This Privacy Policy describes how your personal data is handled when you use this application or website ("this Application"). Two parties may be involved: Limited, which provides the underlying technology and acts as the data processor, and the business whose branding appears on the service you are using, which acts as the data controller and decides why and how your data is used.

Protecting your privacy matters to us. When we ask you for information that identifies you, we use it only as set out here. This Application collects some personal data from its users, and you can print this policy at any time using your browser's print function.

Depending on how you use this Application, we may collect the following, either directly or through third parties: cookies and usage data; your first and last name, phone number, company name, and email address; username, country, language, and password; geographic position and communicated data; device information, unique advertising identifiers (such as Google Advertiser ID or IDFA), and purchase history. On mobile, we may also request device permissions covering contacts, camera, precise (non-continuous) location, phone, SMS, and Bluetooth sharing.

Each category is explained either in the relevant section below or in a notice shown to you before the data is collected. You may provide some data yourself; usage data is gathered automatically as you use the service. Unless stated otherwise, the data we request is necessary, and withholding it may prevent the service from working. Where data is optional, you may decline to provide it without affecting the service. If you are unsure what is required, please contact the Owner.

Any use of cookies or other trackers, whether by this Application or by third-party services it relies on, serves to deliver the service you have requested and the additional purposes described here and in the Cookie Policy. You are responsible for any third-party personal data you obtain, publish, or share through this Application.

Methods

The Owner applies appropriate security measures to guard against unauthorised access, disclosure, alteration, or destruction of your data. Processing is carried out with computers and IT tools, following procedures tied to the stated purposes. Besides the Owner, your data may in some cases be accessible to staff involved in operating this Application (in administration, sales, marketing, legal, or system administration) or to external parties — such as technical service providers, mail carriers, hosting providers, IT firms, or communications agencies — appointed where necessary as data processors. You may request an up-to-date list of these parties at any time.

Place

Your data is processed at the Owner's offices and wherever the parties involved in processing are located. Depending on your location, this may mean transferring your data to a country other than your own; the section on data transfers below explains the safeguards that apply.

Retention

Unless stated otherwise, personal data is kept for as long as needed for the purpose it was collected for, and may be held longer to meet a legal obligation or because you have consented. In practice: data tied to a contract is kept until the contract is fully performed; data held for the Owner's legitimate interests is kept as long as needed for those interests; and data may be kept longer where you consent or where the law requires. Once the retention period ends, the data is deleted, and rights such as access, erasure, rectification, and portability can no longer be exercised over it.

We process your data to provide and operate the service, meet our legal obligations, respond to enforcement requests, protect our rights and those of our users and third parties, and detect fraudulent or malicious activity. Beyond that, the specific purposes include:

• Analytics, and content performance and feature testing (A/B testing)
• Registration and authentication, and access to third-party accounts
• Contacting you, managing contacts and sending messages, and handling support and feedback requests
• Handling payments and selling goods and services online
• Hosting and backend infrastructure, platform services, and infrastructure monitoring
• Displaying content from external platforms and interacting with external social networks and live chat platforms
• Location-based interactions and location processing, and device permissions for accessing personal data
• Advertising, remarketing and behavioural targeting, and transfers of data outside the EU

On mobile, this Application may ask for permissions that let it access certain device data. By default you must grant these before the relevant data can be accessed, and you can revoke them at any time through your device settings or by contacting the Owner. The exact steps depend on your device and software, and revoking a permission may affect how well the Application works.

• Bluetooth sharing — scanning for and connecting to nearby devices and transferring data between them.
• Camera — accessing the camera to capture images and video.
• Contacts — accessing and, where applicable, changing contacts and profiles on your device.
• Phone — read-only access to telephony features such as the device phone number, network information, and call status.
• Precise location (non-continuous) — accessing your precise location to provide location-based services; your position is not tracked continuously, so we cannot derive it on an ongoing basis.
• SMS — sending, receiving, and reading SMS messages.

Personal data is collected for the purposes below using the following services. Where a service states "various types of data," the specifics are set out in that provider's own privacy policy. Services that connect to third-party accounts are not activated automatically and require your explicit authorisation.

Analytics

Access to third-party accounts

Contacting the user

Content performance and feature testing (A/B testing)

Displaying content from external platforms

Handling payments

These services process payments by card, bank transfer, or other means, and we share only the information needed to complete the transaction. Some may also send timed messages such as invoices or payment notifications.

Hosting and backend infrastructure

Infrastructure monitoring

Interaction with external platforms, live chat, and support

Managing contacts and sending messages

Platform services and hosting

Registration and authentication

Remarketing and behavioural targeting

These services serve advertising based on your past use of this Application, using trackers and usage data shared with advertising partners; some support email-list-based remarketing. You can opt out via each service and via the Network Advertising Initiative opt-out page, or through your device's advertising settings.

