Introduction
In order to face the technological evolution, it is necessary to pay attention to the privacy protection. Wedely S.à. r.l (from now on 'Wedely') undertakes to comply with the new general European personal data protection regulation (GDPR) that came in force since May 25, 2018. The personal data collected by Wedely are fully subject to this new regulation.

INDEX
1. PERSONAL INFORMATION COLLECTION
2. DATA PROCESSING PURPOSE
- INFORMATION THAT YOU PROVIDE VOLUNTARILY
. Registration information
. Transaction information
. Feedback and reviews
- INFORMATION THAT WE COLLECT AUTOMATICALLY
. Activity Information
. Cookies and similar technologies
. Mobile advertising identifiers
- INFORMATION THAT WE OBTAIN FROM THIRD PARTY SOURCES
. Analytics reports and market research surveys
3. LEGAL BASIS
4. FORMS AND INTERACTION
- LINKS TO THIRD-PARTY SITES
5. LOG FILES AND COOKIES
6. THIRD PARTIES
7. STORAGE DURATION
8. RIGHT OF OBJECTION, WITHDRAWAL AND TRANSFER
9. RIGHT OF ACCESS AND RECTIFICATION
10. RIGHT TO LIMIT THE PROCESSING
11. RIGHTS REQUEST EXECUTION
12. SECURITY


1. Personal information collection
In general, your personal data are not automatically saved when you browse the website Wedely.com nevertheless, during your visit, a banner appears at the bottom of the screen informing you of the use of cookies when browsing the site. These cookies do not collect any personal data, it simply allows a better browsing experience. It's up to you to make a choice between accepting or refusing the deposit of cookies according to the purpose pursued by each category of cookies.

In some cases, especially when you want to leave a message on the website, you will be asked to provide your name(s), first name(s) and e-mail address (hereinafter your 'Personal Data'). By providing this information, you expressly agree that your data will be processed by Wedely for the purposes indicated in the section 2 below. If there are other purposes than those indicated in point 2, they will be communicated at the end of each form.


2. Data processing purpose
Wedely may process your Personal Data for the following purposes:
(a) providing you with the information or services you have requested (including sending a commercial offer, notifications or a response to a contact request);
(b) sending the Newsletter;
(c) collecting the information enabling us to improve our site, our products and services (in particular by means of cookies);
(d) contacting you about various Wedely events, including product and service updates and customer support;
(e) Registration information: When you create a WeDely account, sign-up or fill in forms on the Services, we collect information about you including your name, address, telephone number, email address and the password you create (encrypted);
(f) Transaction information: Payment operations are outsourced to our payment processors and we do not store your credit card information in our systems. We also collect delivery details (e.g. your physical address) to fulfil each Order;
(g) Feedback: When you post messages and reviews of the Services or you contact us, for example with a question, problem or comment, we collect information about you including your name and the content of your query. If you contact our customer support teams we will record and keep a record of your conversation for quality and training purposes and to aid in the resolution of your queries;



Information that you provide voluntarily
Registration information
The registration information you provide when you create a WeDely account allows us to give you access to the Services and to supply them to you under our Terms. We also use this information to authenticate your access to the Services, to contact you for your views and to notify you of important changes or updates to our Services.

Transaction information
Your transaction information (such as the food items you add to your basket) allow us to process your Order and send you an accurate bill. It also helps us and any Restaurant you order with contact you where necessary. WeDely may contact you by email, phone or SMS to give you status updates or other information or to resolve problems with your account or Order. A Restaurant may contact you by phone or SMS to provide you with status updates or other information regarding your Order. Where you pay for your Order with a mobile payment or digital wallet service provider we will send you transaction information via confirmation emails or SMS to the email address or phone number registered with that service provider (since this is required by those providers).
Some Restaurants on our platform use our third party delivery companies; these companies may use your information to provide you with status updates on the delivery of your Order. We will also analyse information on completed transactions and successfully delivered Orders on the basis of data matching or statistical analysis so that we can administer, support, improve and develop our business and Services. Our analyses also help us detect and prevent fraud or other illegal activities or acts prohibited by our Terms or any policies applicable to the Services.

