Privacy Policy

Privacy Policy

June 14, 2023 2023-06-15 8:42

Please read this document carefully to understand our position and policy regarding your Personal Data and how we will use it.

The privacy policy of the “GetOrder” Service (hereinafter – the “Privacy Policy”) describes our policy regarding the privacy of Personal Data processed by the Service.

References to the words “we”, “our” or “us” (or words of similar meaning) mean the GetOrder Service, depending on the context of the Privacy Policy.

References to the words “you”, “your” or “your” (or similar words) mean our Client or Consumer, depending on the context of the Privacy Policy.

The Privacy Policy applies only to Personal Data collected during the provision of the Services.

The Privacy Policy does not apply to Personal Data collected offline or by methods other than those used by the Service.

The words he/she and their derivatives in the text of the document can be applied to either a male person or a female person, depending on the context of the document.

1. DEFINITIONS

1.1. Aggregator – is a service for the delivery of meals, drinks and food products.

1.2. Client – is a natural person, an entrepreneur and/or a legal entity that uses the GetOrder Service for the Integration of Aggregators.

1.3. Controller — is any natural or legal person, state body, institution or other body that independently determines the purposes and means of processing Personal and Statistical Data.

1.4. Processor — means a natural or legal person, state body, institution or other body that processes Personal and Statistical Data on behalf of and on behalf of the Controller.

1.5. Personal data – is information that allows the Client to be identified directly or indirectly.

1.6. The Client’s consent (hereinafter “Consent”) – is a voluntary, specific, conscious and unambiguous expression of will in which the Client, in the form of a statement or a direct positive action, agrees to the processing of his Personal Data.

1.7. Services — means tools and materials developed and provided by GetOrder to the Client for the implementation of the Integration.

1.8. GetOrder service (hereinafter “Service” or “GetOrder”) – is a web portal located at the electronic address: https://api.getorder.biz/, which allows the Client to receive Services.

1.9. Integration – is the algorithm of actions of the Client on the web page of the Service, which consists in installing the Service on the Client’s site to connect Aggregators to his site.

1.10. Statistical data – is information that allows the identification of the Client, which is necessary for the Integration of the Service and obtaining the Services, but is publicly available.

1.11. Cookies – are small text files that are stored on the Client’s devices and with the help of which the Client uses the Service’s website.

1.12. Consumer – is any natural person who orders the Client’s products using the Aggregator.

1.13. Third Party – means a natural or legal person, government body, institution or body other than the Client, Consumer, Controller, Processor and persons authorized by the Controller or Processor under their direct supervision to process Personal Data.

2. GENERAL

2.1. The Privacy Policy applies to Personal and Statistical Data that the Client provides to the Service when receiving Services and/or interacting with Service employees.

2.2. The Service provides Services to Clients from different regions of the world, therefore the Service uses the legislation of different jurisdictions in its activities.

2.3. The Service processes and stores Personal and Statistical Data based on the following legal acts:

                 2.3.1. Processing of Personal Data and Statistical Data of residents of Ukraine is regulated by the Law of Ukraine “On Protection of Personal Data”;

                2.3.2. In the case of processing Personal Data of EU and EEA residents based on the principles of legality, fairness and transparency in accordance with the General Data Protection Regulation (GDPR);

                2.3.3. Processing of Personal Data and Statistical Data of residents of the Republic of Kazakhstan is regulated by the Law of the Republic of Kazakhstan “On Personal Data and Their Protection”

                2.3.4. Processing of Personal Data and Statistical Data of residents of Georgia is carried out in accordance with the Law of Georgia “On Protection of Personal Data”

2.4. The Service acts as a Processor regarding the processing of Personal and Statistical data that it receives during the provision of Services to the Client, and the Client acts as a Controller regarding the processing of Personal and Statistical data.

3. PERSONAL AND STATISTICAL DATA

3.1. During interaction with the Client, the Service may receive the following Personal Data of employees of the Client’s company:

      3.1.2. full name and surname;

      3.1.3. contact phone number;

      3.1.4. e-mail;

       3.1.5. api key;

       3.1.6. IP address, devices, operating system and browser.

3.2. During interaction with the Client, the Service collects the following Statistical Data:

       3.2.1. company name;

       3.2.2. legal address of the company;

       3.2.3. the address of locations for the provision of Services;

       3.2.4. bank details, only on the condition of receiving a refund request;

       3.2.5. the language used by the Client.

