Summary of how we use your data

1.1 My Dining Place uses your personal data to enable you to make a reservation or purchase a voucher at one of our participating restaurants and to allow us to assist you

1.2 Where we rely on your consent, such as for direct marketing, technical support, software updates and analytics, you can withdraw this consent at any time.

What does this policy cover?

2. This policy describes how The My Dining Place Group Private Limited ( an Indonesia private limited company) and its affiliates (also referred to as “My Dining Place”, “we” or “us”) will make use of your data in relation to any reservations made or vouchers purchased at one of our participating restaurants. You can identify the relevant My Dining Place entity that hosts a particular site or app and is responsible for your information under this policy here. In addition, we will use your data in order to provide help and support to you.

What information do we collect?

3.1 We collect and process personal data about you when you interact with us, our websites and our apps, and when you purchase goods and services from us. This includes:

3.1.1 your name, username and password;

3.1.2 date of birth;

3.1.3 your email address and phone number;

3.1.4 your home address/location;

3.1.5 your payment and delivery details, including billing address and credit card details, where you make purchases from us;

3.1.6 needs of your Facebook, Twitter login;

3.1.7 your IP address and browser location when visiting our website and at the time of purchase;

3.1.8 information related to the browser or device you use to access our website or apps;

3.1.9 your physical/current location when using our apps;

3.1.10 food preference (allergies);

3.1.11 analytical information regarding your usage of our app; and

3.1.12 your marketing preferences, including any consents you have given to us.

3.2 Our website and our apps include a text box which is designed for you to provide us with certain information regarding your dining preferences. You should be aware that any information that you provide to us in that text box may be shared with the relevant restaurant (as detailed in the “who will we share this data with” section, below).

3.3 Additionally, we may receive personal data from sources other than you, such as from third-party websites, applications, services, restaurants and other third parties, including individuals who have added you as a guest to their reservation. If you are an existing My Dining Place user we may combine this information with information we have on you and use it for the purposes described below.

4. How do we use this information, and what is the legal basis for this use?

4.1 We process this personal data for the following purposes:

4.1.1 Performance of a contract – To fulfil a contract, or take steps linked to a contract: this is relevant where you make a reservation or purchase a voucher from us. This includes:

4.1.1.1 verifying your identity;

4.1.1.2 taking payments;

4.1.1.3 keep in touch with you;

4.1.1.4 making a restaurant reservation for you, to put you on a waiting list or delivering to you a voucher/e-voucher that you have purchased; and

4.1.1.5 providing after-sales support to you.

4.1.2 Legitimate purpose – Where we have a legitimate interest. This includes:

4.1.2.1 where we use information you provide to personalise our website, products or services for you;

4.1.2.2 responding to or following up on your comments and questions;

4.1.2.3 where we monitor customer accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;

4.1.2.4 monitoring use of our websites and online services, and use your information to help us monitor, improve and protect our products, content, services and websites, both online and offline; and

4.1.2.5 conducting research, analysis and analytics;

4.1.3 Consent – Where you give us consent:

4.1.3.1 we will send you direct marketing in relation to our relevant products and services, or other products and services provided by us, our affiliates and carefully selected restaurant partners;

4.1.3.2 we place cookies and use similar technologies in accordance with our Cookies Policy and the information provided to you when those technologies are used;

4.1.3.3 on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.

4.1.4 Required by law – For purposes may or wil required by law:

4.1.4.1 where we need parental consent/monitor to provide services to children under 16. However, most of our websites are not designed for children under 16.

4.1.4.2 in response to requests by government or law enforcement authorities conducting an investigation.

4.2 In certain jurisdictions, consent is the primary ground on which personal data may be processed by an organisation. In those jurisdictions, processing personal data in connection with the performance of a contract or legitimate purposes is not recognised as an accepted ground on which personal data may be processed. Accordingly, if you are a resident in such a jurisdiction, you agree that consent will be the ground on which My Dining Place will process your personal data instead of performance of a contract or legitimate purposes.

5. Withdrawing consent or otherwise objecting to direct marketing

5.1 Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.

5.2 Please note that even if you opt-out of receiving marketing communications, we may need to send you service-related communications such as confirmations of any future reservation you may make.

6. Who will we share this data with, where and when?

6.1 We will share your personal data with other companies in the My Dining Place group in order to provide reservation and support services to you.

6.2 Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

6.3 Personal data will also be shared with third party service providers, who will process it on our behalf for the purposes identified above. Such third parties include providers of customer and technical support services, logistics and delivery providers, and technology development partners.

7. How is your data protected?

7.1 To protect your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers, restaurants and agents is only on a need-to-know basis.

7.2 You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

8. What rights do I have?

8.1 To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers, restaurants and agents is only on a need-to-know basis.

8.2 You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.

8.3 In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

8.4 These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

8.5 To exercise any of these rights, you can get in touch with us – or our data protection officer – using the details set out below. If you have unresolved concerns, you have the right to complain to an appropriate data protection authority where you live, work or where you believe a breach may have occurred.

8.6 In order to make a restaurant reservation or to buy a voucher from us, the provision of certain information (for example your name, email address, telephone number, payment information and IP address) is mandatory to enable us to make that reservation for you or the sell you that voucher. If relevant data is not provided or if you require us to delete, restrict or cease the processing of that data, then we will not be able to reserve that restaurant for you or sell you the voucher.

8.7 For technical support the provision of certain information (for example your name or email address) is mandatory. If relevant data is not provided, then we may not be able to provide you with technical support.

8.8 All other provision of your information is optional.

8.9 Where you provide us with the personal data of any other individual, including any individual whom you might like to notify that a reservation at a particular restaurant has been made using My Dining Place’s services, you confirm that you have notified the individual of the purposes to which you are providing My Dining Place with that third party’s personal data and you have obtained the person’s consent to providing My Dining Place with the person’s personal data.

9. How long will you retain my data?

9.1 Where we process personal data in connection with performing a contract (for example in relation to any restaurant reservation or the purchase of a voucher), we keep the data for 6 years from the date of the reservation or purchase.

9.2 Where we process personal data for site security purposes, we retain it for 12 months or such other long period as may be required in certain jurisdictions.

9.3 Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.

10. Links to other websites

10.1 Our website or apps may have links to other websites that are not owned or controlled by My Dining Place. We have no control over these third party websites and your use or the third party websites are subject to their privacy policy. Your use of the third parties’ website is at your own risk. We encourage you to read the privacy policies of those third party websites.

11. Changes to this policy

11.1 We reserve the right to update this policy from time to time by posting the updates to this policy on our site or app. Any updates will become effective immediately after posting and will apply to all information collected about you, or where required, upon your consent. You are free to decide whether or not to accept a modified version of this policy. If you do not agree to the modifications, you must cease further use of our site or app.

11.2 If we make changes that materially impacts previously collect personal data about you, we will obtain your prior express consent.