Last updated: 25 May 2018.
Mobi2Go Limited (Mobi2Go or we) is committed to ensuring the privacy of personal data that it collects, stores, uses or otherwise processes in the course of providing our services, application(s) and website(s) (together, our Services). Our Services involve providing a software platform and related services to restaurants and other businesses (referred to in this policy as our Customers) wishing to provide online ordering facilities to their customers (referred to in this policy as Users).
2. What personal information we collect
Broadly speaking, we collect and use personal information about two general categories of individuals:
User information: If you’re a customer of a business that uses the Mobi2Go platform to provide online ordering via a website or app, then we will collect and store personal information about you in order to process your order(s). That information will include:
- Your name and contact information: full name, email address, telephone number, physical address
- Login details: The user name and password that you use to login to a Mobi2Go powered website or app
- Payment details: Your credit card details (which are then transmitted to and stored by a third party payment provider)
- IP address of the device(s) that you use when using a Mobi2Go powered website or app
- Ordering history: the dates and details of orders you’ve placed using Mobi2Go powered websites or apps
- Your preferences such as notifications and marketing preferences
For the purposes of GDPR in the European Union, we are the ‘data processor’ of this User information. If you are an individual who uses our Services to place orders with a Mobi2Go Customer, then that Customer (the restaurant or business you’re placing an order with) is the controller of your information and you should contact them directly for assistance with any requests or questions relating to your personal information.
Mobi2Go customer information: Restaurants and other businesses who are customers or users of Mobi2Go services are referred to as ‘Customers’ in this Policy. In respect of Customers, we collect and use personal information relating to individual employees and other staff members of those Customers, so that we can provide our Services to them. That information includes:
- Names and contact information: full name, email address, telephone number, job title
- Login and user details: eg user names
- Usage history: times and details of access to the Mobi2Go Services, such as changes they’ve made to the Customer’s account
For the purposes of GDPR in the European Union, we are the ‘data controller’ of this Customer information and we collect and store it for the purposes of providing our Services to Customers and maintaining records and contact details relating to those Services and Customers.
We also collect and store information about a Customer’s business, products and services that are displayed in apps or websites, so that Users can place orders with that Customer — for example, the location, contact details and opening hours of a restaurant, details and prices of menu items, and so on. Typically that information is not personal information (in that it does not identify any individual person).
3. What we use your personal information for
For Users: We need the personal information we collect about you in order to process any orders you place with our Customers, and so that they can provide goods and/or services to you. This includes sharing your personal information with those Customers
For Customers: We need personal information relating to individual employees and staff members so that we can provide our Services to our Customers, and so we can monitor how our Services are being used.
We also use personal information for the following purposes:
- To personalise your experience (your information helps us to better respond to your individual needs)
- To improve our website and Services
- To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
- To process transactions
- To send periodic emails
- The email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions
- Detecting, investigating and preventing fraudulent transactions and other illegal activities
Information from third party services
Compliance with laws
In certain situations, we may be required to use and disclose your information (including personal information) to a third party if we believe the disclosure is reasonably necessary:
- To comply with any applicable law, legal process (for example, subpoenas and warrants) or governmental request
- To protect the property, rights, and safety of Mobi2Go, our Customers, other Users, or the public from harm or illegal activities
- For fraud prevention, risk assessment, investigation, customer support, product development or debugging purposes
- To establish or exercise our legal rights or defend ourselves against any third-party claims or allegations
4. Who your information is shared with
Mobi2Go’s Service Providers
We work with a number of third party vendors and service providers to help us provide our Services and operate our platform (Service Providers). Those Service Providers provide certain features or functionalities (eg, SMS notifications, log-in features, customer support, chat and messaging applications, and hosting providers). In order to provide our Services, we may send them personal information for storage or processing. We’ve taken steps in our contracts with those Service Providers to make sure that they handle your personal information securely and in accordance with applicable privacy laws.
Other third parties
We may also share your personal information with Customers (ie, restaurants or businesses) with whom you place an order using Mobi2Go powered apps or websites, and with other third parties where necessary in connection with the purposes and uses of your information described in Section 3 above.
The Mobi2Go platform is integrated with a number of other third party platforms and service providers — for example, point-of-sale (POS) solutions, payment processors or delivery providers that can be used in conjunction with the Mobi2Go Services (Partners). Those Partners have separate legal contracts with our Customers, and our Customers decide what personal information is shared with those Partners. We don’t have any control over how those Customers use your personal information, and you should contact those Partners, or the Customer who you place orders with, directly if you have any queries about how they use and protect your personal information.
5. Where your information is stored or located
Mobi2Go operates globally, and its Service Providers are located in various countries around the world. This means that your personal information may be transferred to and stored in countries other than the country you live in.
The main countries where your personal information will be stored or processed are:
- New Zealand, where Mobi2Go is incorporated
- Australia, where our hosting services provider is located
For EU individuals: Your personal information will be stored outside of the European Economic Area (EEA). Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US based third parties).
6. How we protect your information
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.
All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.
Cookies are small files that a website, app or its service provider transfers to your computer’s or device’s hard drive through your web browser or through the app (if you allow), and that enable our systems to recognise your browser or device and capture and remember certain information.
As you browse mobi2go.com, advertising cookies will be placed on your computer so that we can understand what you are interested in. Our display advertising partners, then enable us to present you with retargeting advertising on other sites based on your previous interaction with mobi2go.com. The techniques our partners employ do not collect personal information such as your name, email address, postal address or telephone number.
8. Retention of information
Where we process Customer information, we retain personal information we collect from you where we have an ongoing legitimate business need to do so (in connection with the purposes set out in Section 3 above). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
For User information, we retain personal information collected about Users until instructed by our Customers (as controllers of that information) or by a User to delete it.
9. Your privacy choices
You have a number of rights when it comes to your personal information:
- You can ask to access a copy of any personal information we hold about you, and request that we correct or update that information.
- You can request that we stop processing personal information about you and permanently delete it.
- You can ask for a copy of your personal information.
You can exercise any of these rights by contacting us at firstname.lastname@example.org or by writing to us at the mailing address in Section 11 below.
If you’re not happy with the how we’re processing your personal information, you have the right to complain to the data protection authority or privacy regulator in your jurisdiction. Your local data protection authority will be able to give you more information about your privacy choices and rights, and how to submit a complaint.
11. How to contact Mobi2Go
Level 4, 59 Courtenay Place, Wellington 6011
In Australia, you can write to us at:
120 Spencer St
Melbourne VIC 3000