3.3. When visiting the Service site or receiving Services, GetOrder may collect the following Personal Data automatically:

       3.3.1. IP address;

       3.3.2. time zone and language settings;

       3.3.3. browser type and version;

       3.3.4. operating system, device type and screen extension;

       3.3.5. the country in which you are located;

       3.3.6. data about your visit to the Site, including complete information about the URL, the route of transitions to the Site and when entering/exiting the Site (including date and time), page response time, data loading errors, duration of stay on certain pages, activity on the page (such information such as scrolling and mouse movements, clicks), methods used to exit the page and telephone numbers used to contact the Client service center.

3.4. GetOrder does not collect or process sensitive Personal Data of the Client’s employees, such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, information about health, sex life or sexual orientation.

3.5. The Service collects and processes Personal and Statistical Data of the Client as follows:

 3.5.1. during interaction with the Service, namely: when receiving Services;

 3.5.2. while using the Service website, namely: when contacting technical support, when viewing pages, leaving feedback, etc.;

 3.5.3. using log files, Cookies and other tracking technologies;

 3.5.4. using messengers, if the Client communicates with the Service employee using messengers;

3.5.5. with the help of lead forms posted on the website of the Service and/or in the social network used by the Client;

3.5.6. during Integration;

3.5.7. using social networks: Facebook, Instagram, Linkedin, Crunchbase;

3.5.8. by analyzing the Personal Data contained in the content that the Client provides to the Service;

3.5.9. when the Client sends a refund request;

3.5.10. when the Client provides bank details.

3.6. The Service collects, processes and uses Personal and Statistical Data of Clients for the following purposes:

3.6.1. to fulfill our obligations, to provide Services;

3.6.2. to ensure the security of the Service site;

3.6.3. to administer the Service site and conduct internal operations, including troubleshooting, data analysis, testing and conducting surveys;

3.6.4. to provide support, respond and resolve your complaints and respond to your request;

3.6.5. to carry out refund operations;

3.6.6. to timely inform the Client about: updated products, unique offers, new prices and news about the Service’s activities;

3.6.7. to improve the navigation of the Service site based on your preferences;

3.6.8. to carry out marketing activities, which may consist of: displaying to you marketing content that matches your interests, namely, behavioral advertising that matches your preferences, taking actions related to direct marketing, namely, sending commercial information electronically;

3.6.9. to respond to requests from law enforcement agencies;

3.6.10. to initiate responses to lawsuits, investigations, or resolve disputes with you.

3.7.  The Service can receive Personal and Statistical data of the Consumer when the Consumer orders the Client’s products using the Aggregator. If the Service receives any Personal and Statistical Data of the Consumer, it will be processed in accordance with the terms of this Privacy Policy. The Client undertakes to personally notify the Consumer and obtain his consent that his Personal and Statistical Data may be transferred to the Service and in this case will be processed in accordance with the terms of this Privacy Policy. The Service is not responsible if the Client has not informed its Consumer that his Personal and Statistical data may be transferred to the Service when the Consumer orders the Client’s products using the Aggregator.

4.TRANSFER OF PERSONAL AND STATISTICAL DATA

4.1. The Service may transfer the Client’s Personal and Statistical Data to entities with which GetOrder cooperates in the implementation and provision of Services:

4.1.1. Contractors and employees. The Service may transfer Personal and Statistical Data to other subjects with whom it will begin cooperation, including legal and tax consultants, as well as subjects that provide accounting, marketing, and IT services.

4.1.2. Courts, law enforcement, and state bodies. The Service has the right to transfer Personal and Statistical data in case of fulfillment of any legal obligations, including in connection with a court order.

4.1.3. Third Party. The Service has the right to disclose or transfer Personal and Statistical Data of the Client during the following transactions: acquisition or merger, financing, corporate reorganization, joint venture, including the sale of assets, or in the event of bankruptcy.

4.1.4. Aggregators. The Service has the right to transfer Personal and Statistical data to the Aggregator during Integration and/or communication with the Aggregator’s employees.

5.ACCESS TO PERSONAL AND STATISTICAL DATA

5.1. Only authorized employees of the Service to have access to Personal and Statistical Data according to their level of access.

5.2. Each employee who has access to Personal and Statistical Data enters into a non-disclosure agreement.

5.3. The Service monitors the actions of employees who have access to the Client’s Personal and Statistical data and guarantees non-disclosure of Personal data and confidential information by such employees.

