We are committed to keeping your personal data safe and secure and handling it in accordance with our legal obligations. This Privacy Policy sets out the purposes for which we process your personal data, who we share it with, what rights you have in relation to that data and everything else we think it's important for you to know.
Who's in control of my personal data?
The Ontapp app is Ontapp Ltd ‘Us’. We are a registered company in England under company number 12674131 and our registered office address is: Front Suite, First Floor, 131 High Street,
Teddington, Middlesex, TW11 8HH
We are the "Controller" of all personal data collected and used for the purposes of providing Ontapp and for any other purposes set out in this Privacy Policy. This means that we are responsible for deciding how and why your data is used and for ensuring that your data is handled legally and safely.
Information we collect from you
When you register for an Ontapp account we collect the following information from Facebook, Google or the form provided (we call this Account Information):
your first name and surname;
your email address;
your mobile phone number;
your Facebook or Google profile picture
you date of birth;
If you register as a business we also collect the following
company name;
company address;
business location information;
If you set up your Ontapp App account to pay for goods from businesses listed on the app, our payment processors (Stripe and Square) collects the following information (‘payment information’)
Name on card
Card number
Expiry date
CVV
Postal Code
House name/no.
Country
If you have setup a business account the following data is also stored by Stripe(not by Us).
Name of account holder
Account number
Sort Code
Country
We collect your profile picture if you provide this information in the settings.
Information we collect about you.
Each time you use the App or our site, we may automatically collect and process the following information:
Technical information about your Mobile Device or computer (in each case Device). Including, where available, your Device’s IP address and other unique identifiers, operating system and browser type, as well as your Mobile Device’s mobile network information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual;
Details about your use of the App or our site. Including pages and screens you visit, length of visit, and buttons and links you clock on. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
Our website located at www.ontapp.app (our site) uses cookies and/or other similar technologies (for example, analytics) (together Cookies). We use Cookies to help us understand how people use the Site, analyse which parts of the Site people find most useful and engaging, and identify features that could be improved. Cookies do not identify you individually to us. By continuing to use the site, you are agreeing to our use of Cookies.
App Transaction Logs. If you take part in a ‘Transaction’ – by sending an order to a business, or by responding to an order as a business, then we log the following details of the transaction:
Name and email address of the person sending the order ('Customer') and of the business responding to the order ('Business')
Location of the Customer when they send the request
The date and time of the request
The items in your order, customisation text, amounts and prices
When the order is marked as prepared
When the order is marked as served/collected/delivered
The outcome of the transaction e.g. 'paid', 'failed', 'refunded'
Your location. If you select ‘Notifications On’ within the App and set Location Services to ‘Always’ within your phone’s privacy settings, then your location is continuously and anonymously recorded for the purposes of making ('Customer') and receiving ('Business') relevant order requests (see section 5 below).
What do you use my personal data for?
We use your Account Information to identify you as a unique user and create a public profile so you can identify yourself and interact with other users. Customer public profile consists of your first name and profile pictures. Business public profiles consist of the name of the business/venue/event, location, description, menus and the order points for that business.
We use your email address to send you emails for reasons of legitimate business interests. These include service messages about Ontapp, for example to let you know if Ontapp is experiencing technical issues.
We will also use your email address to send you messages about Ontapp for reasons of legitimate business interest – including advice on how to use the App more efficiently and effectively, information about new features and how to use them, or how you can increase the money you can make from using Ontapp as a Business, or savings and promotional offers as a Customer. You can choose not to receive these emails by following the instructions in each email to unsubscribe.
Your Payment Information is used by our Payment Processors (Stripe & Square) to process outgoing payments, and Stripe to make payments into your account (Businesses).
We use Technical information about your Mobile Device or computer and Details about your use of the App or our site to:
To administer the App and our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical purposes;
To improve the App and our site and to ensure that content from the App and our site is presented in the most effective manner for you and for your Device;
As part of our efforts to keep the App and our site safe and secure;
We collect App Transaction Logs for the following purposes:
In order to detect any breaches of our Terms & Conditions of use (for example, using the App for a prohibited purpose)
So that the information is available as required to aid any legal or law enforcement investigation
To support customer service enquiries into specific transactions
To support our work to improve the quality of the service we provide
Who do we share your personal data with, and where is it stored?
We use the following data processors to store your data:
Mailchimp. We use Mailchimp to send you emails, whose privacy policy you can read here https://mailchimp.com/legal/privacy/. Mailchimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all Personal Information received from EEA member countries, United Kingdom, and Switzerland, respectively, in reliance on each Privacy Shield Framework, to each Framework’s applicable Principles.By submitting your Personal Data, you agree to the transfer, storing and processing of your Personal Data by Mailchimp.
Intercom. We use Intercom to handle Customer and Business enquiries. Intercom is commited to customer trust and keeping their data safe. Their privacy policy is available from https://www.intercom.com/legal/privacy. If you make a sales or support enquiry with us by email, phone or social media you agree to the storing and processing of your personal data by Intercom.
