Welcome to The Dinner App.
We are committed to protecting your privacy as a user (referred to as "User", "you" or "your"), and we take our responsibility regarding the security of your Personal Data (defined below) very seriously. We will be clear and transparent about the Personal Data we are collecting and what we will do with that Personal Data.
Who Is Responsible For Processing Your Personal Data?
The Dinner App Co Pty Ltd (ACN 655 433 364) is the “data controller” (i.e., the organisation responsible) for all Personal Data that is collected and used via the platform for the purposes of data privacy laws, principles, and regulations which may apply to you (including the Privacy Act 1988 (Cth) ("Privacy Act"), the applicable Australian Privacy Principles under the Privacy Act, the European General Data Protection Regulation ("GDPR"), the General Data Protection Regulation of the United Kingdom ("UK GDPR") and the Californian Consumer Privacy Act ("CCPA")) (collectively, "Data Privacy Law").
What Personal Data We Collect
We may ask for and collect your Personal Data (either directly through your use of the Platform or when you communicate with us in any other way, or indirectly through our third party partners or providers) in a number of ways to provide you with the products or services that you request. We may also collect information from you automatically when you visit our Platform via cookies.
‘Personal Data’ has the meaning given in the Data Privacy Law applicable to you, and includes any information or opinion relating to you which allows us to identify you, such as your name, phone number, social media name or ‘handle’, postal address, email address, details of products or services you have purchased, payment details and information about your access to our website.
Specifically, we may (either directly or indirectly) collect the following categories of Personal Data:
- first and last names and email address (these are mandatory information which we require when opening a user account on the Platform ("User Account"));
- other information such as country of residence
- information you provide about yourself and any preferences in your User Account;
- information about your purchases of products and services from us;
- information about your use of the Platform
- communications with us or directed to us via letters, emails, chat services, calls, and social media;
How we use your Personal Data
We use the Personal Data you give us to provide the Platform and the products and services you request, including:
- to create and set up your User Account;
- to fulfil any orders for products that you place on the Platform, including to communicate with you about the orders and process information for our internal accounting, billing and audit purposes.
With your consent, or as otherwise permitted by applicable Data Privacy Law, we will use your Personal Data to provide information that we believe is of interest to you, prior to, during, and after your interactions with us, including marketing communications and news concerning our products, services, events and other promotions. You can opt-out at any time after you have given your consent to such communications.
Customer Service Communications
We use your data to manage our relationship with you as our customer and to improve our services and enhance your experience with us (e.g. to respond to your inquiries when you reach out to us). From time to time, we may also conduct customer surveys to gauge satisfaction with our Platform and the services and products that we provide.
Administrative Or Legal Purposes
We use your Personal Data to operate our business, including for statistical and marketing analysis, systems testing and to diagnose technical and service problems, maintenance and development of our Platform, or in order to deal with a dispute or claim. We may also perform data analysis based on the data we collect from you for statistical and marketing analysis purposes – for example, we may use information about how users of our Platform use the platform.
Security And Legal Purposes
We may use your Personal Data to verify your information and identity and to protect against, identify and prevent fraud and other unlawful activities. We may also share your Personal Data with government authorities or enforcement bodies for compliance with legal requirements, or as otherwise required or permitted by applicable Data Privacy Law.
We may also use your Personal Data in other ways, and where we do so, we will provide specific notice at the time of collection and obtain your consent unless otherwise permitted by applicable Data Privacy Law.
Our processing of your Personal Data for the above purposes is done pursuant to the following legal basis:
- to comply with a legal obligation;
- the processing is necessary for the performance of a contract with you, such as providing you with our services on the Platform;
- if it is in our legitimate interests to do so as a business (e.g., for administrative purposes or to improve the functionality of our Platform);
- where you have consented to our using your personal data (e.g., for the collection of data pertaining to your health status or marketing related uses);
- where you have made such information public; and
- to protect your vital interests or those of another person (e.g. in case of a medical emergency).
Where we receive your Personal Data as part of providing our services to you based on a contract, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide our services to you.
Personal details including about your nationality or physical or mental health are considered “sensitive” Personal Data under applicable Data Privacy Law. We will process any such data only if you have given your explicit consent, or it is necessary (for instance, if you request special assistance), or if the sensitive Personal Data has been manifestly made public by you, or otherwise in compliance with applicable Data Privacy Law.
You may always contact us at email@example.com with any questions or requests about your Personal Data.
