Our privacy policy
Below is our privacy policy. We respect and value your privacy. We are committed to protecting your personal data and information. Our privacy policy below, sets out how we collect and use personal information, your rights to the information and the legal bases upon which we rely on to process and/or use your personal information.
We follow the Privacy Act 1988 (Cth) (Act) and the Australian Privacy Principles in protecting the personal information we hold.
From time to time, we will review and update our privacy policy. We will take into account new or amended laws, new technology and/or changes to our operations. All personal information we hold will be dealt with in accordance with our most recent policy and we will give you notice of our revised policy by posting it to on our website.
1 What is personal information?
1.1 Personal information covers any information about a living person from which they can be identified. Anonymous data, which is information from which a person’s identity has been removed, is not personal information. Personal information may include, without limitation, your name, age, gender, postcode and contact details (including telephone number and email address) and possibly financial information, including your credit card or direct debit account information.
2 Obtaining consent
2.1 Your consent to our privacy policy is the legal basis upon which we can collect, use, store, process and disclose your personal information. You accept and acknowledge that by using our website, platforms, applications, products or services, you are consenting to providing us with your personal information and agree to your personal information being collected, used, stored, processed and disclosed in accordance with our privacy policy. If we rely on your consent as the legal basis for processing your personal information, you will be able withdraw your consent, at any time.
2.2 If you do not wish to provide us with your personal information, then you do not need to do so. However, if you do not provide us with your personal information, we may not be able to provide you with access to our website, either to the same standard as if you had provided the required personal information, or at all.
2.3 By using our website and providing us with your personal information, you will be taken to consent to our collection and use of your information on the terms of this policy.
3 Types of personal information collected
3.1 We may collect personal information from you in the course of our business, including when you order products from venues, through your use of our website, when you contact or request anything from us or as a result of your relationship with our staff, our suppliers and/or other customers.
3.2 We may process any of the following data from you, among others:
· contact information, including your name, your title, your address, email address and phone number(s);
· identification and background information provided by you or collected as part of our business acceptance processes, this may include your full name, photographic identification and gender;
· usage data including information about how you use our website;
· financial information, such as bank account and payment card details;
· marketing and communications data including your preferences in receiving marketing from us and our third parties and your communication preferences;
· technical information, such as information collected from your visits to our website (for example, internet protocol address, your login data, browser type and location); and/or
· personal information provided to us by or on behalf of our customers or generated by us in the course of supplying products or services to them.
4 Collection and use of personal information
4.1 We collect your personal information directly from you unless it is unreasonable or impractical to do so. Some of the ways we do this, include the following:
· when you validate your phone number upon registering as a user of our website;
· by your access and use of our website;
· when someone else has provided us with your information; and
· during any discussions between you and us by telephone or email (if any).
4.2 On occasion, we may also collect your personal information from a third party such as an integration partner of ours. If you provide your personal information to a third party, you will be viewed as having allowed that third party to provide us with your personal information.
4.3 If you use our website for someone else, you warrant that you have obtained that person’s permission to provide their personal information and their consent for us to collect, store, use, process and disclose their personal information consistently with this privacy policy. You should let us know at your earliest if you realize that your personal information has been provided to us by a third party without your permission or if you did not obtain consent before providing another person’s personal information to us.
4.4 By using our website and providing us with your personal information, you agree to us disclosing some of your information to third parties in accordance with this privacy policy. This includes disclosing your personal information to the venue that you transact with. Your personal information (but not your credit/debit card information) will be provided to the venue through our admin login. We will require the venue to use your personal information consistently with the Spam Act 2003 (Cth).
4.5 We will not share your personal information with other venues, in our network, unless the venue is part of a larger related party group, in which case we may share your personal information with that group only.
4.6 Also, we will not share your credit/debit card information with the venue. Your credit/debit card information is stored as a secure customer token on our database and this token can only be charged by our website. We will provide the venue with your credit/debit card information only if this is required for the purpose of processing a refund to you.
4.7 We may provide your personal information to third parties we engage to perform functions on our behalf, such as processing credit card information, as well as third parties authorised by you to receive information which we hold.
4.8 We may collect and disclose personal information to the venue and other third parties, but only in accordance with the purposes in this privacy policy. The purposes for which we are allowed to collect and disclose personal information include, without limitation, the following:
· efficient communications between you, us and the venue;
· secure storage and management of your files to allow us to provide you access to our website;
· where you have consented to the use or disclosure;
· where we reasonably believe that the use or disclosure is required to lower or prevent a serious, immediate threat to a person’s health or safety or the public’s health or safety;
· where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a required part of our investigation or in reporting the matter to the relevant authorities;
· where such use or disclosure is required under or authorised by law (for example, COVID19 regulations or to comply with a warrant or Court or Tribunal order;
· where we reasonably believe that use or disclosure is necessary for the prevention, investigation, prosecution and punishment of crimes or wrongdoings or the preparation for, or conduct of, proceedings before any court or tribunal (or the implementation of orders of a Court or Tribunal or on behalf of an enforcement body);
· to develop and improve our (and our related entities’) business, products and services;
· to facilitate your participation in loyalty programs;
· for research and analysis in relation to our business and services;
· for our internal accounting and administration; and
· to facilitate any authorised payments through the payment gateway Stripe.