Segment. Segment respects your privacy rights and is committed to transparency in how we collect, use and share your personal information. Their privacy policy is available from https://segment.com/legal/privacy/. Segment collects and unifys user events from our web & mobile apps in order to improve our service.
Amazon Web Services ('AWS'). We use Amazon Web Services to host store Account Registration data and App Transaction Logs, whose privacy policy you can read here https://aws.amazon.com/privacy/. By submitting your Personal Data, you agree to the transfer, storing and processing of your Personal Data by AWS.
Twilio. We use Twilio to host store Account Registration data and send SMS and Email data in order to adminster the Ontapp Service. Their privacy policy you can read here https://www.twilio.com/legal/tos. By submitting your Personal Data, you agree to the transfer, storing and processing of your Personal Data by Twilio.
We use MixPanel to record and analyse in-app activity to improve our service and ensure we can respond to customer service inquiries. We share your name, device information and activity data with Mixpanel. Mixpanel participates in and has certified its compliance with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. Mixpanel is committed to subjecting all personal information received from EU member countries, the United Kingdom, and Switzerland, respectively, to the Frameworks’ applicable principles and you can read their privacy policy here: https://mixpanel.com/legal/privacy-policy/.
By submitting your Personal Data, you agree to the transfer, storing and processing of your Personal Data by MixPanel.
Checkout.com (payment processor). We use checkout.com to process some payments, whose privacy policy you can read here https://www.checkout.com/legal/privacy-policy By setting up payment information within the app (either to pay or to be paid for completed orders) you agree to the checkout.com Terms & Policies which you can read here https://www.checkout.com/legal/terms-and-policies.
Stripe (payment processor). We use Stripe to process some payments, whose privacy policy you can read here https://stripe.com/gb/privacy. By setting up payment information within the app (either to pay or to be paid for completed orders) you agree to the Stripe Account Agreement which you can read here https://stripe.com/gb/connect-account/legal.
Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)—an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US. To ensure the adequate protection of personal data, we have certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
Google- Firebase. We use Google Firebase to facilitate use of the app and technical analytics including crash reports. By using the app, you agree to the transfer, storing and processing of your Usage data. Firebase are committed to privacy and you can read their privacy policy here https://firebase.google.com/support/privacy
By submitting your Personal Data, you agree to the transfer, storing and processing of your Personal Data by all our data processors.
How long do you keep my personal data for?
We will keep your Account Information and Payment Information for as long as your account remains open. You can close your account at any time by emailing info@ontapp.app and asking to close your account. It will take 30 days for this personal data to be deleted.
We keep App Transaction Logs for seven years. This is so we are able to respond to any query by you, the parties you have transacted with, or any law enforcement official, about specific transactions.
What rights do I have?
You have a number of rights under data protection law. These rights and how you can exercise them are set out in this section. We will normally need to ask you for proof of your identity before we can respond to a request to exercise any of the rights in this section and we may need to ask you for more information, for example to help us to locate the personal data that your request relates to.
We will respond to any requests to exercise your rights as soon as we can and in any event within one month of receiving your request and any necessary proof of identity or further information. If your request is particularly difficult or complex, or if you have made a large volume of requests, we may take up to three months to respond. If this is the case we will let you know as soon as we can and explain why we need to take longer to respond.
If you want to exercise any of these rights, please email us at info@ontapp.app.
A right to access your information
You have a right to ask us to send you a copy of all the personal data that we hold about you (subject to some exceptions).
A right to an electronic copy of your information
You can also ask us to send you the Account Information that we hold about you in a common electronic format, or to ask us to transfer that data to a third party if you want us to and if it is technically feasible for us to do so.
A right to object to us processing your information
You have a right to object to us processing any personal data that we process where we are relying on legitimate interests as the legal basis of our processing.
If you make a request to exercise your right to object, if we have legitimate grounds to carry on processing your personal data, we will be able to continue to do so. Otherwise, we will cease processing your personal data.
A right to ask us not to send you messages about our service
You can ask us not to send you messages about using the Ontapp service. You can do this by following the "unsubscribe" instructions in any email you receive from us.
A right to have inaccurate data corrected
You have a right to ask us to correct inaccurate data that we hold about you. If we are satisfied that the new data you have provided is accurate, we will correct your personal data as soon as possible.
A right to have your data erased
You have a right to ask us to delete your personal data in certain circumstances, for example if we have processed your data unlawfully or if we no longer need the data for the purposes set out in this Privacy Policy.
A right to have processing of your data restricted
You can ask us to restrict processing of your personal data in some circumstances, for example if you think the personal data is inaccurate and we need to verify its accuracy, or if we no longer need the data but you require us to keep it so that you can exercise your own legal rights.
Restricting your personal data means that we only store your personal data and don't carry out any further processing on it unless you consent or we need to process the data to exercise a legal claim or to protect a third party or the public.
How can I contact you?
If you have any questions or concerns about this Privacy Policy and/or our processing of your personal data, you can contact us at info@ontapp.app
What if this policy changes?
We may make changes to this Privacy Policy from time to time. Any changes we make will be posted on this page. We may also notify you by email if significant changes are made.