Privacy Policy

OneDine, LLC Privacy Policy Last Updated: July 1, 2021

Introduction

OneDine, LLC (“Company” or “We”) respects the privacy of your Personal Information and is committed to protecting it through our compliance with this Privacy Policy.

This Policy describes the types of Personal Information we collect from you or that you may provide when you visit our website, www.OneDine.com or access, register with, or use our Mobile App or other services (our “Services”) and our practices for collecting, using, maintaining, protecting, and disclosing Personal Information.

This Policy applies to Personal Information we collect:

  • On this Website.
  • In email, text, and other electronic messages we, and our Hospitality Merchants and service providers, send you.
  • Through our Website, App and other Services you access or use.
  • Through any devices that access or use our Website, Apps or other Services including devices operated by our Hospitality Merchants and/or their staff.
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy.

 It does not apply to Personal Information collected by:

  • Us offline or through any other means, including on any other website operated by OneDine or any third party (including our affiliates and subsidiaries); or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on our Website, Apps or other Services.
  • You provide to, or is collected by, any third party (see Third-Party Information Collection).

Please read this Policy carefully to understand our policies and practices regarding your Personal Information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website, Apps or other Services. This Policy may change from time to time (see Changes to Our Privacy Policy  below). Your continued use of our Website, Apps, or our other Services after we make changes is deemed to be acceptance of those changes, so please check this Policy periodically for updates.

Children Under the Age of 16

Our Website, Apps and other Services are not intended for children under 16 years of age. No one under age 16 may provide any Personal Information on our Website or through our Apps or other Services. We do not knowingly collect Personal Information from children under age 16. If you are under 16 years old, do not use or provide any information on this Website or through any of our Apps or other Services or their features, including registering a user account, making purchases, or using any of the interactive or public comment features, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at support@onedine.com.

Personal Information We Collect and How We Collect It

We collect several types of Personal Information from and about visitors and users of our Website, Apps and other Services, including information:

  • From which you can be personally identified, such as your name, postal address, e-mail address, telephone number, birthdate, and any other identifier by which you may be contacted online or offline (“Personal Information“);
  • That is about you but does not identify you individually, such as dietary preferences, and military/veteran/first responder status for special offers, etc.; and/or
  • About your internet connection, the equipment you use to access our Website, Apps or other Services, and your usage details.

We collect this information:

  • Directly from you when you provide it to us.
  • Automatically as you navigate through this Website and use our Apps and other Services. Information collected automatically includes your usage details, your IP address and or device ID, and information collected through cookies, web beacons, and other tracking technologies.
  • From third parties, for example, our Hospitality Merchants, business partners and/or service providers.

Personal Information You Provide to Us 

The Personal Information we collect on or through our Website, Apps and other Services includes:

  • Personal Information that you provide by filling in forms on our Website or in our Apps or other Services. This includes information you provide when you register to use our Apps and other Services, subscribe to our marketing communications, submit feedback, post content, or request help or other customer services. We also ask you for Personal Information when you enter a contest or promotion sponsored by us or our Hospitality Merchants, and when you report a problem about our Website, Apps or our other Services.
  • Records and copies of your communications with us such as your email address or phone number, when you contact us.
  • Your responses to surveys that we or our Hospitality Merchants, business partners or service providers ask you to complete for our research purposes.
  • Details of transactions you carry out through our Website, Apps and other Services and of the fulfillment of your orders such as: date and time of transaction; day of week; location of transaction; dining reservation; items purchased; number of guests in your party; form of payment; total spent; offers and coupons redeemed; and occasion such as birthday/anniversary, etc. You may also be required to provide financial information before placing an order through our Services.
  • Your search queries on our Website, Apps or other Services.
  • Information our Hospitality Merchants may request in order to provide you with special offers such as your anniversary, military/veteran/first responder status, and/or dietary preferences, etc.