4.9 The primary purpose for which we collect information about you is to enable us to perform our business activities and functions and to provide you with the best customer experience we can offer.
4.10 We usually collect personal information as part of providing you with access to our website, for the venue to contact you about your order, informing you about them and/or meeting our contractual and/or other legal obligations.
4.11 We may use your personal information to inform you about promotions we are running and/or other marketing activities and to provide you with information on our activities that may be of interest to you only where you have given us permission to do so. You can unsubscribe from receiving any of our electronic marketing or promotional communications by following the unsubscribe button in the communication.
4.12 We will not share, sell, rent or disclose any of your personal information, except in accordance with our privacy policy.
4.13 We may disclose your personal information to:
· our employees, contractors, licensees or external service providers for the operation of our website or our business, meeting your requests, including without limitation IT systems administrators or payment processors;
· specific third parties permitted by you to receive information we hold (for example, a venue that you have opted in to receive marketing information from);
· the police, any relevant authority or enforcement body, or your internet service provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary; or
· as otherwise required or permitted by any law (including the Act).
5 Personal information cannot be collected
5.1 If possible, such as when you are viewing the menu of one of the venue’s on our website, without ordering anything, you may choose not to identify yourself.
5.2 In certain cases, if you do not provide us with any personal information as detailed in this policy, we may not be able to provide you with access to our website, either to the same standard as if you had provided the required personal information, or at all.
5.3 You acknowledge and agree that we are not responsible in any way to you, for our failure to allow you to use our website, where you do not provide us with your personal information.
6 Use of financial information
6.1 If you use our website to buy products or to make other financial transactions (such as payment of invoices through our website for products or services you bought from a third party user or a venue), we may collect information about the purchase or transaction. This includes payment information, such as your credit card or debit card number (stored as a secure token), billing details and other account and contact information.
6.2 We will only collect your financial information with your prior permission and knowledge. You can access and browse our website without disclosing any of your financial information to us.
6.3 We only use your financial information to process payments for products or services you order or buy on our website. We only use and retain your financial information to complete payments you initiate, any financial information that is collected is solely for the purpose of transaction approval and the transfer of funds.
6.4 We provide data encryption throughout the payment process and only share your financial information with your credit card provider, third party payment processor or financial institution to process payments. We will treat the financial information in strict confidence and hold it on secured servers in controlled facilities.
6.5 We store your financial information against your verified phone number after the transaction is complete for your convenience, so you do not have to type in your credit card each time you use our website. If you would like your financial information to be removed from our website, then all you need to do so is contact us for your user account and/or card details to be removed from your database and we will do this immediately.
6.6 We may use third party agents to manage our online payment processing. These agents are not allowed to store, retain, or use your financial information or other personally identifiable information, except for the sole purpose of payment processing on our behalf. Any third party agent we use will not be allowed to use your financial information in any way other than to process payments and will be required to keep any financial information they use or collect strictly confidential.
7 Direct marketing materials
7.1 We may send you direct marketing material about our website and venues, which we consider may be of interest to you. These communications may be sent in various forms, including mail, text messages or emails, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you note a preference for a particular method of communication, we will aim to use that method whenever possible.
7.2 In addition, at any time, you may opt-out of receiving marketing communications from us by contacting us (see section 16 below) or by using the opt-out facilities included in the communication (for example, an unsubscribe button). We will then ensure that your name is removed from our mailing list.
7.3 We will not share any of your personal information with anyone else (aside from the venue) for the purposes of direct marketing, unless you expressly allow us to do so.
7.4 Even if you unsubscribe from receiving marketing communications from us, you agree that we may still send you information relevant to the supply of any services arranged by us or goods or services you bought on our website.
7.5 If you receive communications from us that you believe have been sent to you other than in accordance with our privacy policy, or in breach of any law, please contact us using the details in section 16 below.
8 Third party hosting
8.1 We host our website with a third party service provider.
8.2 For you to be able to access our website, at times, we may allow access to your personal information to third party providers.
8.3 We make no representations or warranties about the privacy practices of any third party service providers and we are not responsible in any way for the privacy policies or the content of any third party service provider.
9 Overseas disclosure of information
9.1 We will not disclose your personal information to any person or entity outside of Australia. If we need to change the location for the storage of your personal information, then we will let you know before any overseas disclosure and will provide you with the details of the storage.
9.2 If we need to disclose your personal information to anyone overseas, then we will take reasonable steps to ensure that the overseas recipients of your personal information do not breach Australian law in relation to the handling of your personal information.
10 Accessing & correcting personal information
10.1 You can ask us for access to any personal information we have about you, at any time, by contacting us at …
10.2 If we have information that you are entitled to access, we will try to provide you with a suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge you for your request and will not charge you for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be some cases where we cannot give you access to the personal information we have. For example, we may need to deny you access if giving you access would breach someone else’s privacy or if it would result in a breach of confidentiality. If that happens, we will provide you with written reasons for any refusal.