Advertising

These services use your data to show banners and other advertisements, which may be based on your interests. Not all personal data is used for this. Some may use trackers or behavioural retargeting, including activity detected outside this Application.

Location processing and location-based interactions

Business partners and restaurants

We may share your personal data with business partners and restaurants you have placed an order with, so they can process and deliver it. We share details such as your email and information about your order with that partner for the performance of our contract; the partner has its own responsibilities for that data, and in turn shares data with us so we can provide our services to you.

Where data collected within the EU is transferred to a country outside it, the transfer relies on one of the legal bases below, and you can ask the Owner which applies to a given service:

• Consent — data is transferred only after you have explicitly consented, having been informed of the possible risks where there is no adequacy decision or appropriate safeguards.
• Standard contractual clauses — the transfer uses the European Commission's standard contractual clauses, under which recipients commit to EU data-protection standards.
• Adequacy decision — the transfer relies on a European Commission decision recognising that the destination country offers comparable protection; an up-to-date list is published on the Commission's website.
• Other bases — where none of the above applies, a transfer may proceed only if necessary for a contract with or in the interest of the user, for important public-interest reasons, for legal claims, or to protect someone's vital interests where they cannot consent.

To the extent permitted by law, you may:

• Withdraw consent at any time where processing is based on consent.
• Object to processing carried out on a legal basis other than consent.
• Access your data, learn whether it is being processed, and obtain a copy.
• Verify its accuracy and ask for it to be corrected or updated.
• Restrict processing, so that the Owner only stores your data.
• Have your data erased.
• Receive your data in a structured, machine-readable format and, where feasible, have it transferred to another controller.
• Lodge a complaint with your competent data protection authority.

Where processing serves a public interest, official authority, or the Owner's legitimate interests, you may object by citing grounds relating to your particular situation. Where your data is processed for direct marketing, you may object at any time, free of charge and without giving a reason, after which it will no longer be used for that purpose.

How to exercise your rights

You can direct any request to the Owner using the contact details in this document. Requests are free and answered as soon as possible, always within one month. Any rectification, erasure, or restriction will be communicated to each recipient of your data where feasible, and the Owner will tell you who those recipients are on request.

Legal basis of processing

The Owner may process your data where: you have consented for one or more purposes; processing is needed to perform an agreement with you or take pre-contractual steps; processing is required by a legal obligation; processing serves a task in the public interest or official authority; or processing serves the legitimate interests of the Owner or a third party. The Owner can clarify the specific basis that applies, including whether providing data is a statutory or contractual requirement.

• Profiling — the Owner may use your personal and usage data to build or update profiles in order to evaluate your choices, preferences, and behaviour. You always have the right to object to profiling.
• Data from other sources — the Owner may have lawfully obtained data about you from third parties; where this happens, you can find details in the relevant sections or by contacting the Owner.
• Push notifications — this Application may send push notifications, including for direct marketing of its own or third-party products. You can opt out via your device settings, though disabling them may reduce the usefulness of the Application.
• Selling online — data collected to complete a purchase may include the payment means used, depending on the payment system.
• Equal protection — the Owner shares data only with carefully selected third parties that offer equivalent protection to that described here and required by law.
• Legal action — your data may be used in court or in the stages leading to legal action arising from misuse of this Application, and may be disclosed at the request of public authorities.
• System logs and maintenance — this Application and third-party services may collect system logs and other data (such as IP address) for operation and maintenance.
• Cookies — this Application uses trackers; see the Cookie Policy for details, including how to opt out of interest-based advertising.
• Changes — the Owner may update this policy at any time by posting it on this page and, where feasible, notifying users. Please check this page regularly and note the date below. Where changes affect consent-based processing, new consent will be collected where required.
• Information not covered here — further details about the collection or processing of personal data can be requested from the Owner at any time.

• Personal data — any information that, directly or indirectly, allows a natural person to be identified.
• Usage data — information collected automatically, such as IP addresses or domain names, request times and methods, response size and status codes, country of origin, browser and operating-system characteristics, time spent per page, the path followed through the Application, and other device and environment parameters.
• User — the individual using this Application, who unless stated otherwise is the data subject.
• Data subject — the natural person to whom the personal data refers.
• Data processor — the party that processes personal data on behalf of the controller; here, Limited.
• Data controller (Owner) — the party that, alone or with others, determines the purposes and means of processing; here, the business whose branding appears on this Application.
• This Application — the means by which your personal data is collected and processed.
• Service — the service this Application provides, as described in its terms and on this site or application.
• European Union (EU) — unless stated otherwise, all references include the current EU member states and the European Economic Area.
• Cookie — a tracker consisting of a small set of data stored in your browser.
• Tracker — any technology — cookies, unique identifiers, web beacons, embedded scripts, e-tags, fingerprinting — that enables tracking by accessing or storing information on your device.

This policy relates solely to this Application unless stated otherwise within it.