You may also provide information to be published or displayed (hereinafter, “posted“) on public areas of our Website, Apps or our other Services or transmitted to other users or third parties (collectively, “User Contributions“). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages/you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of our Website, Apps or our other Service with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Personal Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, Apps and/or other Services, we use automatic data collection technologies to collect certain Personal Information about your equipment, browsing actions and patterns, including:

  • Usage Details of your visits to, and use of, our Website, Apps and other Services, including traffic data, location data, logs, and other communication data and the content that you access and use on the Website, Apps and/or our Services.
  • Device Information about your computer, mobile device, and internet connection, including your device’s unique device identifier (IP address/device ID), operating system, browser type, mobile network information and your mobile device’s telephone number.
  • Location Information Our Website, Apps and other Service collect real-time information about the location of your device during the time that you are accessing and/or using our Apps and Services such as the location of your transaction.

If you do not want us to collect this information do not use our Website, Apps or other Services. For more information, see YOUR CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION below. Note, however, that opting out of our Website, Apps or other Services collection of location information will disable its location-based features.

We also use these technologies to collect information about your online activities over time and across third-party websites, apps, or other online services (behavioral tracking). Some web browsers may transmit “do-not-track” signals to our Website, Apps and other Services. At this time there is no industry standard about our Services should do when those signals are received.  As a result, our Services do not currently respond to “do-not-track” signals.

The information we collect automatically is statistical data and does not include Personal Information but we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties including our Hospitality Merchants and service providers. It helps us to improve our Website, Apps and other Services and to deliver better and more personalized services, including by allowing us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Website, Apps and other Services to your individual interests and preferences.
  • Speed up your searches.
  • Recognize you when you return to our Website and use or access our Apps or other Services.
  • Use location information we collect to provide you with content specific to your location and to personalize your OneDine experience for you.

Personal Information Collection and Tracking Technologies

The technologies we use for automatic data collection include:

  • Cookies (or browser cookies/mobile cookies). A cookie is a small file placed on the hard drive of your computer or your mobile device for example to recognize you when you return to our Website, Apps and other Services. You may refuse to accept cookies by activating the appropriate setting on your browser or mobile device. However, if you select this setting you may be unable to access certain parts of our Website, Apps or our other Services. Unless you have adjusted your device settings so that it will refuse cookies, our systems will issue cookies when you visit, access or use our Website, Apps and/or other Services. For more information see our More Cookie Info Page
  • Flash Cookies. Certain features of our Website, Apps and other Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website, Apps and other Services. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Your Choices About How We Use and Disclose Your Information below and our More Cookie Info Page
  • Web Beacons. Parts of our Website, Apps and other Services, and our e-mails contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain of our Website, App, or other Services content and verifying the integrity of our systems and servers).

Third-Party Collection of Personal Information and Use of Cookies and Other Tracking Technologies

Some content or functions on our Website, Apps and our other Services are provided by third-parties including content providers, application providers, our service providers and/or our Hospitality Merchants. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website, Apps and/or other Services. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites, apps and other online services. They also use this information to provide you with interest-based (behavioral) advertising or other targeted content.

 These third parties include:

  • Our Hospitality Merchants
  • Our Service Providers (including payment processors)
  • Advertisers, ad networks, and ad servers.
  • Analytics companies (including Google Analytics)
  • Your mobile device manufacturer.
  • Your mobile service provider.

These third parties may use tracking technologies to collect information about you when you use our Website, Apps or other Services. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites, apps, and other online services websites.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about targeted content, you should contact the responsible party directly. For information about how you can opt out of receiving targeted advertising/content from many providers, see Your Choices About How We Use and Disclose Your Information below and our More Cookie Info Page.