10.3 If you think that we have personal information about you which is incorrect, incomplete or inaccurate, then you may ask us to change it. We will consider if the information needs to be changed and if we believe it does, then we will change it for you. If we believe the information does not need to be changed, then we will note on the personal information that you do not agree with the information.
10.4 At all times, you should keep us up to date with your current information, so that we may offer you the best possible experience on our website. If you do not provide us with your most up to date information, then you may miss out on important information about our website and the services we offer. We may also choose not to offer you services.
11 Security of personal information
11.1 We are committed to ensuring that your personal information is secure. To prevent illegal access or disclosure, we have implemented appropriate technical, physical and other processes and procedures to safeguard and protect your personal data. We monitor our systems for potential issues and attacks and we carry out penetration testing to identify measures to strengthen security.
11.2 In addition, we limit access to your personal data to only those persons in our business who need to know the information. Also, they will only process your personal information in accordance with our instructions and they are under a duty of confidentiality.
11.3 We have procedures in place to identify and respond to data security breaches. We will notify you and any data protection authority of a breach, if we legally need to do so.
11.4 We will take all steps to protect the personal information that we hold from misuse, loss, or unauthorised access, including by means of firewalls, password access, secure servers and encryption of credit card transactions.
11.5 If you believe there has been any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
11.6 If we suspect any misuse or loss of, or unauthorised access to, your personal information we may let you know of our suspicion and take appropriate steps to limit any further access to, or distribution of, your personal information. If we consider that the breach is likely to result in serious harm to you and we are unable to prevent the likely risk of serious harm with remedial action, we will take action in accordance with Australia’s privacy laws.
11.7 If we receive unsolicited personal information that we are not allowed to collect under our privacy policy, or in accordance with law, then we will destroy or de-identify the unsolicited personal information as soon as practicable if it is lawful and reasonable to do so. We will destroy or de-identify your personal information if we no longer require it to deliver our services as soon as practicable if it is lawful and reasonable to do so.
12 Use of cookies
12.1 When you use our website, we or our service providers may obtain information using technologies such as cookies, tags, web beacons and navigational data collection (for example, log files, server logs and clickstream data) to better understand your user experience. For example, we or our service providers may collect information like the date, time and duration of visits and which webpages you have accessed.
12.2 When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer or mobile device. The sending of a cookie will enable us to recognise your computer or device and recognise you each time you visit our website, without asking you for a new log-in. The use of cookies also helps us keep track of products or services you view, so that we can send you news about those products or services.
12.3 We may also use cookies to assess traffic patterns, examine which areas of our website you have been visited and to consider transaction patterns in the aggregate. We use the details we obtain into our users’ habits in order to improve the provision of services online. If you do not wish to send cookies, you can set your internet browser so that it does not accept them.
12.4 We may also log IP addresses (the electronic addresses of computers connected to the internet) to examine trends, administer our website, track user movements and obtain details on the demographic of the users of our website. This information will usually not be linked to your identity, except if it is accessed through links in our emails or if you have identified yourself. We may also collect anonymous data (which is not personal information) relating to your activity on our website (including IP addresses) via cookies. We will generally use this information to report statistics, analyse trends, administer our services, diagnose problems and target and improve the quality of our services. If this information is not personal information as it does not identify you or anyone else, the Australian Privacy Principles will not apply and we may use the information for any purpose and by any means whatsoever.
13 Contact tracing use
13.1 We will store guest register data for contact tracing purposes for the maximum period required under Australian law or public health orders. We store these details in a separate database table to our transactional user data. After the maximum period for the storage of such information has ended, the data will be deleted from the database.
13.2 We share our guest register data securely with the venue using the admin panel on our website in order for the venue to check whether each table has registered.
13.3 We may provide the information we obtain to any arm of the Australian Government using a manual file transferor by API integration to support broader contact tracing initiatives.
14 Children’s privacy
14.1 We will not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and are aware that you child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child without obtaining their parental consent, we will immediately take steps to remove the information from our servers and systems.
15 Complaints about privacy breaches
15.1 If you believe that we have breached your privacy or you have any queries or concerns about our privacy policy, then you can email us on …. In your email, please provide us with details of your concern and how we can address it.
15.2 We are genuinely committed to the rules and purposes of our privacy policy and the Australia’s privacy laws. We will aim to handle all your requests and complaints confidentially. One of our representatives will contact you within a reasonable time of you contacting us to discuss your concerns and outline options for resolving your concerns. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
15.3 If you are not happy with the outcome of our complaint resolution, then you may contact:
Office of the Australian Information Commissioner (OAIC)
GPO Box 5218, Sydney, NSW 2001
16 Contacting us
16.1 To contact us about our privacy policy, your personal information, concerns or complaints, email us at … or alternatively, write to …. At all times, our most recent privacy policy will be available on our website. You may also be able to obtain previous versions of our privacy policy by contacting us.