Feedback and reviews
If you give us feedback we will use it to reply to your questions or queries, to provide customer support and resolve any problems with your Orders or with the Services. We will publish reviews that you send to us about the Restaurants on our platform and our Services in general and we also analyse your feedback to improve and develop our Services and in order to enhance your experience.


Information that we collect automatically
When you access our Services, we may collect certain information automatically from your device such as your IP address, MAC address or device ID. In some countries, including in Europe, this information may be considered personal information under applicable data protection laws.

Activity Information
We analyse your buying habits and how you interact with our Services so that we can suggest food options from new restaurants we think you would like to try. We enable you to access your Order history so that you can easily reorder with your favourite Restaurants. We may also collect information about your interaction with our emails and other forms of communication.

Cookies and similar technologies
Like many websites and online services we use cookies and other technologies to maintain a record of your interaction with our Services. Cookies also help us to manage a range of features and content as well as to store searches and re-present your information at the point of Order. For further information about the types of cookies and similar technologies we use, why, and how you can control such technologies, please see our Cookie Policy.

Mobile Device Advertising Identifiers
When you use our mobile application, we collect platform-specific advertising identifiers: IDFA (Identifier for Advertisers) on iOS devices and AAID (Android Advertising ID) on Android devices. These identifiers are anonymous and are used to optimize and analyze advertising campaigns. Users can reset or disable these identifiers at any time from their device settings.


Information that we obtain from third party sources
Analytics reports and market research surveys
We analyse information we collect from our third-party service providers (such as Google, Facebook and other affiliates) to understand how you engage with our Services and advertisements (e.g. whether you have clicked on one of our advertisements). This helps us to understand your preferences and recommend you Services which are tailored to your interests.


3. Legal Basis
For the purposes explained on (2) :
(a) Pre-contractual relationship or legitimate interest
(b) Consent
(c) Legitimate interest
(d) Consent
(e) Contractual obligation
(f) Contractual obligation
(g) Legitimate interest


4. Forms and interaction
Your personal information is collected through our contact form or newsletter application form.
We use the collected information for the following purposes:

When you access our Services, we may collect certain information automatically from your device. In some countries, including countries in Europe, this information may be considered personal information under applicable data protection laws. For instance:

  • Monitoring your request for information
  • Providing you with information you requested
  • Collecting statistical data related to the use of the website
  • Contacting you in case we need more information about your request

  • Activity information: We collect information about your usage of the Services and information about you from the orders
  • Cookies and similar technologies: We use cookies and similar tracking technology to collect and use personal information about you (e.g. your Internet Protocol (IP) address, your device ID, your browser type and when, how often and how long you interact with the Services), including to facilitate interest-based advertising.


Links to third-party sites
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates or to any number of websites that may offer useful information to our visitors. We provide these links to you only as a convenience and the inclusion of any link does not imply endorsement of the relevant website by WeDely. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies or those linked websites. Please check these policies before you submit any personal information to such websites.


5. Log files and cookies
We collect certain information through log files and cookies. This is mainly the following information:

  • IP address
  • Operating system
  • Visited pages and queries
  • Day and time of connection

The use of such files allows us to:

  • To improve the service and offer a personalized welcome
  • To collect the statistical data


6. Third parties
Your personal data will be sent to some third parties, the restaurant where you buy the food will see only details of order and number of order. The restaurant will not receive your name or your address.
The Driver will have access to your name, address, phone number and details of your order.
Your data can be stored, but encrypted, on our cloud servers.
Some data like your IP address may be collected for statistics and commercial (advertising) purposes by our partners such as Google or Meta (Facebook) who are both located outside the EU/EEA. When your Personal Data is transferred (including in the case of remote access) to a country outside the EU/EEA that is not subject to an adequacy decision, appropriate safeguards in accordance with Chapter V of the GDPR are put in place, such as standard contractual clauses adopted and approved by the European Commission.


