Last updated: November 5, 2018
Description of Users and Acceptance of Terms
The Information We Collect and/or Receive
When you sign up to become a Subscriber, contact us via the Contact Us page, or sign up to receive our newsletter, you will be asked to provide certain information about yourself which may include, your name, your business name, e-mail address and phone number (collectively, “Contact Information”). The Contact Information is used to provide the requested Services, and to contact Subscribers and Visitors for purposes of direct marketing of our current and future products and services. We store our contact information within our customer relationship management (CRM) system to help our sales and customer support team manage our relationships with current or prospective customers.
In order to purchase a Subscription to our Platform, you will need to provide certain information in addition to the Contact Information. Such information may include a credit card number, expiration date, billing address and zip code, activation code, and similar information (collectively, the “Billing Information”). Such Billing Information will be collected and processed by our third party payment processor and we do not obtain access to or process any Billing Information.
When Restaurant Guests place an Order through the Platform, we will also collect and/or receive certain information, including but not limited to, Guest name, the products and services the Guests are seeking to purchase, and their name, billing address and total transaction amount (collectively, the “Order Information”). We shall use and share the Guest Order Information with the applicable Subscriber as reasonably necessary to provide our Platform. All actual payment information provided by Guests will be collected and processed by our third party payment processor and we do not obtain access to or process any such information
In using the Platform, Subscribers grant us permission to access Subscriber Data. We use the Subscriber Data in accordance with the terms and conditions of the Subscription Agreement.
In addition to the Contact Information, Subscriber Data, and Order Information, we may collect additional information (collectively, the “Other Information”). Such Other Information may include:
- From Your Activity In an ongoing effort to improve the Website and the Platform, we automatically collect certain information when Visitors visit the Website, when Subscribers use the Platform, and when Restaurant Guests access and use the Restaurant Website(s). Such information includes, without limitation, IP addresses, browser type and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Website Visitors visit, and similar information concerning your use of the Platform.
- From Cookies We collect information using “cookie” technology. Cookies are small packets of data that a website stores on your computer’s or mobile device’s hard drive so that your computer will “remember” information about your visit. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to help us collect Other Information and to enhance your experience using the Website and the Platform. If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, some features of the Website and the Platform may not function properly.
Below is a list of analytics providers that we use; however, such list may be subject to change based on how we wish to understand the user experience. You may use the accompanying links to learn more about such providers and, if available, how to opt-out from their analytics collection.
For Google Analytics, please visit https://www.google.com/analytics
For MixPanel, please visit https://mixpanel.com/
For Segment, please visit https://segment.com
For Sentry, please visit https://sentry.io/privacy/
Information Collected by or Through Third-Party Advertisers/Remarketers
Below is a list of advertising/remarketing providers that we use; however, such list may be subject to change based on the campaigns that we run. You may use the accompanying links to learn more about such providers and, if available, how to opt-out from their targeted ads or other personalization features. Please note you will not necessarily be opted-out of advertising or content generally; you may still receive generic ads or content.
For Google AdWords, you can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin.
For Facebook/Instagram, please visit: http://facebook.com/about/privacy/update.
How We Share Your Information
Onward Transfers to Third Parties
In an ongoing effort to better understand our Visitors, and Subscribers, we may analyze your information in anonymized and aggregate form in order to operate, maintain, manage, and improve the Website and the Platform and for our own research purposes. This aggregate information does not identify you personally. We may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our products and services to current and prospective business partners and to other third parties for other lawful purposes.
We may disclose your information if required to do so by law, or in the good faith belief that such action or disclosure is necessary or appropriate to: (i) operate the Platform, (ii) comply with any legal obligation, report unlawful activity, cooperate with law enforcement or public authorities (including for the purpose of meeting national security or law enforcement requirements), (iii) protect against legal liability, (iv) protect and defend our rights, property, personnel, suppliers, sponsors, agents or licensors, (v) protect the personal safety of vendors, users of the Platform or the public, or (vi) comply when compelled to disclose personal information to other third parties by government authorities or as required by law or regulation, including, but not limited to, in response to court orders and subpoenas.
With your permission, third-party applications or services may access your personal information. We use standard OAuth (open authorization) to enable you to update and manage public content on third-party websites, such as Facebook or Twitter, and integrate with other third-party service providers (e.g., payment processors, analytics providers, marketing automation) from within the Platform. For the sole purpose of enabling such features via OAuth, BentoBox must request certain access permissions to your account(s) on such third-party websites.
Anyone who has signed up to use the Platform may access, remove, review, and/or make changes to the same by following the instructions found on the Platform. In addition, you may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any BentoBox marketing e-mail. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases. Subscribers cannot opt out of receiving transactional e-mails related to their account with BentoBox. Retention of personal information
How We Protect Your Information
Important Notice to All Non-US Residents
Our Website, Platform, and their servers are located in the US. If you are located outside of the US, please be aware that any information provided to us, including personal information, will be transferred from your country of origin to the US. Except in the case of data transfers under the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our Website and/or the Platform constitutes your consent to this data transfer.
Important Notice for Individuals of the European Economic Area and Switzerland
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, BentoBox is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should contact us at email@example.com, with the subject line, “Privacy Shield.” We may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.
We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent. You may grant such consent by contacting us at firstname.lastname@example.org, with the subject line, “Privacy Shield”. In each instance, please allow us a reasonable time to process your response.
We will provide an individual opt-out choice, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com, with the subject line, “Privacy Shield”.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
BentoBox’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, BentoBox remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless BentoBox proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, BentoBox commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact BentoBox at firstname.lastname@example.org with the subject line, “Privacy Shield”.
BentoBox has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Under California Civil Code Section 1798.83, California residents who have an established business relationship with BentoBox may choose to opt out of our sharing their personal information with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your personal information to third parties for the direct marketing purposes, please send an e-mail to email@example.com.
In addition, BentoBox does not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals.
How to Contact Us
Thanks for subscribing!
Please check errors in the form above