6.STORAGE AND PROTECTION OF PERSONAL DATA

6.1. The Service uses all necessary security and protection measures for Personal Data to ensure their confidentiality and prevent loss or improper disclosure.

6.2. The Service protects and stores Personal Data from:

6.2.1. losses;

6.2.2. unlawful use, transfer, disclosure, modification, deletion and/or destruction.

6.3. The Service may use the following methods to protect Personal Data in accordance with Article 32 GDPR or similar principles of the relevant jurisdiction:

6.3.1. pseudonymization and encryption of Personal Data;

6.3.2. ability to ensure permanent confidentiality, integrity, availability and fault tolerance of personal data processing systems;

6.3.3. regular testing, evaluation and measurement of the effectiveness of technical and organizational measures to ensure the security of Personal Data processing.

6.4. The Service may delete Personal or Statistical Data of the Client/Consumer upon receipt of a written request from the Client and upon the termination of the relationship. By deletion, we mean the deletion of all Personal or Statistical Data from servers and/or from written media.

6.5. The Service has the right to store the Client’s Personal and Statistical Data for 2 (two) years after the termination of the relationship with the Client in the following cases:

6.5.1. for keeping statistical records;

6.5.2. if current legislation requires their storage;

6.5.3. for communication with the Client/Consumer;

6.5.4. if they are needed for business.

6.6. The Service does not store Personal Data when the Client requests the deletion of Personal Data on his behalf in accordance with the right to deletion, as provided for in Article 17 “Right to Erasure” of the    GDPR or the corresponding provision of another jurisdiction.

6.7.  The Service does not transfer, disclose, or process Personal Data after the termination of the relationship with the Client, but only stores it.

7. GROUNDS FOR PERSONAL DATA PROCESSING

7.1. The Service processes Personal and Statistical Data based on the following legal grounds:

7.1.1. Client’s consent;

7.1.2.receiving a consultation;

7.1.3.Integration;

7.1.4. payment of Services.

7.2. In cases where the basis for the processing of Personal Data is Your Consent, you have the right to withdraw it at any time. In case of withdrawal of Your Consent, the Service has the right to stop providing the Services and terminate all relations with You. In case of withdrawal of Consent, your personal data will be deleted forever.

7.3. The Service undertakes to stop the processing of Personal and Statistical Data within 10 (ten) business days from the moment of receiving the withdrawal of the Consent.

8. CLIENT CONSENT

8.1. The following actions of the Client are considered to be consent to the terms of this Privacy Policy:

8.1.1. Integration of the Service;

8.1.2. receiving Services.

8.2. The Service reserves the right to obtain the Client’s Consent using a Pop-up form. The pop-up form can contain a consent form in the form of a checkbox.

8.3. The Client may at any time withdraw the Consent to the processing of Personal and Statistical data, in which case the Service will terminate all relations with the Client, including the termination of the provision of Services, and his data will be deleted forever.

9. JURISDICTION OF THE EUROPEAN UNION AND THE EUROPEAN ECONOMIC AREA

9.1. The terms of this section apply to residents of the European Union and the European Economic Area. In accordance with the terms of this clause, the Client has the following rights:

9.1.1. Right of access. A Client/Consumer may contact us directly to request access to the Personal Data we hold about him or her, as well as any information, in accordance with Article 15 of the General Data Protection Regulation.

9.1.2.  Right of deletion. The Client/Consumer has the right to delete his Personal Data in accordance with Article 17 of the General Data Protection Regulation. Personal data in this case will be deleted forever.

9.1.3. Right to data portability. We may send Personal Data of the Client/Consumer to third parties at the request of the Client/Consumer in accordance with Article 20 of the General Data Protection Regulation.

9.1.4. Right to rectification. The Client/Consumer has access to personal data that must be updated, corrected, and supplemented at any time. The Client/Consumer can also contact the Service to correct or change, in accordance with Article 16 of the General Data Protection Regulation.

9.1.6. Right to object. The Client/Consumer has the right to object at any time to the processing of his Personal Data, in accordance with Article 21 of the General Data Protection Regulation.

9.1.6. Automated decision-making in individual cases, including profiling. The Client/Consumer has the right not to be subject to a decision based solely on the automated processing of his Personal Data, including profiling, which causes him legal consequences or similarly significantly affects him, in accordance with Article 22 of the General Data Protection Regulation.