How We Use Personal Information

We use Personal Information that we collect about you or that you provide to us to:

  • Present our Website, Apps, and other Services and their content to you, and any other information that you request from us.
  • Fulfill any other purpose for which you provide it, such as to process your orders including payment transactions and meal delivery.
  • To personalize your OneDine experience such as sending you offers from our Hospitality Merchants near the delivery address you have previously provided us.
  • Provide you with notices about your account and or subscription, including expiration and renewal notices.
  • Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • Notify you about changes to our Website, Apps or Services we offer or provide including when updates to our Website, Apps and other Services are available.
  • Allow you to participate in interactive features on our Website, Apps and other Services
  • In any other way we describe when you provide the information.
  • For other purposes with your consent.

We also use Personal Information to contact you about our own and our Hospitality Merchants’ goods and services that may be of interest to you. If you do not want us to use Personal Information relating to you in this way, please check the relevant box located on the form where we collect information from you, or your order or registration form. You can also adjust your user preferences in your account profile through our Website, Apps and/or our other Services. For more information, see Choices About How We Use and Disclose Your Information below.

We may also use the information we collect to display advertisements to our Hospitality Merchant’s target audiences. Even though we do not disclose your Personal Information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

Disclosure of Personal Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. In addition, we may disclose Personal Information that we collect, or you that you provide us as described in this Privacy Policy:
  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of OneDine’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by OneDine about users of our Website, Apps and other Services is part of the assets transferred.
  • To our Hospitality Merchants to market their products or services to you if you have consented to these disclosures. We contractually require our Hospitality Merchants to keep Personal Information confidential and to use it only for the purposes for which we disclose it to them. For more information, see Choices About How We Use and Disclose Your Information below.
  • To fulfill the purpose for which you provide it. For example, if you give us an email address to use the “email a friend” feature of our Website, Apps or other Services, we will transmit the contents of that email and your email address to the recipient. Note, we may block your use of our “email a friend” feature if we determine that your attempted use of that feature may violate any applicable laws including anti-SPAM laws. For more information, see our Terms of Use.
  • For any other purpose disclosed by us when you provide the information to us.
  • With your consent.
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of OneDine, our Hospitality Merchants, or others. This includes exchanging information with other companies and organizations for the purposes of fraud prevention and credit risk reduction.

Your Choices About How We Use and Disclose Personal Information

We strive to provide you with choices regarding Personal Information you provide to us. We have created mechanisms for you to control certain uses and sharing of over Personal Information:

  • Tracking Technologies You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. You can choose whether or not to allow our Website, App and other Services to collect information through other tracking technologies. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of our Website, Apps and other Services may not be accessible or not function properly.
  • Location Information. You can choose whether or not to allow our Website, Apps or other Services to collect and use real-time information about your device’s location through your device’s privacy settings. If you block the use of location information, some parts of our Website, Apps and other Services may become inaccessible or not function properly.
  • Disclosure of Personal Information for Promotional Offers from Us and Our Hospitality Merchants. If you do not wish to have your email address or other contact information used by us to promote our own or our Hospitality Merchants’ products or services, you can opt-out by checking the relevant box located on the form where we collect Personal Information, your order or registration form or by visiting our Subscription Center through our Website, Apps or our other Services. You may also Opt-out from any Hospitality Merchant account page, by replying STOP to an SMS message, or selecting “unsubscribe” from the footer of any email. This opt out does not apply to Personal Information you provided us related to a product purchase, customer service request or other transaction.
  • Disclosure of Personal Information for Third-Party Advertising and Marketing. If you do not want us to share Personal Information about you with unaffiliated or non-agent third parties for advertising and marketing purposes, you can opt-out by sending us an email stating your request to support@onedine.com.

We do not control third parties’ collection or use of Personal Information to serve interest-based advertising. However, these third parties may provide you ways to choose not to have Personal Information about you collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI“) on the NAI website here https://optout.networkadvertising.org/?c=1 

California residents and persons in the EU/EEA/UK may have additional Personal Information/Data rights and choices. Please see our Privacy Notice for California Residents, and Privacy Notice for Persons in the EU/EEA/UK below.

Accessing and Correcting Personal Information in General

You can review and change Personal Information you have provided us in our App by selecting “my data”.

