Personal data generally means information that can be used to individually identify a person, and processing generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. ReggiePOS will be the controller of your personal data processed in connection with our services. ReggiePOS and the restaurants who operate on the ReggiePOS Platform (“Restaurant” or “Restaurants”) are joint controllers in respect of any personal data that is processed for placing and completing orders made with a Restaurant via the ReggiePOS Platform. If you are a customer of a Restaurant and have queries how your personal data is processed by the Restaurant or wish to address your rights, please contact the Restaurant.
In providing our services, we may collect and process the following information:
Personal Data Collected Directly From You
We receive personal data directly from you when you provide it to us through use of the Website, place an order for food with a Restaurant through the ReggiePOS Platform or through creating an account on the ReggiePOS Portal, including, but not limited to:
You may also include details in your food order that indicate your health information or religious beliefs.
Personal Data Collected From Third Party Sources
A Restaurant may provide us with personal data about you in order for us to fulfil food orders placed with the Restaurant through the ReggiePOS platform.
Personal Data Collected We Automatically Collect
Some personal data is automatically collected when you use the Website, such as:
We process personal data to operate, improve, understand and personalise our services e.g. we use personal data to:
|Purpose of Processing||Lawful Basis under GDPR|
|Administration purposes||Such processing is necessary for the performance of a contract between you and a Restaurant, where necessary for the purpose of complying with our legal obligations and where you have consented to providing certain information in relation to your food order preferences at the time of purchase.|
|Training, quality monitoring or evaluating the services we provide||Such processing is necessary for the legitimate interests pursued by us in monitoring and improving our services and their usage and ensuring that our users use the Website and the ReggiePOS Portal in accordance with our terms and conditions and policies.|
|Website services, including for troubleshooting, data analysis, and survey purposes.||We have a legitimate interest in operating and maintaining the Website and for related purposes including improving our services.|
|Statistical information that cannot be related back to individuals to help us improve the services we offer.||We have a legitimate interest in carrying out certain analytics to ensure the services we provide to Restaurants are effective and operate appropriately.|
|Enforcing and Defending Our Rights||We have a legitimate interest in ensuring that our services and the Website are used in accordance with our terms and conditions of use and policies.
Where necessary for the purpose of complying with our legal obligations.
Where necessary for the purpose of establishing, exercising or defending a legal claim, a prospective legal claim, legal proceedings or prospective legal proceedings.
Data Protection Laws provide certain rights in favour of data subjects (the “Data Subject Rights”).
Data Subject Rights include the right of a data subject to:
These Data Subject Rights will be exercisable by you subject to limitations as provided for under Data Protection Laws.
If you require more information about how a Restaurant processes your personal data or you wish to exercise any of your data subject rights in respect of the processing of your personal data by a Restaurant you should contact the Restaurant directly.
In relation to the processing of your personal data by ReggiePOS, you may change your privacy settings through the ReggiePOS Portal. You may also contact us or make a request to exercise any Data Subject Right by contacting email@example.com. Your request will be dealt with in accordance with Data Protection Laws.
We do not share any personally identifying data with third parties and will not disclose your personal data to any other party except as set out in this policy. ReggiePOS may be required to disclose personal data in some scenarios e.g. when you violate our terms and conditions or other policies. ReggiePOS may disclose such personal data, at our sole discretion, if we believe it necessary or appropriate in connection with investigation of fraud, IP infringement, piracy, or other unlawful activity. This may require disclosure of your name, address, phone number, or email.
ReggiePOS may engage other companies and people to perform tasks on our behalf (i.e. processors) and may need to share your information with them to provide you with our services e.g. delivery services, hosting services, analysing data, billing, and marketing assistance.
In some cases, ReggiePOS may buy or sell its assets which may involve the transfer of user information. ReggiePOS will transfer such information if we are acquired by or merged with another company. In this event, we will notify you by email.
Without limiting the above, in an effort to respect your privacy and ReggiePOS’s ability to keep the community free from bad actors, we will not otherwise disclose your personal data to law enforcement, other government officials, or other third parties without a court order, law enforcement request, legal process, or substantially similar legal procedure, except when we believe in good faith that the disclosure of information is necessary to protect ReggiePOS’s rights or the rights of third parties, prevent physical harm or financial loss, or to report suspected illegal activity.
As part of the food ordering process, a Restaurant may obtain from ReggiePOS a user’s name, email, phone number, delivery address or other information. This information should only be used for ReggiePOS-related communications or for ReggiePOS-facilitated transactions.
Where users consent to direct marketing, the user’s consent is provided directly to the Restaurant. ReggiePOS, acting as a processor, may assist Restaurants in managing users’ consent preferences. Users may unsubscribe from direct marketing through the opt-out link included in marketing communications. ReggiePOS also acts as processor when it assists Restaurants with managing their analytics.
While you may make a complaint in respect of ReggiePOS’s compliance with Data Protection Laws to the Data Protection Commission, we ask that you contact us in the first instance to give us the opportunity to address your concerns.
This Policy was last updated in Dec 2020.