Ordr Privacy Notice
We are committed to your right to privacy, and we will only use your data as set out in this Privacy Notice. This Privacy Notice explains how we process your personal data for the purpose of facilitating your orders of food and beverages from restaurants, bars, hotels and similar using our web- or app- based service (the "Service"), and for other purposes as set out in this Privacy Notice. Please read this information carefully.

When you use our Service, the controller is the local Ordr entity who facilitates the order/purchase. These are: in Norway and all other locations besides the following, Ordr AS (enterprise number 922255709); in Sweden: Ordr Sweden AB (enterprise number: 559276-3246), in Denmark: Ordr Denmark ApS (enterprise number: 42044830); and in the UK: Restaurant Revolution Group UK Ltd. (enterprise number: 13265526), (jointly referred to as "Ordr", "we", "us").
What data do we have about you
When you use our Service, you may typically provide us, or we may typically collect, the following data:

Contact data, including name, phone number, and email address.

Order data, including account login, items purchased, payable amount, delivery method, and confirmation of payment. Please note that we do not store any financial data, such as credit card details.

Location data, i.e. your location when you are using the Service (if you actively allow us to do so).

Technical data, including device type, web browser, and IP address
When you act as contact of a Merchant (as defined in our Terms of Use), we may also process the following data:

Communication data, such as email, phone and chat communication exchanged between us.

Marketing data, such as marketing preferences, marketing interactions and surveys responses.

We also collect cookie data when you use our app or visit our website. Please refer to the Cookie Policy for more information.
Why do we have data about you
Marketing
If you are a current user of our Services, or if you are one of our customers, we may send you marketing, unless you have unsubscribed (opted-out). If you are not a current user of our Services, or if you are not one of our customers, we may send you marketing if you have given us your explicit consent (opted-in). Our marketing is typically commuicated by means of email or sms. We will always enable you to unsubscribe.

We may also display marketing messages to you on other websites and online platforms, such as social media. Please refer to our Cookie Policy available on our website for more information. Note that we may use your contact data in a hashed and anonymized way to generate similar targets ("lookalike audiences") for display or marketing messages to such audience.
Social Media
We have pages on social media, where we provide information about our Service and interact with users and merchants. On such social media pages, we may receive anonymized insight, such as statistics about age, sex and location of our users. We may also receive information that you decide to share with us, such as chat, comments and likes.

Your experience on the social media pages will be governed by the privacy and other policies of those sites. The privacy settings you have chosen on those sites will determine the degree to which your information is made public. We encourage you to choose your privacy settings on those sites accordingly. As we are joint controllers with the social media for your communication with us on our social media page, and for aggregated insight that we get from your use of our pages, you may also contact us if you would like to have more information, or if you want to exercise your privacy rights. However, please note that we may not be able to respond to all request, and that we may have to refer you to the social media for further information.

As the social media providers may be established anywhere in the world, the personal data may be transferred globally. If data originating from the EEA is transferred to countries outside the EEA, we will adopt appropriate safeguards to protect the privacy such as by means of standard agreements and additional safety measures. You may receive a copy of the relevant parts of the agreements by contacting us.
How long do we store data about you
We will store your personal data for as long as necessary to fulfil the purposes described in this Privacy Notice. These are the criteria that we use to determine when we will delete your data:

  • Contact data is deleted one year after you used our Services, or 5 years after the customer relationship ended if you are a contact person at a Merchant. If we only have contact data based on your consent to receive marketing, not because you are or have been a user of our app, we delete such data within a short period after you have withdrawn your consent
  • Order data is deleted after 5 years.
  • Technical data is deleted after 26 months. IP-addresses are not stored, but may be included in backups which is deleted after 2 weeks.
  • Location data is anonymized immediately.
  • Data processed to support authorities track spread of Covid-19 is deleted after 10 days.
Note that we may choose to anonymize the data rather than to delete them, so that we may continue using the data for analytics, product development and statistics.
How we share data about you
We do not sell your data to any third party. We only share or give access to your personal data to third parties on a need-to-know basis, including as follows.

  • to merchants to facilitate orders that you make
  • to payment providers to facilitate orders that you make
  • to our suppliers, with whom we have data processing agreements to ensure the privacy of such data
  • to authorities or other third parties if required to fulfil a legal obligation or you have given your consent to do so
  • to companies or advisors in the event of a potential acquisition, merger or demerger of our company
We may transfer personal data to countries outside of the EEA. To ensure that your personal data is adequately protected, we have adopted appropriate safeguards such as the standard contractual clauses and additional safety measures.
Your privacy rights
Within the conditions/limitations set out in applicable law, you have the following privacy rights:

Right to information. You have the right to obtain further information on our use of your personal data.

Right of access. You have the right to receive a copy of your personal data.

Right to rectification. You have the right to ask us to correct your personal data if it is incorrect or incomplete, such as by changing your details on your account.

Right to be forgotten. You have the right to request the erasure of your data if we do no longer need them.

Right to restrict processing of personal data. You have the right to request that we suspend our processing of your personal data.

Right to data portability. You have the right to obtain personal data that you have provided to us in a format that enables you to transfer that personal data to another organization. You may also have the right to have your personal data transferred directly from us to such organization.

Right to object to processing of personal data. You have the right to object to our use of your personal data, such as to unsubscribe to marketing emails.

Right to prevent automated decision-making. You have the right not to be subject to automated decision making (such as automated credit scoring).

Right to withdraw consent. If you have given your consent to our processing of personal data, you are free to withdraw the consent at any time.

If you think that we have processed your personal data in a manner that is not in accordance with data protection law, we hope that you contact us, so that we can provide answers and correct any misunderstandings. You have the right to make a complaint to the relevant data protection authority.
Safeguarding your data
We have reasonable and appropriate physical, electronic, and administrative measures in place to safeguard the security of your personal information.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites. Any transmission is at your own risk. When you communicate with customer service via email, these communications may not be encrypted. For that reason, we ask that you do not share sensitive information via these communication channels.
Contact
If you have any comments or queries in connection with our Privacy Notice or wish to exercise any of your privacy rights, please email support@ordr.no.
Changes to privacy notice
This Privacy Notice was last updated on 31.05.2021

This Privacy Notice may change from time to time. You will always find the latest version of this Privacy Notice on our website.

Made on
Tilda