If you delete your User Contributions from our Website, App, or other Services, copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other users. Proper access and use of information provided on our Website, App, and other Service including User Contributions, is governed by our Terms of Use.

Security of Personal Information

We have implemented reasonable measures designed to protect the security, confidentiality and integrity of Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All Personal Information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.

The safety and security of Personal Information also depends on you. Where you may have chosen a password for access to certain parts of our Website, App or other Services, you are responsible for keeping your password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of our Website, Apps and other Services like message boards. The information you share in public areas may be viewed by any user of our Website, Apps and other Services

Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect Personal Information, we cannot guarantee the security of Personal Information transmitted through our Website, App or other Services. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.

Changes to Our Privacy Policy

It is our policy to post any changes we make to this Privacy Policy on this page with a notice that the Privacy Policy has been updated via email. The date the Privacy Policy was last revised is at the top of the page. You are responsible for making sure we have an up-to-date active and deliverable email address and phone number for you, and for periodically reviewing this Privacy Policy to check for any changes.

Our Contact Information

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

support@onedine.com

OneDine Privacy Notice for California Residents

Effective Date: July 1, 2021
Last Reviewed: July 1, 2021

This Privacy Notice for California Residents supplements the information contained in OneDine’s General Privacy Policy/Notice above and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Notice.

Where noted in this Notice, the CCPA temporarily exempts Personal Information reflecting a written or verbal business-to-business communication (“CCPA B2B Personal Information“) from some its requirements.

CCPA Personal Information We Collect

We collect Personal Information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“Personal Information“). Personal Information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

In particular, we have collected the following categories of Personal Information from consumers within the last twelve (12) months:

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.

YES

B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, physical characteristics or description, address, telephone number, credit card number, debit card number.

Some personal information included in this category may overlap with other categories.

YES

C. Protected classification characteristics under California or federal law.

Age (40 years or older), sex (including gender, gender identity, gender expression, veteran or military status.

YES

D. Commercial information.

Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

YES

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

NO

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

YES

G. Geolocation data.

Physical location.

YES

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

NO

I. Professional or employment-related information.

Current or past job history.

YES

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

NO

K. Inferences drawn from other Personal Information.

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

YES

We obtain the categories of Personal Information listed above from the following categories of sources:

  • Directly from you. For example, from forms you complete or products and services you purchase.
  • Indirectly from you. For example, from observing your actions on our Website, Apps and other Services.

Use of CCPA Personal Information

We may use, sellor disclose the Personal Information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the Personal Information. For example, if you share your name and contact information to ask a question about our products or services, we will use that Personal Information to respond to your inquiry. If you provide Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your Personal Information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our Website, App and other products, and Services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your experience on our Website, Apps and other Services and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, Apps and other Services, our Hospitality Merchants, third-party sites, and via email or text message (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our Website, Apps, and other Services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our Website, Apps, and other Services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website, Apps or other Services users/consumers is among the assets transferred.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing CCPA Personal Information

We may share Personal Information by disclosing it to a third party for a business purpose.  When we disclose Personal Information for a business purpose, we enter a written contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

We may also  sell Personal Information, subject to your right to opt-out of those sales For more information on CCPA sale rights see CCPA Personal Information Sales Opt-Out and Opt-In Rights below. The CCPA prohibits third parties who purchase the Personal Information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.

Disclosures of CCPA Personal Information for a Business Purpose

In the preceding twelve (12) months, OneDine has disclosed the following categories of personal information for a business purpose:

Category A: Identifiers.

Category B: California Customer Records personal information categories.

Category C: Protected classification characteristics under California or federal law.

Category D: Commercial information.

Category F: Internet or other similar network activity.

Category G: Geolocation data.

Category I: Professional or employment-related information.

Category K: Inferences drawn from other Personal Information.