7. Storage duration
Your Personal Data is stored only for as long as is necessary for the purpose for which we obtained them. The retention period will depend upon several factors, such as the duration of the contract concluded with you, fraud prevention reasons or legal requirements imposed on us.

The log files collected during interactions with the Wedely App, or the website are destroyed after 12 months.

The Personal Data we collect through the contact forms available on our website will not be kept for more than 3 years from the last contact with Wedely.

Whenever we process your Personal Data on the basis of your consent, you have the right to unsubscribe to our newsletter and to withdraw your consent to marketing at any time by contacting us as indicated below or by clicking the unsubscribe link in the email communication we send you (e.g., Wedely events, service and product updates, etc.). Please, note that the withdrawal of your consent does not affect the lawfulness of the Personal Data processing based on consent prior to its withdrawal.

Upon expiry of the applicable retention period, we will securely destroy your Personal Data in accordance with applicable laws and regulations.


8. Right of objection, withdrawal and transfer
You have a right of objection, deletion of your Personal Data and withdrawal of your consent. You can also request a transfer of your Personal Data.

The right of objection is the possibility offered to the Internet users to refuse that their personal information is used for certain purposes mentioned during the collection. You can express the objection to the processing of your personal information if we have a legitimate interest (or the interest of a third party) in doing so and there is a valid reason to object the data processing. You also have the right to object if we process your personal information for direct marketing purposes.

The right of withdrawal is the possibility offered to users to request the deletion of their personal information. You also can request to delete or remove your personal information when you have expressed your right to object the processing of your data (see above).

When you provide your explicit consent to authorize the collection, processing and transfer of your personal information for a particular purpose, you have the right to withdraw your consent for this data processing at any time. Once we receive the notice of withdrawal of your consent, we will no longer process your information for the purpose (s) for which you gave your consent, unless we have a legitimate reason to do so.

You can request the transfer of your personal information on your behalf or on behalf of another controller in an electronic and structured format (right to data portability). This allows you to retrieve and transfer your data in an electronically usable format.


9. Right of access and rectification
You may request access to your personal information (commonly called 'request for access to his personal data'). This request allows you to receive a copy of your personal information and to verify that we are legally processing this data.

You can also request information about whether we have personal information about you and, if so, what information is available and why we keep it / use it.

Additionally, you can request the correction of the personal information we have about you. This allows you to rectify any incomplete or inaccurate information we have about you.


10. Right to limit the processing
You may request the limitation of the processing of your personal information. This allows you to suspend the processing of your personal information, for example if you want to establish the accuracy or the reason of the data processing.


11. Rights request execution
To request your rights execution, you can contact us via the following email address privacy@wedely.com. Your request will be processed within one month starting from the moment of your identity confirmation. You will not have to pay any fees to access your personal information (or execute any other of your rights). However, we may charge you a reasonable fee if your access request is manifestly unfounded or improper. We may also refuse to process your request for the same reason.

We may request you the information to help us confirm your identity and to ensure that you respect your right to access this information (or for the execution of any other of your rights). This is a security measure to ensure the non-disclosure of your personal information to an unauthorized person. You are allowed to file a complaint with the National Commission for Data Protection ('CNPD') if you feel that your rights are not respected.


12. Security
The personal information we collect is kept in a secure environment. Our employees are required to respect the confidentiality of your information. To ensure the security of your personal information, we use the following measures:

  • SSL Protocol (Secure Sockets Layer)
  • Access management - authorized person
  • Backups
  • Firewalls
We are committed to maintaining a high degree of privacy by incorporating the latest technological innovations to ensure the confidentiality of your data. However, since no mechanism offers maximum security, there is always a risk involved when using the Internet to transfer the personal information.


13. Updates to our Privacy Policy
We keep this Policy under regular review and we may change, modify, add, or remove portions from this Privacy Policy at any time. We will post any modifications or changes to the Policy on our website prior to such changes taking effect.

Last update: February 28, 2023