is legal speak for saving your life) or those of another person (e.g. in a case where another person’s life is in danger).
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (and we’ll also explain the possible consequences of you not providing it).
Similarly, we may collect and use your personal information in reliance on our legitimate interests (or those of any third party). Relevant legitimate interests include a) to market to you or make you offers that we believe will interest you; b) to analyse and understand how our services are used and so to improve them; c) for fraud prevention or prevention of other criminal acts; or d) to keep our systems secure.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to contact us” below.
4. International data transfers
We may transfer your personal information to countries other than the country in which you are resident. DODI’s website servers are mainly located in the United Kingdom, however our group companies and third-party service providers and partners operate in a number of countries and this means that when we collect your personal information we may process it in a country other than your country. Whilst these countries may have data protection laws that are different to the laws of your country, you can rest assured that DODI takes care to implement appropriate safeguards to protect your personal information in those countries in accordance with this Privacy Policy.
Some of the safeguards we rely on include, where appropriate, using the European Commission’s approved standard contractual clauses with our suppliers, intra-group transfer agreements (so that we can safely transfer your data between the Resource One group of companies all over the world).
5. Security
We place great importance on keeping your personal information safe and secure. As such, we put in place appropriate technical and organisational measures / industry standard technology to protect it from unauthorised access and unlawful processing, accidental loss, destruction and damage.
The security measures we use are designed to provide a level of protection security appropriate to the risk of processing your personal information. Where you have chosen a password, which allows you to access certain parts of the Services, you are responsible for keeping this password confidential. We advise you not to share your password with anyone and to use a unique password for our Services. We will not be liable for any unauthorised transactions entered into using your name and password.
6. Data retention
DODI will retain your personal information where we have an ongoing legitimate business need to do so (for example, while you hold an account with us or to enable us to meet our legal, tax or accounting obligations).
If you object to us processing certain categories of your personal information (including in relation to receiving marketing communications from us), we will retain a record of your objection to the processing of your information so that we can continue to respect your wishes.
We will destroy or permanently anonymise your personal information at the point that we no longer need to process it for our ongoing legitimate business needs or for any legal reason. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store it and isolate it from any further processing until deletion is possible.
7. Your data protection rights
• DODI respects your privacy and data protection rights. Below is a summary of your rights in respect of the personal information of yours which DODI handles:
• DODI provides you with the tools to access, review or update your personal information at any time through your account. If you wish to request deletion of your personal information, you can do so by contacting us using the contact details provided under the “How to contact us” heading below.
• You can object to processing of your personal information, ask us to restrict processing of your personal information or request that it be ported to a third party. Again, you can exercise these rights by contacting us using the contact details provided under the “How to contact us” heading below.
• You have the right to opt-out of receiving marketing communications we send you at any time. You can exercise this right by using the unsubscribe functionality in the communication you receive or by amending your profile accordingly.
• Similarly, if we collect and process your personal information based on your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection supervisory authority about our collection and use of your personal information.
• We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
8. Links to third-party sites
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates or to any number of websites that may offer useful information to our visitors. We provide these links to you only as a convenience and the inclusion of any link does not imply endorsement of the relevant website by DODI. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies or those linked websites. Please check these policies before you submit any personal information to such websites.
9. Updates to this Privacy Policy
We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.
We encourage you to periodically review this page for the latest information on our privacy practices.
10. How to contact us
If you have any questions or concerns about this Privacy Policy and DODI's privacy practices, please contact our Data Protection Officer:
By email at: contact@eatingpoints.app
By writing to us at: Dine Out Dine In Limited, 22-24 Seale Street, St Helier, Jersey JE2 3QG
The controller of your personal information is Dine Out, Dine In Limited a company incorporated in Jersey, Channel Islands.