We disclose Personal Information for a business purpose to the following categories of third parties:

  • Our Hospitality Merchants
  • Our Service Providers

Sales of CCPA Personal Information

In the preceding twelve (12) months, OneDine has sold the following categories of Personal Information:

Category A: Identifiers.

Category B: California Customer Records personal information categories.

Category C: Protected classification characteristics under California or federal law.

Category D: Commercial information.

Category F: Internet or other similar network activity.

Category G: Geolocation data.

Category I: Professional or employment-related information

Category K: Inferences drawn from other Personal Information.

We sell Personal Information to the following categories of third parties:

  • Our Hospitality Merchants
  • Data aggregators

CCPA Rights and Choices

The CCPA provides California residents with specific rights regarding Personal Information. This section describes CCPA rights and explains how to exercise those rights.

CCPA Right to Know and Data Portability

California residents have the right to request that we disclose certain information to them about our collection and use of Personal Information about them over the past 12 months (the “right to know”). Once we receive your request and confirm your identity t (see Exercising Your Rights to now or Delete below), we will disclose to you:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom we share that Personal Information.
  • The specific pieces of Personal Information we collected about you (also called a data portability request).
  • If we sold or disclosed Personal Information about you for a business purpose, two separate lists disclosing:
    • sales, identifying the Personal Information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

We do not provide these access and data portability rights for CCPA B2B Personal Information.

CCPA Right to Delete

California residents have the right to request that we delete any Personal Information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your CCPA Rights to Know or Delete below), we will review your request to see if an exception allowing us to retain the information applies. 

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that Personal Information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for CCPA B2B Personal Information.

Exercising CCPA Rights to Know or Delete

To exercise the CCPA rights to know or delete described above, please submit a request to us by either:

Only California residents, or someone legally authorized to act on their behalf, may make a CCPA request to know or delete Personal Information. You may also make a CCPA request to know or delete on behalf of your minor child. Please note that OneDine does not make its App and other Services available to children under the age of 16.

California residents may only make a request to know twice within a 12-month period. Your CCPA request to know or delete must:

  • Provide sufficient information that allows us to reasonably verify the person about whom we collected Personal Information or an authorized representative; and
  • Describe your request with enough detail to allow us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

You do not need to create an account with us to submit a request to know or delete.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

For instructions on exercising sale opt-out rights, see Personal Information Sales Opt-Out and Opt-In Rights below.

CCPA Response Timing and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact support@onedine.com

We endeavor to substantively respond to a verifiable CCPA consumer request within forty-five (45) days of receiving it. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

We will deliver our written response by e-mail or electronically, at your choice.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically text formatted file(s) which may contain plain text or delimited data.

We do not charge a fee to process or respond to your verifiable CCPA consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We do not collect or sell the Personal Information of consumers we actually know are less than 16 years of age.

CCPA Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to the value of the Personal Information’s and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time. OneDine does not currently provide any financial incentives.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to support@onedine.com

CCPA Contact Information

If you have any questions or comments about this notice, the ways in which OneDine collects and uses CCPA Personal Information described here and in our general Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 1.866.441.3463

Website: www.onedine.com/CCPA

Email: support@onedine.com

Postal Address:

OneDine LLC

Attn: Michael Block/Finance

5055 W. Park Blvd, Suite 601, Plano, TX 75093

support@onedine.com or 1.866.441.3463

OneDine Privacy Notice for Persons in the EU/EEA/UK

Introduction

This EU/EEA/UK privacy notice supplements the information contained in OneDine’s general Privacy Notice above for persons located in the EU/EEA/UK and is not intended to override OneDine’s general privacy notices. It is important that you read this privacy notice together with any other privacy notices or fair processing notices OneDine may provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using the Personal Data.

For your convenience this notice is provided in a layered format so you can click through to the specific areas you are interested in. You can also download a pdf version of OneDine’s entire privacy notice here. Please also use the Glossary to understand the meaning of some of the terms used in this EU/EEA/UK privacy notice.