How We Process The Data
The Platform takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to The Dinner App, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Legal Basis Of Processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- Processing is necessary for compliance with a legal obligation to which the Owner is subject;
- Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
- In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The Personal Data that we collect from users will be stored in Australia and/or the United States of America and might also be shared with third party data recipients (e.g. payment platforms) that are not located in the EEA, Australia or the United States of America. Therefore, the Personal Data that you provide may be transferred internationally to countries other than the country in which you initially provided your data.
Retention Of Your Personal Data
We will not retain your data for longer than is necessary to fulfil the purposes for which it is being processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes through other means.
We also consider the periods for which we might need to retain personal data in order to meet our legal obligations, or to deal with complaints and queries, and to protect our legal rights in the event of a claim being made.
In general, this means that we will likely keep your Personal Data for as long as your User Account is open. Following closure of your User Account, however, we may still retain a limited portion of your Personal Data so that we can maintain a continuous relationship with you if and when we are in contact with you again, and to comply with our internal processes and any legal obligations.
When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimise over time the personal data that we use, and if we can fully anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.
Sharing Your Personal Data
- Our trusted third party ancillary partners who may provide service to you indirectly. We and our partners may collect and share information about you, such as your contact details and your billing information.
- Third party social media platforms in various circumstances, including where you are able to access third party social media services through our Platform or before coming to our Platform;
- you connect your User Account to your social media account, in which case we will receive from the social media platform the Personal Data you choose to share, based on the preferences and settings on your social media account. We will use this information in order to improve and personalize your use of our Platform;
- third party social media sites have placed cookies or pixels on our website; and
- we use social media plugins on our Platform (e.g. a “share” or “like” button), and your use of these plugins, may result in the disclosure of certain of your information to the social media platform in question, and possibly presented on your social media profile, to be shared with others in your network – however, we will only share your Personal Data with these social media platforms if you have provided your express consent for us to do so.
- Other companies, contractors or agents that assist us in providing services to you, including our online e-commerce platform that allows us to sell and deliver our products and services to you (which may include Stripe), legal services, debt collection, administration services, customer services and information technology support;
- Only where you have provided consent, other companies, contractors or agents in connection with our marketing efforts, or marketing platform providers;
- Government authorities, law enforcement bodies and regulators for compliance with legal requirements, or where otherwise required by applicable Data Privacy Law; and
- Our legal and other professional advisers in order to enforce our legal rights in relation to our contract with you.
We may also transfer your Personal Data to potential buyers in the event that we sell or transfer all of a part of our business or assets (including in the event of a reorganization or dissolution / liquidation), under strict non-disclosure restrictions, and solely in order to allow a buyer to determine whether to proceed with the transaction, or where such a determination is made, to complete it.
Your Rights And Choices
Under certain circumstances, by applicable Data Privacy Law you may have the right to:
Transparency: You have the right to request information about whether we hold Personal Data about you, and, if so, what that information is and why we are holding/using it.
Access: You may request access to your Personal Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it
Correction: You have the right to request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Erasure: You can request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing.
Object: You may object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
Automated Decision Making and Profiling: You may also object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your Personal Data or profiling of you.
Restriction of Processing: You have the right to request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
Transfer: Request transfer of your Personal Data in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
Withdraw consent: In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time by contacting us using the email address firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes to which you originally agreed, unless we have another proper and legitimate basis for doing so.
While you will generally not be required to pay a fee to access your Personal Data or to exercise any of your other statutory rights, we may charge a reasonable fee if your request for access is clearly completely unfounded, excessive or decline to comply with such requests where permitted by applicable Data Privacy Law.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it and to prevent unauthorised modification of your Personal Data.
You also have the right to lodge a complaint about our processing of your Personal Data with the body regulating data protection in the country or state / province in which you live. If the GDPR applies to our processing of your Personal Data, you have the right to lodge a complaint with a supervisory authority if you are not satisfied with how we process your Personal Data. Specifically, you can lodge a complaint in the Member State of the European Union of your habitual residence, place of work, or of the alleged violation of the GDPR.
Links To Other Websites
Our Platform may provide links to other websites for your convenience and information. These websites may operate independently from us. If you visit any website linked to our Platform, you are subject to that website’s own privacy policies. Linked websites may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.
If you have any questions or comments about this Policy please email us at email@example.com. If we receive a complaint from you about how we have handled your Personal Data, we will investigate and determine what action we should take to resolve the complaint. We will contact you within a reasonable time and may request more information to assist us with our investigation. We aim to resolve all complaints in a timely manner.