10.JURISDICTION OF UKRAINE

10.1. In the case of processing Personal Data of residents of Ukraine, their Personal Data are processed in accordance with the Law of Ukraine “On the Protection of Personal Data”.

10.2. The Client/Consumer has the right to:

10.2.1. know about the sources of collection, location of Personal Data, purposes of their processing and location;

10.2.2. receive information about the conditions for providing access to Personal data, in particular information about Third parties to whom they are transferred;

10.2.3. to access personal data;

10.2.4. to receive no later than thirty calendar days from the date of receipt of the request, except in cases provided by law, an answer on whether Personal Data is being processed, as well as to receive the content of such Personal Data;

10.2.5. send a reasoned request to object to the processing of Personal Data;

10.2.6. send a motivated request to change or delete personal data;

10.2.7. to protect Personal Data from illegal processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision, as well as protection from providing information that is unreliable or disgraces the honor, dignity and business reputation of the Client/Consumer;

10.2.8. appeal to the court with complaints about the processing of Personal Data;

10.2.9. apply legal remedies in case of violation of the legislation on the protection of Personal Data;

10.2.10. enter reservations regarding the limitation of the right to process Personal Data when providing Consent;

10.2.11. withdraw consent to the processing of personal data;

10.2.12. know the mechanism of automatic processing of personal data;

10.2.13. to protect against an automated decision that has legal consequences for him.

11. JURISDICTION OF THE REPUBLIC OF KAZAKHSTAN

11.1. In the case of processing Personal Data of residents of the Republic of Kazakhstan, their Personal Data is processed in accordance with the Law of the Republic of Kazakhstan “On Personal Data and Its Protection”.

11.2. In accordance with Article 24 “Rights and obligations of the subject” of the Law of the Republic “On personal data and their protection”, the Service provides the following rights to residents of the Republic of Kazakhstan:

11.2.1. know about the availability of the Service, as well as the Third Party, of your Personal Data, as well as receive information that contains:

11.2.2. confirmation of the fact, purpose, sources, methods of collection and processing of Personal Data;

11.2.3. list of Personal Data;

11.2.4. terms of processing of Personal data, including terms of their storage.

11.2.5. request from the Service changes and additions to your Personal Data if there are grounds confirmed by relevant documents;

11.2.6. require the Service, as well as the Third Party, to block their Personal Data in the event of information about violations of the terms of Personal Data collection;

11.2.7. demand from the Service, as well as the Third Party, the destruction of their Personal Data, the collection and processing of which was carried out in violation of the legislation of the Republic of Kazakhstan, as well as in other cases established by this law and other normative legal acts of the Republic of Kazakhstan;

11.2.8. withdraw consent to the collection, processing, distribution in publicly available sources, transfer to Third parties and cross-border transfer of personal data;

11.2.9. give consent (refuse) to the Service to distribute your personal data in publicly available sources of personal data;

11.2.10. to protect their rights and legitimate interests, including compensation for moral and material damage.

12. JURISDICTION OF GEORGIA

12.1. In the case of processing Personal Data of residents of Georgia, their Personal Data is processed in accordance with the Law of Georgia “On Protection of Personal Data”

12.2. In accordance with Article 15 of the Law of Georgia “On Protection of Personal Data”, the Service can provide the following information to the Client or Consumer:

12.2.1. the identity and registered address of the person processing the information and the authorized person (if any);

12.2.2. purpose of data processing;

12.2.3. whether the provision of data is mandatory or voluntary, if the legal consequences of refusing it are mandatory;

12.2.4. the right of the Client/Consumer to receive information about the processed data about him, to request their correction, update, addition, blocking, deletion or destruction.

12.2.5. The Client/Consumer has the right to receive from the Service, information about the processing of data about himself, and the Service must provide the following information:

12.2.6. what data about him is processed;

12.2.7. purposes of data processing;

12.2.8. legal basis for data processing;

12.2.9. how the data was collected;

12.2.10. to whom the data were issued, the grounds and purposes of their issuance.

12.3.  At the request of the Client/Consumer, the Service may take the following actions: correct, update, supplement, block, delete or destroy Personal and Statistical Data if they are incomplete, inaccurate, not updated or collected and processed illegally.