1. Important information and who we are

Controller

OneDine is the data controller and is responsible for this website. OneDine is also a data processor for Hospitality Merchants who use OneDine’s mobile application and other products/services to provide you their own services.

OneDine has appointed a data privacy manager who is responsible for overseeing questions in relation to this EU/EEA/UK privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact OneDine’s data privacy manager using the details below: 

Website: www.onedine.com/privacy

Email: support@onedine.com

Postal Address:

OneDine LLC

Attn: Michael Block/Finance

5055 W. Park Blvd, Suite 601, Plano, TX 75093

Phone: 1.866.441.3463

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to this EU/EEA/UK privacy notice and your duty to inform us of changes

We keep this EU/EEA/UK privacy notice under regular review. This version was last updated on the date at the top.

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if Personal Data about you changes during your relationship with us.

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share Personal Data about you. OneDine does not control these third-party websites and is not responsible for their privacy statements or practices.

When you leave our website, we encourage you to read the privacy policies and notices of every website you visit.

2. Personal Data we collect about you

Personal data, or Personal Information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of Personal Data about you as described in our general privacy notice above. 

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from Personal Data but is not considered Personal Data under the law because this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature of our website. However, if we combine or connect Aggregated Data with Personal Data about you so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this EU/EEA/EK privacy notice.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide Personal Data to us

Where we need to collect Personal Data by law, or under the terms of a contract we have with you, and you fail to provide that Personal Data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services or when Hospitality Merchants are trying to provide you with goods or services). In this case, we may need to cancel a product or service you have with us but we will notify you if this is the case at the time.

3. How we collect Personal Data

See Personal Information We Collect and How We Collect It above.

4. How we use Personal Data

We will only use Personal Data about you when the law allows us to. Most commonly, we will use Personal Data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

Click here to find out more about the types of lawful basis that we will rely on to process Personal Data.

Generally, we do not rely on consent as a legal basis for processing Personal Data about your although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by logging in to our privacy center to view and make certain decisions about our Personal Data uses here.

Purposes for which we will use Personal Data

We have set out below, in a table format, a description of all the ways we plan to use Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process Personal Data for more than one lawful ground depending on the specific purpose for which we are using the Personal Data. Please contact us if you need details about the specific legal ground we are relying on to process Personal Data about your where more than one ground has been set out in the table below.

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To register you as a new customer

(a) Identity

(b) Contact

Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

(b) Collect and recover money owed to us

(a) Identity

(b) Contact

(c) Financial

(d) Transaction

(e)Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Identity

(b) Contact

(c) Profile

(d)Marketing and Communications

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To enable you to partake in a prize draw, competition or complete a survey

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e)Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) 

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e)Marketing and Communications

(f) Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

(a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f)Marketing and Communications

Necessary for our legitimate interests (to develop our products/services and grow our business)

Marketing

We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. We have established a privacy center on this website where you can view and make certain decisions about our Personal Data uses here.

Promotional offers from us

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.

Third-party marketing

We will get your express opt-in consent before we share Personal Data about you with any third party for marketing purposes.

Opting out

You can ask us or third parties to stop sending you marketing messages at any time by logging into our privacy center to can view and make certain decisions about our Personal Data uses here OR by following the opt-out links on any marketing message sent to you.

If you opt out of receiving marketing messages, you will still continue to receive messages from us and Hospitality Merchants related to your product/service purchases, product/service experience and/or other transactions.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see onedine.com/cookies

Change of data processing purpose

We will only use Personal Data about you for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose for which we collected it. If you wish to get an explanation about how our data processing for the new purpose is compatible with our original purpose, please contact us.

If we need to use Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process Personal Data about you without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. Disclosures of Personal Data

We may share Personal Data about you with the parties set out below for the purposes set out in the table Purposes for which we will use your personal data above.

  • Third Parties as described out in the Glossary below including service providers and Hospitality Merchants located in the U.S.
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use Personal Data for their own purposes and only permit them to process Personal Data for specified purposes and in accordance with our instructions.

6. International transfers of Personal Data

We share Personal Data within OneDine and with Hospitality Merchants who use our mobile application and other Services to provide their services to you. This will involve transferring your data outside the EU/EEA/UK including to the United States.

Many of our third parties are also based outside the EU/EEA/UK so their processing of Personal Data will involve a transfer of data outside the EU/EEA/UK.

Whenever we transfer Personal Data out of the EU/EEA/UK, we seek to ensure a similar degree of protection is afforded by using specific contracts (“Standard Contract Clauses”) approved for use in the EU/EEA/UK which give Personal Data the same protection it has in the EU/EEA/UK.

We also implement and seek to require our third parties to implement supplemental data protection measures including: end to end encryption; data minimization; data pseudonymization; data anonymization; and need to know access.  Please also know that it is our good faith belief that the types of EU/EEA/UK Personal Data we receive, collect, process, use and/or share in the U.S. are not of the types of Personal Data that would generally be subject to requests from U.S. government authorities pursuant to FISA Section 702 and/or E.O. 12333. Please contact us if you want further information on the specific mechanism used by us when transferring Personal Data out of the EU/EEA/UK.

7. Personal Data security

See Security of Personal Information above.  Our security measures are designed to prevent Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Personal Data retention

How long will you use Personal Data?

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers.

In some circumstances you can ask us to delete Personal Data about you: see 9. GDPR legal rights below for more information.

In some circumstances we will anonymize Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. GDPR legal rights

Under certain circumstances, you have rights under data protection laws in relation to Personal Data. Please click on the links below to find out more about these rights:

  • Request access to Personal Data.
  • Request correction of Personal Data.
  • Request erasure of Personal Data.
  • Object to processing of Personal Data.
  • Request restriction of processing Personal Data.
  • Request transfer of Personal Data.
  • Right to withdraw consent.

If you wish to exercise any of the rights listed above, please contact us at:

Website: www.onedine.com/privacy

Email: support@onedine.com

Postal Address:

OneDine LLC

Attn: Michael Block/Finance

5055 W. Park Blvd, Suite 601, Plano, TX 75093

Phone: 1.866.441.3463

No fee usually required

You will not have to pay a fee to access Personal Data about you (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate Personal Data requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. GDPR Glossary

LAWFUL BASIS

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process Personal Data for our legitimate interests. We do not use Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of Contract means processing Personal Data about you where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal obligation means processing Personal Data where it is necessary for compliance with a legal obligation that we are subject to.

THIRD PARTIES

Third Parties include:

  • Our Hospitality Merchants.
  • Our Service Providers (including payment processors, fraud prevention agencies, and professional advisers such as lawyers, bankers, auditors and insurers who provide us consultancy, banking, legal, insurance and accounting services.)
  • Advertisers, ad networks, and ad servers.
  • Analytics companies (including Google Analytics) and data aggregators.
  • Your mobile device manufacturer.
  • Your mobile service provider.
  • Tax regulators and other governmental regulatory authorities.

YOUR GDPR RIGHTS

You have the right to:

Request access to Personal Data about you (commonly known as a “data subject access request” or “data portability request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected, though we may need to verify the accuracy of the new Personal Data you provide to us.

Request erasure of Personal Data about you. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase Personal Data about you to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of Personal Data about you where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object to our processing of Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process Personal Data which override your rights and freedoms.

Request restriction of processing of Personal Data. This enables you to ask us to suspend the processing of Personal Data about you in the following scenarios:

  • If you want us to establish the Personal Data’s accuracy.
  • Where our use of the Personal Data is unlawful but you do not want us to erase it.
  • Where you need us to hold the Personal Data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your Personal Data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of Personal Data about you to you or to a third party (commonly known as a “data portability request”). We will provide to you, or a third party you have chosen, Personal Data about you in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process Personal Data about you. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products and/or services to you. We will advise you if this is the case at the time you withdraw your consent.