13. SUBMISSION OF REQUEST

13.1. The Client/Consumer of any jurisdiction has the right to submit a request to the Service if he believes that his rights have been violated by sending a request in writing to the support of the Service at the address: serg.chaika@getorder.biz 

13.2. The Client/Consumer’s request must contain accurate information about the requirements for the Service. If exact requirements are not specified in the request, the Service has the right to refuse to fulfill the request.

13.3. We will not be able to respond to your request or provide you with Personal and Statistical Data unless we can verify your identity and confirm that the Personal and Statistical Data belong to you. In case of receiving a request with inaccurate information and/or in case of inability to confirm the identity of the Client/Consumer, the Service has the right not to process the received request and contact the Client/Consumer for clarification. In case of receiving a response to the request for clarifications, the Client/Consumer is obliged to submit a new corrected request or submit a new request.

13.4. The Service must respond to the request or fulfill the conditions set forth in the request within 21 (twenty one) business days from the moment of its receipt.

14. RESPONSIBILITY

14.1. The Service informs the Client that his Personal and Statistical data may be used for the purpose of providing the Services, and in case of disagreement, the Client should leave the Service and not use the Services.

14.2. If the Client provides unreliable Personal and Statistical data, he is solely responsible for the result of such provision, including the impossibility of receiving Services.

14.3. The Service is not responsible for:

14.3.1. loss of Personal and Statistical Data in the event of a hacker attack, hacking of the Service website software, illegal actions of Third Parties, illegal actions of the Client and actions;

14.3.2. provision by the Client of inaccurate information and Personal Data;

14.3.3. provision by the Client of incorrect data regarding his company and locations.

14.4. Unfortunately, the transmission of information using the Internet cannot be completely secure. Although we make every effort to protect your Personal and Statistical Data, we cannot guarantee the secure process of transferring your Personal and Statistical Data to our site. In this regard, you are solely responsible for possible failures when transferring your Personal and Statistical data to the Service. After receiving your Personal and Statistical Data, we undertake to implement the necessary technical and security measures to prevent unauthorized access to your Personal and Statistical Data.

14.5. The Client is responsible for timely notification and obtaining the Consumer’s consent that his Personal and Statistical Data may be transferred to the Service when the Consumer orders the Client’s products using the Aggregator. In the event of a complaint from the Consumer, the Client undertakes to independently resolve the situation that arose as a result of the Consumer’s complaint and compensate the Consumer for all losses, and the Service is not obliged to respond to the Consumer’s complaints and/or compensate for losses.

15. COOKIE

15.1. The Service purposefully does not use Cookies, but when you use the Service, we may use Cookies to improve the functionality of the Service site.

15.2. You can prevent cookies from being placed by viewing files in incognito mode, as well as blocking or deleting cookies in your browser settings. However, we would like to warn you that this may affect your use of the GetOrder Services.

15.3. The Service uses Cookies for the following purposes:

15.3.1. storage of the Client’s personal preferences and settings;

15.3.2. tracking of the Client’s access session;

15.3.3. storage of statistical information about the Client.

15.3.4. The Service may use the following web analytics services:

15.3.5. Facebook;

15.3.6. Google Analytics.

16. ADULTS POLICY

16.1. The Service does not process Personal and Statistical Data of minors.

16.2. If you are under the age of majority, you are not entitled to use the Services of the Service.

16.3. GetOrder has the right to delete Personal and Statistical Data of a minor acting on behalf of the Client, without warning and any consequences for the Service, and to stop providing Services to the Client.

17. PRIVACY POLICY CHANGE

17.1. The Service has the right to change the provisions of the Privacy Policy to ensure the preservation of Personal and Statistical data and in the event of a change in the legislation regulating the processing of Personal data.

17.2. The Service notifies Clients about changes to the Privacy Policy by posting news on the site. GetOrder updates the date of changes to the current version of the Privacy Policy in the “Last updated” line.

17.3. The Client is obliged to familiarize himself with the new terms of the Privacy Policy, and the Service is not responsible if the Client has not familiarized himself with the new terms of the Privacy Policy.

17.4. Electronic or otherwise stored copies of the Privacy Policy are deemed to be true, complete, valid, and enforceable versions of this Privacy Policy in effect at the time you visit the Service site.

18. CONTACTS

18.1. The Client has the right to contact the Service support at the address: serg.chaika@getorder.biz  to ensure his rights, in accordance with the terms of this Privacy Policy, or in case of violation of his rights, or to leave feedback or ask questions.

Dark

Light

Dark

Light